Total
266778 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-1393 | 1 Sun | 2 Solaris, Sunos | 2024-02-28 | 5.0 MEDIUM | N/A |
Unknown vulnerability in the tcsetattr function for Sun Solaris for SPARC 2.6, 7, and 8 allows local users to cause a denial of service (system hang). | |||||
CVE-2002-1973 | 2 Microsoft, Working Resources Inc. | 2 Foundation Class Library, Badblue | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in CHttpServer::OnParseError in the ISAPI extension (Isapi.cpp) when built using Microsoft Foundation Class (MFC) static libraries in Visual C++ 5.0, and 6.0 before SP3, as used in multiple products including BadBlue, allows remote attackers to cause a denial of service (access violation and crash) and possibly execute arbitrary code via a long query string that causes a parsing error. | |||||
CVE-2004-0003 | 1 Linux | 1 Linux Kernel | 2024-02-28 | 4.6 MEDIUM | N/A |
Unknown vulnerability in Linux kernel before 2.4.22 allows local users to gain privileges, related to "R128 DRI limits checking." | |||||
CVE-2000-0039 | 1 Altavista | 1 Search Intranet | 2024-02-28 | 5.0 MEDIUM | N/A |
AltaVista search engine allows remote attackers to read files above the document root via a .. (dot dot) in the query.cgi CGI program. | |||||
CVE-2003-0862 | 2024-02-28 | N/A | N/A | ||
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2003-0813. Reason: This candidate is a duplicate of CVE-2003-0813. Notes: All CVE users should reference CVE-2003-0813 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage | |||||
CVE-1999-1041 | 1 Sco | 2 Openserver, Unix | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in mscreen on SCO OpenServer 5.0 and SCO UNIX 3.2v4 allows a local user to gain root access via (1) a long TERM environmental variable and (2) a long entry in the .mscreenrc file. | |||||
CVE-2002-0420 | 1 Claymore Systems Inc | 1 Puretls | 2024-02-28 | 7.5 HIGH | N/A |
Vulnerability in PureTLS before 0.9b2 related to injection attacks, which could possibly allow remote attackers to corrupt or hijack user sessions. | |||||
CVE-1999-0678 | 2 Apache, Debian | 2 Http Server, Debian Linux | 2024-02-28 | 5.0 MEDIUM | N/A |
A default configuration of Apache on Debian GNU/Linux sets the ServerRoot to /usr/doc, which allows remote users to read documentation files for the entire server. | |||||
CVE-2003-1216 | 1 Phpbb Group | 1 Phpbb | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in search.php for phpBB 2.0.6 and earlier allows remote attackers to execute arbitrary SQL and gain privileges via the search_id parameter. | |||||
CVE-2000-0833 | 1 Jack De Winter | 1 Winsmtp | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflow in WinSMTP 1.06f and 2.X allows remote attackers to cause a denial of service via a long (1) USER or (2) HELO command. | |||||
CVE-2004-0158 | 1 Lgames | 1 Lbreakout2 | 2024-02-28 | 4.6 MEDIUM | N/A |
Buffer overflow in lbreakout2 allows local users to gain 'games' group privileges via a large HOME environment variable to (1) editor.c, (2) theme.c, (3) manager.c, (4) config.c, (5) game.c, (6) levels.c, or (7) main.c. | |||||
CVE-1999-1040 | 1 Sgi | 1 Irix | 2024-02-28 | 7.2 HIGH | N/A |
Vulnerabilities in (1) ipxchk and (2) ipxlink in NetWare Client 1.0 on IRIX 6.3 and 6.4 allows local users to gain root access via a modified IFS environmental variable. | |||||
CVE-2000-0437 | 1 Network Associates | 3 Gauntlet Firewall, Webshield, Webshield E-ppliance | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflow in the CyberPatrol daemon "cyberdaemon" used in gauntlet and WebShield allows remote attackers to cause a denial of service or execute arbitrary commands. | |||||
CVE-2002-1950 | 1 Phprank | 1 Phprank | 2024-02-28 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in phpRank 1.8 allows remote attackers to inject arbitrary web script or HTML via the (1) the email parameter of add.php or (2) the banner URL (banurl parameter) in the main list. | |||||
CVE-1999-1306 | 1 Cisco | 1 Ios | 2024-02-28 | 7.5 HIGH | N/A |
Cisco IOS 9.1 and earlier does not properly handle extended IP access lists when the IP route cache is enabled and the "established" keyword is set, which could allow attackers to bypass filters. | |||||
CVE-2000-0391 | 3 Cygnus, Mit, Redhat | 5 Cygnus Network Security, Kerbnet, Kerberos and 2 more | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflow in krshd in Kerberos 5 allows remote attackers to gain root privileges. | |||||
CVE-2001-0620 | 1 Iplanet | 1 Calendar Server | 2024-02-28 | 2.1 LOW | N/A |
iPlanet Calendar Server 5.0p2 and earlier allows a local attacker to gain access to the Netscape Admin Server (NAS) LDAP database and read arbitrary files by obtaining the cleartext administrator username and password from the configuration file, which has insecure permissions. | |||||
CVE-2002-1867 | 1 Bizdesign | 1 Imagefolio | 2024-02-28 | 7.5 HIGH | N/A |
The default configuration of BizDesign ImageFolio 2.23 through 2.26 does not control access to (1) admin/setup.cgi, which allows remote attackers to create an administrative account, or (2) admin/nph-build.cgi, which allows remote attackers to cause a denial of service (CPU consumption). | |||||
CVE-2004-1571 | 1 Aj-fork | 1 Aj-fork | 2024-02-28 | 5.0 MEDIUM | N/A |
AJ-Fork 167 allows remote attackers to gain sensitive information via a direct request to (1) auto-acronyms.php, (2) auto-archive.php, (3) ount-article-views.php, (4) kses.php, (5) custom-quick-tags.php, (6) disable-all-comments.php, (7) easy-date-format.php, (8) enable-disable-comments.php, (9) filter-by-author.php, (10) format-switcher.php, (11) long-to-short.php, (12) prospective-posting.php, or (13) sort-by-xfield.php, which displays the full path in an error message. | |||||
CVE-2003-1427 | 1 Netgear | 1 Fm114p | 2024-02-28 | 6.4 MEDIUM | N/A |
Directory traversal vulnerability in the web configuration interface in Netgear FM114P 1.4 allows remote attackers to read arbitrary files, such as the netgear.cfg configuration file, via a hex-encoded (%2e%2e%2f) ../ (dot dot slash) in the port parameter. |