Total
266684 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-1224 | 1 Kde | 1 Kde | 2024-02-28 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in kpf for KDE 3.0.1 through KDE 3.0.3a allows remote attackers to read arbitrary files as the kpf user via a URL with a modified icon parameter. | |||||
| CVE-1999-1155 | 1 Lakeweb | 1 Mail List Cgi Script | 2024-02-28 | 7.5 HIGH | N/A |
| LakeWeb Mail List CGI script allows remote attackers to execute arbitrary commands via shell metacharacters in the recipient email address. | |||||
| CVE-2000-1042 | 1 Mandrakesoft | 1 Mandrake Linux | 2024-02-28 | 10.0 HIGH | N/A |
| Buffer overflow in ypserv in Mandrake Linux 7.1 and earlier, and possibly other Linux operating systems, allows an attacker to gain root privileges when ypserv is built without a vsyslog() function. | |||||
| CVE-2004-0107 | 3 Redhat, Sgi, Sysstat | 3 Sysstat, Propack, Sysstat | 2024-02-28 | 4.6 MEDIUM | N/A |
| The (1) post and (2) trigger scripts in sysstat 4.0.7 and earlier allow local users to overwrite arbitrary files via symlink attacks on temporary files, a different vulnerability than CVE-2004-0108. | |||||
| CVE-2004-0600 | 2 Samba, Trustix | 2 Samba, Secure Linux | 2024-02-28 | 10.0 HIGH | N/A |
| Buffer overflow in the Samba Web Administration Tool (SWAT) in Samba 3.0.2 to 3.0.4 allows remote attackers to execute arbitrary code via an invalid base-64 character during HTTP basic authentication. | |||||
| CVE-2002-0104 | 1 Aftpd | 1 Aftpd | 2024-02-28 | 5.0 MEDIUM | N/A |
| AFTPD 5.4.4 allows remote attackers to gain sensitive information via a CD (CWD) ~ (tilde) command, which causes a core dump. | |||||
| CVE-2000-0427 | 1 Aladdin Knowledge Systems | 1 Etoken | 2024-02-28 | 4.6 MEDIUM | N/A |
| The Aladdin Knowledge Systems eToken device allows attackers with physical access to the device to obtain sensitive information without knowing the PIN of the owner by resetting the PIN in the EEPROM. | |||||
| CVE-2002-0121 | 1 Php | 1 Php | 2024-02-28 | 2.1 LOW | N/A |
| PHP 4.0 through 4.1.1 stores session IDs in temporary files whose name contains the session ID, which allows local users to hijack web connections. | |||||
| CVE-2003-0645 | 1 Andries Brouwer | 1 Man | 2024-02-28 | 4.6 MEDIUM | N/A |
| man-db 2.3.12 and 2.3.18 to 2.4.1 uses certain user-controlled DEFINE directives from the ~/.manpath file, even when running setuid, which could allow local users to gain privileges. | |||||
| CVE-2002-2401 | 1 Microsoft | 3 Windows 2000, Windows Nt, Windows Xp | 2024-02-28 | 3.6 LOW | N/A |
| NT Virtual DOS Machine (NTVDM.EXE) in Windows 2000, NT and XP does not verify user execution permissions for 16-bit executable files, which allows local users to bypass the loader and execute arbitrary programs. | |||||
| CVE-2002-1308 | 2 Mozilla, Netscape | 2 Mozilla, Navigator | 2024-02-28 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in Netscape and Mozilla allows remote attackers to execute arbitrary code via a jar: URL that references a malformed .jar file, which overflows a buffer during decompression. | |||||
| CVE-2003-1315 | 1 Neocrome | 1 Land Down Under | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in auth.php in Land Down Under (LDU) v601 and earlier allows remote attackers to execute arbitrary SQL commands. | |||||
| CVE-2002-2343 | 1 Nocc | 1 Nocc | 2024-02-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in NOCC 0.9 through 0.9.5 allows remote attackers to inject arbitrary web script or HTML via email messages. | |||||
| CVE-2002-0436 | 1 Sun | 2 Solaris, Sunos | 2024-02-28 | 10.0 HIGH | N/A |
| sscd_suncourier.pl CGI script in the Sun Sunsolve CD pack allows remote attackers to execute arbitrary commands via shell metacharacters in the email address parameter. | |||||
| CVE-1999-1110 | 1 Microsoft | 1 Internet Explorer | 2024-02-28 | 5.0 MEDIUM | N/A |
| Windows Media Player ActiveX object as used in Internet Explorer 5.0 returns a specific error code when a file does not exist, which allows remote malicious web sites to determine the existence of files on the client. | |||||
| CVE-2002-0083 | 9 Conectiva, Engardelinux, Immunix and 6 more | 11 Linux, Secure Linux, Immunix and 8 more | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
| Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges. | |||||
| CVE-2003-0895 | 1 Apple | 1 Mac Os X | 2024-02-28 | 4.6 MEDIUM | N/A |
| Buffer overflow in the Mac OS X kernel 10.2.8 and earlier allows local users, and possibly remote attackers, to cause a denial of service (crash), access portions of memory, and possibly execute arbitrary code via a long command line argument (argv[]). | |||||
| CVE-1999-1034 | 1 Att | 1 Svr4 | 2024-02-28 | 7.2 HIGH | N/A |
| Vulnerability in login in AT&T System V Release 4 allows local users to gain privileges. | |||||
| CVE-2002-1348 | 1 W3m | 1 W3m | 2024-02-28 | 5.0 MEDIUM | N/A |
| w3m before 0.3.2.2 does not properly escape HTML tags in the ALT attribute of an IMG tag, which could allow remote attackers to access files or cookies. | |||||
| CVE-2002-2237 | 1 Tftp | 1 Tftp Server | 2024-02-28 | 5.0 MEDIUM | N/A |
| tftp32 TFTP server 2.21 and earlier allows remote attackers to cause a denial of service via a GET request with a DOS device name such as com1 or aux. | |||||