Total
266685 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-0117 | 4 Immunix, Mandrakesoft, Redhat and 1 more | 5 Immunix, Mandrake Linux, Mandrake Linux Corporate Server and 2 more | 2024-02-28 | 1.2 LOW | N/A |
| sdiff 2.7 in the diffutils package allows local users to overwrite files via a symlink attack. | |||||
| CVE-2002-1951 | 1 Goahead Software | 1 Goahead Webserver | 2024-02-28 | 7.5 HIGH | N/A |
| Buffer overflow in GoAhead WebServer 2.1 allows remote attackers to execute arbitrary code via a long HTTP GET request with a large number of subdirectories. | |||||
| CVE-2002-1972 | 1 Sebastian Dehne | 1 Pp Powerswitch | 2024-02-28 | 4.6 MEDIUM | N/A |
| Unknown vulnerability in Parallel port powerSwitch (aka pp_powerSwitch) 0.1 does not properly enforce access controls, which allows local users to access arbitrary ports. | |||||
| CVE-2002-0480 | 1 Iss | 1 Realsecure Nokia | 2024-02-28 | 10.0 HIGH | N/A |
| ISS RealSecure for Nokia devices before IPSO build 6.0.2001.141d is configured to allow a user "skank" on a machine "starscream" to become a key manager when the "first time connection" feature is enabled and before any legitimate administrators have connected, which could allow remote attackers to gain access to the device during installation. | |||||
| CVE-2002-1051 | 1 Ehud Gavron | 1 Tracesroute | 2024-02-28 | 4.6 MEDIUM | N/A |
| Format string vulnerability in TrACESroute 6.0 GOLD (aka NANOG traceroute) allows local users to execute arbitrary code via the -T (terminator) command line argument. | |||||
| CVE-2004-1416 | 2 Microsoft, Realnetworks | 2 Internet Explorer, Realone Player | 2024-02-28 | 5.1 MEDIUM | N/A |
| pnxr3260.dll in the RealOne 2.0 build 6.0.11.868 browser plugin, as used in Internet Explorer, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted embed tag. | |||||
| CVE-2002-2276 | 1 Ultimate Php Board | 1 Ultimate Php Board | 2024-02-28 | 5.0 MEDIUM | N/A |
| Ultimate PHP Board (UPB) 1.0 allows remote attackers to view the physical path of the message board via a direct request to add.php, which leaks the path in an error message. | |||||
| CVE-2003-0142 | 1 Adobe | 1 Acrobat Reader | 2024-02-28 | 5.0 MEDIUM | N/A |
| Adobe Acrobat Reader (acroread) 6, under certain circumstances when running with the "Certified plug-ins only" option disabled, loads plug-ins with signatures used for older versions of Acrobat, which can allow attackers to cause Acrobat to enter Certified mode and run untrusted plugins by modifying the CTIsCertifiedMode function. | |||||
| CVE-2001-1220 | 1 D-link | 1 Dwl-1000ap | 2024-02-28 | 10.0 HIGH | N/A |
| D-Link DWL-1000AP Firmware 3.2.28 #483 Wireless LAN Access Point stores the administrative password in plaintext in the default Management Information Base (MIB), which allows remote attackers to gain administrative privileges. | |||||
| CVE-2001-0796 | 2 Freebsd, Sgi | 2 Freebsd, Irix | 2024-02-28 | 5.0 MEDIUM | N/A |
| SGI IRIX 6.5 through 6.5.12f and possibly earlier versions, and FreeBSD 3.0, allows remote attackers to cause a denial of service via a malformed IGMP multicast packet with a small response delay. | |||||
| CVE-2003-0274 | 1 Cren | 1 Listproc | 2024-02-28 | 10.0 HIGH | N/A |
| Buffer overflow in catmail for ListProc 8.2.09 and earlier allows remote attackers to execute arbitrary code via a long ULISTPROC_UMASK value. | |||||
| CVE-1999-0755 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2024-02-28 | 5.0 MEDIUM | N/A |
| Windows NT RRAS and RAS clients cache a user's password even if the user has not selected the "Save password" option. | |||||
| CVE-2000-0767 | 1 Microsoft | 1 Internet Explorer | 2024-02-28 | 2.6 LOW | N/A |
| The ActiveX control for invoking a scriptlet in Internet Explorer 4.x and 5.x renders arbitrary file types instead of HTML, which allows an attacker to read arbitrary files, aka the "Scriptlet Rendering" vulnerability. | |||||
| CVE-2004-0016 | 1 Phpgroupware | 1 Phpgroupware | 2024-02-28 | 7.5 HIGH | N/A |
| The calendar module for phpgroupware 0.9.14 does not enforce the "save extension" feature for holiday files, which allows remote attackers to create and execute PHP files. | |||||
| CVE-2003-1354 | 1 Gamespy3d | 1 Gamespy 3d | 2024-02-28 | 5.0 MEDIUM | N/A |
| Multiple GameSpy 3D 2.62 compatible gaming servers generate very large UDP responses to small requests, which allows remote attackers to use the servers as an amplifier in DDoS attacks with spoofed UDP query packets, as demonstrated using Battlefield 1942. | |||||
| CVE-2004-1808 | 1 Metamail Corporation | 1 Metamail | 2024-02-28 | 2.1 LOW | N/A |
| Extcompose in metamail does not verify the output file before writing to it, which allows local users to overwrite arbitrary files via a symlink attack. | |||||
| CVE-2000-1176 | 1 Yabb | 1 Yabb | 2024-02-28 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in YaBB search.pl CGI script allows remote attackers to read arbitrary files via a .. (dot dot) attack in the "catsearch" form field. | |||||
| CVE-2003-0450 | 1 Cistron | 1 Radius Daemon | 2024-02-28 | 7.5 HIGH | N/A |
| Cistron RADIUS daemon (radiusd-cistron) 1.6.6 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large value in an NAS-Port attribute, which is interpreted as a negative number and causes a buffer overflow. | |||||
| CVE-2003-0631 | 1 Vmware | 2 Gsx Server, Workstation | 2024-02-28 | 7.2 HIGH | N/A |
| VMware GSX Server 2.5.1 build 4968 and earlier, and Workstation 4.0 and earlier, allows local users to gain root privileges via certain enivronment variables that are used when launching a virtual machine session. | |||||
| CVE-2004-0254 | 1 Crosscom Olicom | 1 Discuz | 2024-02-28 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Discuz! Board 2.x and 3.x allows remote attackers to execute arbitrary script as other users via an img tag. | |||||