Total
266742 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-1999-1079 | 1 Ibm | 1 Aix | 2024-02-28 | 4.6 MEDIUM | N/A |
Vulnerability in ptrace in AIX 4.3 allows local users to gain privileges by attaching to a setgid program. | |||||
CVE-2000-1180 | 1 Oracle | 1 Oracle8i | 2024-02-28 | 4.6 MEDIUM | N/A |
Buffer overflow in cmctl program in Oracle 8.1.5 Connection Manager Control allows local users to gain privileges via a long command line argument. | |||||
CVE-2002-0286 | 1 Sitenews | 1 Sitenews | 2024-02-28 | 7.5 HIGH | N/A |
The GetPassword function in function.php of SiteNews 0.10 and 0.11 allows remote attackers to gain privileges and add users by providing a non-existent user name and the MD5 checksum for an empty password to add_user.php, which causes GetPassword to produce and compare a blank password for the non-existent user. | |||||
CVE-1999-1559 | 1 Alcatel | 1 Omniswitch | 2024-02-28 | 5.0 MEDIUM | N/A |
Xylan OmniSwitch before 3.2.6 allows remote attackers to bypass the login prompt via a CTRL-D (control d) character, which locks other users out of the switch because it only supports one session at a time. | |||||
CVE-2004-0620 | 1 Jelsoft | 1 Vbulletin | 2024-02-28 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in (1) newreply.php or (2) newthread.php in vBulletin 3.0.1 allows remote attackers to inject arbitrary HTML or script as other users via the Edit-panel. | |||||
CVE-2000-0552 | 1 Icq | 1 Icq | 2024-02-28 | 2.1 LOW | 5.5 MEDIUM |
ICQwebmail client for ICQ 2000A creates a world readable temporary file during login and does not delete it, which allows local users to obtain sensitive information. | |||||
CVE-2004-1623 | 1 Microsoft | 1 Windows Xp | 2024-02-28 | 5.0 MEDIUM | N/A |
The WAV file property handler in Windows XP SP1 allows remote attackers to cause a denial of service (infinite loop in Explorer) via a WAV file with an invalid file header whose fmt chunk length is set to 0xFFFFFFFF. | |||||
CVE-2002-0479 | 1 Gravity Storm Software | 1 Service Pack Manager 2000 | 2024-02-28 | 7.2 HIGH | N/A |
Gravity Storm Service Pack Manager 2000 creates a hidden share (SPM2000c$) mapped to the C drive, which may allow local users to bypass access restrictions on certain directories in the C drive, such as system32, by accessing them through the hidden share. | |||||
CVE-2004-1652 | 1 Brickhost | 1 Phpscheduleit | 2024-02-28 | 7.5 HIGH | N/A |
phpScheduleIt 1.0.0 RC1 does not clear administrative privileges if the administrator logs in as a normal user, which allows users with physical access to gain administrative privileges. | |||||
CVE-2000-0115 | 1 Microsoft | 1 Internet Information Server | 2024-02-28 | 5.0 MEDIUM | N/A |
IIS allows local users to cause a denial of service via invalid regular expressions in a Visual Basic script in an ASP page. | |||||
CVE-2000-0083 | 1 Hp | 1 Hp-ux | 2024-02-28 | 4.6 MEDIUM | N/A |
HP asecure creates the Audio Security File audio.sec with insecure permissions, which allows local users to cause a denial of service or gain additional privileges. | |||||
CVE-2000-0336 | 4 Mandrakesoft, Openldap, Redhat and 1 more | 4 Mandrake Linux, Openldap, Linux and 1 more | 2024-02-28 | 2.1 LOW | N/A |
Linux OpenLDAP server allows local users to modify arbitrary files via a symlink attack. | |||||
CVE-2000-0519 | 1 Microsoft | 2 Ie, Internet Explorer | 2024-02-28 | 2.6 LOW | N/A |
Internet Explorer 4.x and 5.x does not properly re-validate an SSL certificate if the user establishes a new SSL session with the same server during the same Internet Explorer session, aka one of two different "SSL Certificate Validation" vulnerabilities. | |||||
CVE-1999-0019 | 7 Data General, Ibm, Ncr and 4 more | 10 Dg Ux, Aix, Mp-ras and 7 more | 2024-02-28 | 5.0 MEDIUM | N/A |
Delete or create a file via rpc.statd, due to invalid information. | |||||
CVE-2004-0126 | 1 Freebsd | 1 Freebsd | 2024-02-28 | 4.6 MEDIUM | N/A |
The jail_attach system call in FreeBSD 5.1 and 5.2 changes the directory of a calling process even if the process doesn't have permission to change directory, which allows local users to gain read/write privileges to files and directories within another jail. | |||||
CVE-2004-2024 | 1 Zen Cart | 1 Zen Cart | 2024-02-28 | 7.5 HIGH | N/A |
The distribution of Zen Cart 1.1.4 before patch 2 includes certain debugging code in the Admin password retrieval functionality, which allows attackers to gain administrative privileges via password_forgotten.php. | |||||
CVE-2000-0135 | 1 Atretail | 1 Atretail | 2024-02-28 | 7.5 HIGH | N/A |
The @Retail shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. | |||||
CVE-2001-0585 | 1 Gordano | 1 Ntmail | 2024-02-28 | 5.0 MEDIUM | N/A |
Gordano NTMail 6.0.3c allows a remote attacker to create a denial of service via a long (>= 255 characters) URL request to port 8000 or port 9000. | |||||
CVE-1999-0938 | 1 University College London | 1 Sdr | 2024-02-28 | 7.5 HIGH | N/A |
MBone SDR Package allows remote attackers to execute commands via shell metacharacters in Session Initiation Protocol (SIP) messages. | |||||
CVE-1999-0251 | 1 Talkd | 1 Talkd | 2024-02-28 | 5.0 MEDIUM | N/A |
Denial of service in talk program allows remote attackers to disrupt a user's display. |