Total
266768 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-0616 | 1 Bt | 1 Voyager 2000 Wireless Adsl Router | 2024-02-28 | 5.0 MEDIUM | N/A |
The BT Voyager 2000 Wireless ADSL Router has a default public SNMP community name, which allows remote attackers to obtain sensitive information such as the password, which is stored in plaintext. | |||||
CVE-2003-0794 | 1 Gnome | 1 Gdm | 2024-02-28 | 2.1 LOW | N/A |
GDM 2.4.4.x before 2.4.4.4, and 2.4.1.x before 2.4.1.7, does not limit the number or duration of commands and uses a blocking socket connection, which allows attackers to cause a denial of service (resource exhaustion) by sending commands and not reading the results. | |||||
CVE-2002-0212 | 1 Hosting Controller | 1 Hosting Controller | 2024-02-28 | 7.5 HIGH | N/A |
The login for Hosting Controller 1.1 through 1.4.1 returns different error messages when a valid or invalid user is provided, which allows remote attackers to determine the existence of valid usernames and makes it easier to conduct a brute force attack. | |||||
CVE-2004-1860 | 1 Xmb Forum | 1 Xmb | 2024-02-28 | 5.0 MEDIUM | N/A |
Buffer overflow in Check Point SmartDashboard in Check Point NG AI R54 and R55 allows remote authenticated users to cause a denial of service (server disconnect) and possibly execute arbitrary code via a large filter on a column when using SmartView Tracker. | |||||
CVE-2004-0067 | 1 Phpgedview | 1 Phpgedview | 2024-02-28 | 4.3 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in phpGedView before 2.65 allow remote attackers to inject arbitrary HTML or web script via (1) descendancy.php, (2) index.php, (3) individual.php, (4) login.php, (5) relationship.php, (6) source.php, (7) imageview.php, (8) calendar.php, (9) gedrecord.php, (10) login.php, and (11) gdbi_interface.php. NOTE: some aspects of vector 10 were later reported to affect 4.1. | |||||
CVE-2001-1529 | 1 Ibm | 1 Aix | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in rpc.yppasswdd (yppasswd server) in AIX allows attackers to gain unauthorized access via a long string. NOTE: due to lack of details in the vendor advisory, it is not clear if this is the same issue as CVE-2001-0779. | |||||
CVE-2002-1551 | 1 Ibm | 1 Aix | 2024-02-28 | 4.6 MEDIUM | N/A |
Buffer overflow in nslookup in IBM AIX may allow attackers to cause a denial of service or execute arbitrary code. | |||||
CVE-1999-0363 | 2 Plp, Suse | 2 Line Printer Control, Suse Linux | 2024-02-28 | 7.2 HIGH | N/A |
SuSE 5.2 PLP lpc program has a buffer overflow that leads to root compromise. | |||||
CVE-2002-1266 | 1 Apple | 1 Mac Os X | 2024-02-28 | 4.6 MEDIUM | N/A |
Mac OS X 10.2.2 allows local users to gain privileges by mounting a disk image file that was created on another system, aka "Local User Privilege Elevation via Disk Image File." | |||||
CVE-1999-0927 | 1 Gordano | 1 Ntmail | 2024-02-28 | 5.0 MEDIUM | N/A |
NTMail allows remote attackers to read arbitrary files via a .. (dot dot) attack. | |||||
CVE-2004-1871 | 1 Photopost | 1 Photopost Php Pro | 2024-02-28 | 4.3 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in PhotoPost PHP Pro 4.6.x and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) ppuser, (2) password, (3) stype, (4) perpage, (5) sort, (6) page, (7) si, or (8) cat parameters to showmembers.php, or the (9) photo name, (10) photo description, (11) album name, or (12) album description fields. | |||||
CVE-2002-2292 | 1 Halycon Software | 1 Iasp | 2024-02-28 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in Remote Console Applet in Halycon Software iASP 1.0.9 allows remote attackers to read arbitrary files via a .. (dot dot) in the HTTP request to port 9095. | |||||
CVE-2003-0573 | 1 Sgi | 1 Irix | 2024-02-28 | 5.0 MEDIUM | N/A |
The DNS callbacks in nsd in SGI IRIX 6.5.x through 6.5.20f, and possibly earlier versions, do not perform sufficient sanity checking, with unknown impact. | |||||
CVE-2002-0652 | 1 Sgi | 1 Irix | 2024-02-28 | 7.5 HIGH | N/A |
xfsmd for IRIX 6.5 through 6.5.16 allows remote attackers to execute arbitrary code via shell metacharacters that are not properly filtered from several calls to the popen() function, such as export_fs(). | |||||
CVE-2001-0952 | 1 Volition | 1 Red Faction | 2024-02-28 | 5.0 MEDIUM | N/A |
THQ Volition Red Faction Game allows remote attackers to cause a denial of service (hang) of a client or server via packets to UDP port 7755. | |||||
CVE-2003-0532 | 1 Microsoft | 2 Ie, Internet Explorer | 2024-02-28 | 7.5 HIGH | N/A |
Internet Explorer 5.01 SP3 through 6.0 SP1 does not properly determine object types that are returned by web servers, which could allow remote attackers to execute arbitrary code via an object tag with a data parameter to a malicious file hosted on a server that returns an unsafe Content-Type, aka the "Object Type" vulnerability. | |||||
CVE-2003-0473 | 1 Sgi | 1 Irix | 2024-02-28 | 10.0 HIGH | N/A |
Unknown vulnerability in the IPv6 capability in IRIX 6.5.19 causes snoop to process packets as the root user, with unknown implications. | |||||
CVE-2001-0978 | 1 Hp | 1 Hp-ux | 2024-02-28 | 7.5 HIGH | N/A |
login in HP-UX 10.26 does not record failed login attempts in /var/adm/btmp, which could allow attackers to conduct brute force password guessing attacks without being detected or observed using the lastb program. | |||||
CVE-2000-0698 | 1 Minicom | 1 Minicom | 2024-02-28 | 5.0 MEDIUM | N/A |
Minicom 1.82.1 and earlier on some Linux systems allows local users to create arbitrary files owned by the uucp user via a symlink attack. | |||||
CVE-2001-0120 | 3 Immunix, Mandrakesoft, Redhat | 3 Immunix, Mandrake Linux, Linux | 2024-02-28 | 1.2 LOW | N/A |
useradd program in shadow-utils program may allow local users to overwrite arbitrary files via a symlink attack. |