Total
266766 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-1329 | 1 Ibm | 1 Aix | 2024-02-28 | 7.2 HIGH | N/A |
Untrusted execution path vulnerability in the diag commands (1) lsmcode, (2) diag_exec, (3) invscout, and (4) invscoutd in AIX 5.1 through 5.3 allows local users to execute arbitrary programs by modifying the DIAGNOSTICS environment variable to point to a malicious Dctrl program. | |||||
CVE-1999-0846 | 1 Deerfield | 1 Mdaemon | 2024-02-28 | 5.0 MEDIUM | N/A |
Denial of service in MDaemon 2.7 via a large number of connection attempts. | |||||
CVE-2004-0428 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-02-28 | 5.0 MEDIUM | N/A |
Unknown vulnerability in CoreFoundation in Mac OS X 10.3.3 and Mac OS X 10.3.3 Server, related to "the handling of an environment variable," has unknown attack vectors and unknown impact. | |||||
CVE-2004-2037 | 1 Mollensoft Software | 1 Lightweight Ftp Server | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in Mollensoft Lightweight FTP Server 3.6 allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a long CWD command, as demonstrated in one example by using the "cd" command in an interactive FTP client. | |||||
CVE-2004-0752 | 1 Openoffice | 1 Openoffice | 2024-02-28 | 2.1 LOW | N/A |
OpenOffice (OOo) 1.1.2 creates predictable directory names with insecure permissions during startup, which may allow local users to read or list files of other users. | |||||
CVE-1999-0295 | 1 Sun | 2 Solaris, Sunos | 2024-02-28 | 7.2 HIGH | N/A |
Solaris sysdef command allows local users to read kernel memory, potentially leading to root privileges. | |||||
CVE-1999-1406 | 1 Redhat | 1 Linux | 2024-02-28 | 2.1 LOW | N/A |
dumpreg in Red Hat Linux 5.1 opens /dev/mem with O_RDWR access, which allows local users to cause a denial of service (crash) by redirecting fd 1 (stdout) to the kernel. | |||||
CVE-2001-0245 | 1 Microsoft | 2 Index Server, Indexing Service | 2024-02-28 | 5.0 MEDIUM | N/A |
Microsoft Index Server 2.0 in Windows NT 4.0, and Indexing Service in Windows 2000, allows remote attackers to read server-side include files via a malformed search request, aka a new variant of the "Malformed Hit-Highlighting" vulnerability. | |||||
CVE-2000-0922 | 1 Bytes Interactive | 1 Web Shopper | 2024-02-28 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in Bytes Interactive Web Shopper shopping cart program (shopper.cgi) 2.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack on the newpage parameter. | |||||
CVE-2001-0059 | 1 Sun | 1 Sunos | 2024-02-28 | 6.2 MEDIUM | N/A |
patchadd in Solaris allows local users to overwrite arbitrary files via a symlink attack. | |||||
CVE-2002-2132 | 1 Microsoft | 2 Windows 2000, Windows Xp | 2024-02-28 | 2.1 LOW | N/A |
Windows File Protection (WFP) in Windows 2000 and XP does not remove old security catalog .CAT files, which could allow local users to replace new files with vulnerable old files that have valid hash codes. | |||||
CVE-2002-2003 | 1 Compaq | 1 Tru64 | 2024-02-28 | 5.0 MEDIUM | N/A |
ypbind in Compaq Tru64 4.0F, 4.0G, 5.0A, 5.1 and 5.1A allows remote attackers to cause the process to core dump via certain network packets generated by nmap. | |||||
CVE-2002-0327 | 1 Century Software | 1 Term | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in Century Software TERM allows local users to gain root privileges via a long tty argument to the callin program. | |||||
CVE-1999-1126 | 1 Cisco | 1 Resource Manager | 2024-02-28 | 2.1 LOW | N/A |
Cisco Resource Manager (CRM) 1.1 and earlier creates certain files with insecure permissions that allow local users to obtain sensitive configuration information including usernames, passwords, and SNMP community strings, from (1) swim_swd.log, (2) swim_debug.log, (3) dbi_debug.log, and (4) temporary files whose names begin with "DPR_". | |||||
CVE-2000-0455 | 1 David Bagley | 1 Xlock | 2024-02-28 | 2.1 LOW | N/A |
Buffer overflow in xlockmore xlock program version 4.16 and earlier allows local users to read sensitive data from memory via a long -mode option. | |||||
CVE-2004-0610 | 1 Microsoft | 1 Mn-500 Wireless Base Station | 2024-02-28 | 5.0 MEDIUM | N/A |
The Web administration interface in Microsoft MN-500 Wireless Router allows remote attackers to cause a denial of service (connection refusal) via a large number of open HTTP connections. | |||||
CVE-2004-1568 | 1 Parachat | 1 Parachat Server | 2024-02-28 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in ParaChat Server 5.5 allows remote attackers to read arbitrary files via a ..%5C (hex-encoded dot dot) in the URL. | |||||
CVE-1999-0311 | 1 Hp | 1 Hp-ux | 2024-02-28 | 7.2 HIGH | N/A |
fpkg2swpk in HP-UX allows local users to gain root access. | |||||
CVE-2000-0128 | 1 Daniel Beckham | 1 The Finger Server | 2024-02-28 | 10.0 HIGH | N/A |
The Finger Server 0.82 allows remote attackers to execute commands via shell metacharacters. | |||||
CVE-1999-1049 | 1 Broadcom | 1 Arcserve Backup | 2024-02-28 | 10.0 HIGH | N/A |
ARCserve NT agents use weak encryption (XOR) for passwords, which allows remote attackers to sniff the authentication request to port 6050 and decrypt the password. |