Total
266775 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-1999-1384 | 1 Sgi | 1 Irix | 2024-02-28 | 7.2 HIGH | N/A |
Indigo Magic System Tour in the SGI system tour package (systour) for IRIX 5.x through 6.3 allows local users to gain root privileges via a Trojan horse .exitops program, which is called by the inst command that is executed by the RemoveSystemTour program. | |||||
CVE-2002-0261 | 1 Instantservers Inc. | 1 Miniportal | 2024-02-28 | 7.5 HIGH | N/A |
Directory traversal vulnerability in InstantServers MiniPortal 1.1.5 and earlier allows remote authenticated users to read arbitrary files via a ... (modified dot dot) in the GET command. | |||||
CVE-2000-0489 | 3 Freebsd, Netbsd, Openbsd | 3 Freebsd, Netbsd, Openbsd | 2024-02-28 | 2.1 LOW | N/A |
FreeBSD, NetBSD, and OpenBSD allow an attacker to cause a denial of service by creating a large number of socket pairs using the socketpair function, setting a large buffer size via setsockopt, then writing large buffers. | |||||
CVE-2004-2085 | 1 Brad Fears | 1 Phpcodecabinet | 2024-02-28 | 4.3 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in Brad Fears phpCodeCabinet 0.4 and earlier allow remote attackers to inject arbitrary web script or HTML via multiple parameters, including (1) the sid parameter to comments.php, (2) the cid, cf, or rfd parameters to category.php, or the cid parameter to (3) input.php, (4) browse.php, (5) themes/facade/header.php, or (6) themes/phpcc/header.php. | |||||
CVE-2004-1200 | 1 Mozilla | 1 Firefox | 2024-02-28 | 5.0 MEDIUM | N/A |
Firefox and Mozilla allow remote attackers to cause a denial of service (application crash from memory consumption), as demonstrated using Javascript code that continuously creates nested arrays and then sorts the newly created arrays. | |||||
CVE-2001-0946 | 1 Redhat | 1 Linux | 2024-02-28 | 3.6 LOW | N/A |
apmscript in Apmd in Red Hat 7.2 "Enigma" allows local users to create or change the modification dates of arbitrary files via a symlink attack on the LOW_POWER temporary file, which could be used to cause a denial of service, e.g. by creating /etc/nologin and disabling logins. | |||||
CVE-2004-1238 | 2024-02-28 | N/A | N/A | ||
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2004. Notes: none | |||||
CVE-1999-0334 | 1 Sun | 2 Solaris, Sunos | 2024-02-28 | 7.2 HIGH | N/A |
In Solaris 2.2 and 2.3, when fsck fails on startup, it allows a local user with physical access to obtain root access. | |||||
CVE-2000-0012 | 1 Hughes | 1 Msql | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflow in w3-msql CGI program in miniSQL package allows remote attackers to execute commands. | |||||
CVE-2000-0558 | 1 Hp | 1 Openview Network Node Manager | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflow in HP Openview Network Node Manager 6.1 allows remote attackers to execute arbitrary commands via the Alarm service (OVALARMSRV) on port 2345. | |||||
CVE-2000-0974 | 1 Gnu | 1 Privacy Guard | 2024-02-28 | 7.5 HIGH | N/A |
GnuPG (gpg) 1.0.3 does not properly check all signatures of a file containing multiple documents, which allows an attacker to modify contents of all documents but the first without detection. | |||||
CVE-2002-0771 | 1 Viewcvs | 1 Viewcvs | 2024-02-28 | 6.4 MEDIUM | N/A |
Cross-site scripting vulnerability in viewcvs.cgi for ViewCVS 0.9.2 allows remote attackers to inject script and steal cookies via the (1) cvsroot or (2) sortby parameters. | |||||
CVE-2000-0151 | 1 Gnu | 1 Make | 2024-02-28 | 6.2 MEDIUM | N/A |
GNU make follows symlinks when it reads a Makefile from stdin, which allows other local users to execute commands. | |||||
CVE-2000-0697 | 1 Sun | 1 Solaris Answerbook2 | 2024-02-28 | 10.0 HIGH | N/A |
The administration interface for the dwhttpd web server in Solaris AnswerBook2 allows interface users to remotely execute commands via shell metacharacters. | |||||
CVE-2002-1834 | 1 Xerox | 2 Docutech 6110, Docutech 6115 | 2024-02-28 | 6.4 MEDIUM | N/A |
The default configuration of Xerox DocuTech 6110 and DocuTech 6115 allows remote attackers to connect to the web server and (1) submit print jobs directly into the "print now" queue or (2) read the scanner job history. | |||||
CVE-1999-0889 | 1 Cisco | 1 675 Router | 2024-02-28 | 7.5 HIGH | N/A |
Cisco 675 routers running CBOS allow remote attackers to establish telnet sessions if an exec or superuser password has not been set. | |||||
CVE-1999-1032 | 1 Digital | 1 Ultrix | 2024-02-28 | 10.0 HIGH | N/A |
Vulnerability in LAT/Telnet Gateway (lattelnet) on Ultrix 4.1 and 4.2 allows attackers to gain root privileges. | |||||
CVE-2004-0796 | 1 Spamassassin | 1 Spamassassin | 2024-02-28 | 5.0 MEDIUM | N/A |
SpamAssassin 2.5x, and 2.6x before 2.64, allows remote attackers to cause a denial of service via certain malformed messages. | |||||
CVE-2000-0306 | 1 Sco | 1 Openserver | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflow in calserver in SCO OpenServer allows remote attackers to gain root access via a long message. | |||||
CVE-2002-0600 | 2 Kth, Luke Mewburn | 2 Kth Kerberos, Lukemftp | 2024-02-28 | 7.5 HIGH | N/A |
Heap overflow in the KTH Kerberos 4 FTP client 4-1.1.1 allows remote malicious servers to execute arbitrary code on the client via a long response to a passive (PASV) mode request. |