Total
266251 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-0167 | 1 Enlightenment | 1 Imlib | 2024-02-28 | 7.5 HIGH | N/A |
Imlib before 1.9.13 sometimes uses the NetPBM package to load trusted images, which could allow attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain weaknesses of NetPBM. | |||||
CVE-2002-1975 | 1 Sharp | 4 Zaurus Sl-5000d, Zaurus Sl-5000d Firmware, Zaurus Sl-5500 and 1 more | 2024-02-28 | 2.1 LOW | 5.5 MEDIUM |
Sharp Zaurus PDA SL-5000D and SL-5500 uses a salt of "A0" to encrypt the screen-locking password as stored in the Security.conf file, which makes it easier for local users to guess the password via brute force methods. | |||||
CVE-2004-2001 | 1 Sgi | 1 Irix | 2024-02-28 | 4.6 MEDIUM | N/A |
ifconfig "-arp" in SGI IRIX 6.5 through 6.5.22m does not properly disable ARP requests from being sent or received. | |||||
CVE-2003-1448 | 1 Microsoft | 1 Windows 2000 | 2024-02-28 | 7.8 HIGH | N/A |
Memory leak in the Windows 2000 kernel allows remote attackers to cause a denial of service (SMB request hang) via a NetBIOS continuation packet. | |||||
CVE-1999-1134 | 1 Hp | 1 Hp-ux | 2024-02-28 | 7.2 HIGH | N/A |
Vulnerability in Vue 3.0 in HP 9.x allows local users to gain root privileges, as fixed by PHSS_4038, PHSS_4055, and PHSS_4066. | |||||
CVE-2004-0089 | 1 Apple | 1 Mac Os X | 2024-02-28 | 4.6 MEDIUM | N/A |
Buffer overflow in TruBlueEnvironment in Mac OS X 10.3.x and 10.2.x allows local users to gain privileges via a long environment variable. | |||||
CVE-2001-1013 | 1 Redhat | 1 Linux | 2024-02-28 | 5.0 MEDIUM | N/A |
Apache on Red Hat Linux with with the UserDir directive enabled generates different error codes when a username exists and there is no public_html directory and when the username does not exist, which could allow remote attackers to determine valid usernames on the server. | |||||
CVE-2002-1711 | 1 Basilix | 1 Basilix Webmail | 2024-02-28 | 2.1 LOW | N/A |
BasiliX 1.1.0 saves attachments in a world readable /tmp/BasiliX directory, which allows local users to read other users' attachments. | |||||
CVE-1999-0332 | 1 Microsoft | 1 Netmeeting | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in NetMeeting allows denial of service and remote command execution. | |||||
CVE-2003-0034 | 1 Jean-jacques Sarton | 1 Mtink | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in the mtink status monitor, as included in the printer-drivers package in Mandrake Linux, allows local users to execute arbitrary code via a long HOME environment variable. | |||||
CVE-2000-0373 | 1 Kde | 1 Kvt | 2024-02-28 | 7.2 HIGH | N/A |
Vulnerabilities in the KDE kvt terminal program allow local users to gain root privileges. | |||||
CVE-2003-0670 | 1 Sustainable Softworks | 2 Ipnetmonitorx, Ipnetsentryx | 2024-02-28 | 2.1 LOW | N/A |
Sustworks IPNetSentryX and IPNetMonitorX allow local users to sniff network packets via the setuid helper applications (1) RunTCPDump, which calls tcpdump, and (2) RunTCPFlow, which calls tcpflow. | |||||
CVE-2002-0574 | 1 Freebsd | 1 Freebsd | 2024-02-28 | 5.0 MEDIUM | N/A |
Memory leak in FreeBSD 4.5 and earlier allows remote attackers to cause a denial of service (memory exhaustion) via ICMP echo packets that trigger a bug in ip_output() in which the reference count for a routing table entry is not decremented, which prevents the entry from being removed. | |||||
CVE-2002-1702 | 1 Deltascripts | 1 Php Classifieds | 2024-02-28 | 4.3 MEDIUM | N/A |
Cross-site scripting vulnerability (XSS) in DeltaScripts PHP Classifieds 6.0.5 allows remote attackers to execute arbitrary script as other users via the URL parameter. | |||||
CVE-2000-0606 | 3 Debian, Mandrakesoft, Redhat | 3 Debian Linux, Mandrake Linux, Linux | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in kon program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via a long -StartupMessage parameter. | |||||
CVE-1999-1509 | 1 Etype | 1 Eserv | 2024-02-28 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in Etype Eserv 2.50 web server allows a remote attacker to read any file in the file system via a .. (dot dot) in a URL. | |||||
CVE-2003-1483 | 1 Flashfxp | 1 Flashfxp | 2024-02-28 | 6.4 MEDIUM | N/A |
FlashFXP 1.4 uses a weak encryption algorithm for user passwords, which allows attackers to decrypt the passwords and gain access. | |||||
CVE-2001-1324 | 1 Paul Jarc | 1 Idtools | 2024-02-28 | 4.6 MEDIUM | N/A |
cvmlogin and statfile in Paul Jarc idtools before 2001.06.27 do not properly check the return value of a call to the pathexec_env function, which could cause the setstate utility to setuid to the UID environment variable and allow local users to gain privileges. | |||||
CVE-2004-0287 | 1 Xlight Ftp Server | 1 Xlight Ftp Server | 2024-02-28 | 5.0 MEDIUM | N/A |
Xlight FTP server 1.52 allows remote authenticated users to cause a denial of service (crash) via a RETR command with a long argument containing a large number of / (slash) characters, possibly triggering a buffer overflow. | |||||
CVE-2002-1181 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2024-02-28 | 6.8 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in the administrative web pages for Microsoft Internet Information Server (IIS) 4.0 through 5.1 allow remote attackers to execute HTML script as other users through (1) a certain ASP file in the IISHELP virtual directory, or (2) possibly other unknown attack vectors. |