Total
266768 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-1316 | 1 Endonesia | 1 Endonesia | 2024-02-28 | 5.0 MEDIUM | N/A |
| mod.php in eNdonesia 8.2 allows remote attackers to obtain sensitive information via a ' (quote) value in the lng parameter, which reveals the path in an error message. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-1999-0410 | 1 Sun | 1 Sunos | 2024-02-28 | 7.2 HIGH | N/A |
| The cancel command in Solaris 2.6 (i386) has a buffer overflow that allows local users to obtain root access. | |||||
| CVE-2004-0157 | 1 Xonix | 1 Xonix | 2024-02-28 | 4.6 MEDIUM | N/A |
| x11.c in xonix 1.4 and earlier uses the current working directory to find and execute the rmail program, which allows local users to execute arbitrary code by modifying the path to point to a malicious rmail program. | |||||
| CVE-2003-0565 | 2024-02-28 | 5.0 MEDIUM | N/A | ||
| Multiple vulnerabilities in multiple vendor implementations of the X.400 protocol allow remote attackers to cause a denial of service and possibly execute arbitrary code via an X.400 message containing certain unexpected ASN.1 constructs, as demonstrated using the NISSC test suite. | |||||
| CVE-1999-0047 | 3 Bsdi, Caldera, Eric Allman | 3 Bsd Os, Openlinux, Sendmail | 2024-02-28 | 10.0 HIGH | N/A |
| MIME conversion buffer overflow in sendmail versions 8.8.3 and 8.8.4. | |||||
| CVE-2001-0855 | 1 Rational Software | 1 Clearcase | 2024-02-28 | 7.2 HIGH | N/A |
| Buffer overflow in db_loader in ClearCase 4.2 and earlier allows local users to gain root privileges via a long TERM environment variable. | |||||
| CVE-2003-0395 | 1 Myupb | 1 Ultimate Php Board | 2024-02-28 | 7.5 HIGH | N/A |
| Ultimate PHP Board (UPB) 1.9 allows remote attackers to execute arbitrary PHP code with UPB administrator privileges via an HTTP request containing the code in the User-Agent header, which is executed when the administrator executes admin_iplog.php. | |||||
| CVE-2004-2109 | 1 Quadcomm | 1 Q-shop | 2024-02-28 | 6.8 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in (1) imagezoom.asp or (2) recommend.asp in Q-Shop allow remote attackers to execute arbitrary script and steal the user session ID via Javascript in a URL. | |||||
| CVE-2002-1486 | 1 Cerulean Studios | 1 Trillian | 2024-02-28 | 7.5 HIGH | N/A |
| Multiple buffer overflows in the IRC component of Trillian 0.73 and 0.74 allows remote malicious IRC servers to cause a denial of service and possibly execute arbitrary code via (1) a large response from the server, (2) a JOIN with a long channel name, (3) a long "raw 221" message, (4) a PRIVMSG with a long nickname, or (5) a long response from an IDENT server. | |||||
| CVE-2000-0330 | 1 Microsoft | 2 Windows 95, Windows 98 | 2024-02-28 | 7.6 HIGH | N/A |
| The networking software in Windows 95 and Windows 98 allows remote attackers to execute commands via a long file name string, aka the "File Access URL" vulnerability. | |||||
| CVE-1999-1305 | 1 Sco | 5 Open Desktop, Open Desktop Lite, Openserver Enterprise System and 2 more | 2024-02-28 | 7.2 HIGH | N/A |
| Vulnerability in "at" program in SCO UNIX 4.2 and earlier allows local users to gain root access. | |||||
| CVE-2004-0800 | 2 Avaya, Sun | 4 Call Management System Server, Dtmail, Solaris and 1 more | 2024-02-28 | 4.6 MEDIUM | N/A |
| Format string vulnerability in CDE Mailer (dtmail) on Solaris 8 and 9 allows local users to gain privileges via format strings in the argv[0] value. | |||||
| CVE-2002-1558 | 1 Cisco | 1 Optical Networking Systems Software | 2024-02-28 | 10.0 HIGH | N/A |
| Cisco ONS15454 and ONS15327 running ONS before 3.4 have an account for the VxWorks Operating System in the TCC, TCC+ and XTC that cannot be changed or disabled, which allows remote attackers to gain privileges by connecting to the account via Telnet. | |||||
| CVE-2003-0291 | 1 3com | 1 3cp4144 | 2024-02-28 | 5.0 MEDIUM | N/A |
| 3com OfficeConnect Remote 812 ADSL Router 1.1.7 does not properly clear memory from DHCP responses, which allows remote attackers to identify the contents of previous HTTP requests by sniffing DHCP packets. | |||||
| CVE-1999-1489 | 1 Slackware | 1 Slackware Linux | 2024-02-28 | 7.2 HIGH | N/A |
| Buffer overflow in TestChip function in XFree86 SuperProbe in Slackware Linux 3.1 allows local users to gain root privileges via a long -nopr argument. | |||||
| CVE-2002-1874 | 1 Astrocam | 1 Astrocam | 2024-02-28 | 10.0 HIGH | N/A |
| astrocam.cgi in AstroCam 0.9-1-1 through 1.4.0 allows remote attackers to execute arbitrary commands via shell metacharacters in an HTTP request. NOTE: earlier disclosures stated that the affected versions were 1.7.1 through 2.1.2, but the vendor explicitly stated that these were incorrect. | |||||
| CVE-2002-0924 | 1 Cgiscript.net | 1 Csnews | 2024-02-28 | 7.5 HIGH | N/A |
| CGIScript.net csNews.cgi allows remote authenticated users to execute arbitrary Perl code via terminating quotes and metacharacters in text fields of the "Advanced Settings" capability. | |||||
| CVE-2002-1761 | 1 Phprojekt | 1 Phprojekt | 2024-02-28 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in PHProjekt 2.0 through 3.1 allows remote attackers to read arbitrary files via .. (dot dot) sequences. | |||||
| CVE-2004-1555 | 1 Broadboard Instant | 1 Asp Message Board | 2024-02-28 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in BroadBoard Instant ASP Message Board allow remote attackers to run arbitrary SQL commands via the (1) keywords parameter to search.asp, (2) handle parameter to profile.asp, (3) txtUserHandle parameter to reg2.asp or (4) txtUserEmail parameter to forgot.asp. | |||||
| CVE-2001-0222 | 1 Webmin | 1 Webmin | 2024-02-28 | 1.2 LOW | N/A |
| webmin 0.84 and earlier allows local users to overwrite and create arbitrary files via a symlink attack. | |||||