Total
266249 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-1107 | 1 Cisco | 1 Vpn Client | 2024-02-28 | 7.5 HIGH | N/A |
Cisco Virtual Private Network (VPN) Client software 2.x.x, and 3.x before 3.5.2B, does not generate sufficiently random numbers, which may make it vulnerable to certain attacks such as spoofing. | |||||
CVE-2002-0679 | 6 Caldera, Compaq, Hp and 3 more | 8 Openunix, Unixware, Tru64 and 5 more | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflow in Common Desktop Environment (CDE) ToolTalk RPC database server (rpc.ttdbserverd) allows remote attackers to execute arbitrary code via an argument to the _TT_CREATE_FILE procedure. | |||||
CVE-2002-0412 | 1 Luca Deri | 1 Ntop | 2024-02-28 | 7.5 HIGH | N/A |
Format string vulnerability in TraceEvent function for ntop before 2.1 allows remote attackers to execute arbitrary code by causing format strings to be injected into calls to the syslog function, via (1) an HTTP GET request, (2) a user name in HTTP authentication, or (3) a password in HTTP authentication. | |||||
CVE-2003-1528 | 1 Fujitsu | 1 Siemens Networker | 2024-02-28 | 7.2 HIGH | N/A |
nsr_shutdown in Fujitsu Siemens NetWorker 6.0 allows local users to overwrite arbitrary files via a symlink attack on the nsrsh[PID] temporary file. | |||||
CVE-2004-0695 | 1 4d | 1 Webstar | 2024-02-28 | 7.5 HIGH | N/A |
Stack-based buffer overflow in the FTP service for 4D WebSTAR 5.3.2 and earlier allows remote attackers to execute arbitrary code via a long FTP command. | |||||
CVE-2003-0248 | 1 Redhat | 1 Linux | 2024-02-28 | 10.0 HIGH | N/A |
The mxcsr code in Linux kernel 2.4 allows attackers to modify CPU state registers via a malformed address. | |||||
CVE-2004-2011 | 1 Microsoft | 1 Internet Explorer | 2024-02-28 | 2.6 LOW | N/A |
msxml3.dll in Internet Explorer 6.0.2600.0 allows remote attackers to cause a denial of service (crash) via a single & (ampersand) in a <Ref href> link, which triggers a parsing error, possibly due to missing portions of the URI. | |||||
CVE-1999-1277 | 1 Backweb Technologies | 1 Backweb Client | 2024-02-28 | 4.6 MEDIUM | N/A |
BackWeb client stores the username and password in cleartext for proxy authentication in the Communication registry key, which could allow other local users to gain privileges by reading the password. | |||||
CVE-1999-0711 | 1 Oracle | 1 Oracle8i | 2024-02-28 | 4.6 MEDIUM | N/A |
The oratclsh interpreter in Oracle 8.x Intelligent Agent for Unix allows local users to execute Tcl commands as root. | |||||
CVE-2002-0257 | 2 Apache, Usanet Creations | 2 Http Server, Makebid Auction Deluxe | 2024-02-28 | 7.5 HIGH | N/A |
Cross-site scripting vulnerability in auction.pl of MakeBid Auction Deluxe 3.30 allows remote attackers to obtain information from other users via the form fields (1) TITLE, (2) DESCTIT, (3) DESC, (4) searchstring, (5) ALIAS, (6) EMAIL, (7) ADDRESS1, (8) ADDRESS2, (9) ADDRESS3, (10) PHONE1, (11) PHONE2, (12) PHONE3, or (13) PHONE4. | |||||
CVE-2001-1174 | 1 Elm Development Group | 1 Elm | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in Elm 2.5.5 and earlier allows remote attackers to execute arbitrary code via a long Message-ID header. | |||||
CVE-2001-0124 | 1 Sun | 2 Solaris, Sunos | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in exrecover in Solaris 2.6 and earlier possibly allows local users to gain privileges via a long command line argument. | |||||
CVE-2002-1545 | 1 Cooolsoft | 1 Personal Ftp Server | 2024-02-28 | 5.0 MEDIUM | N/A |
CooolSoft Personal FTP Server 2.24 allows remote attackers to obtain the absolute pathname of the FTP root via a PWD command, which includes the full path in the response. | |||||
CVE-2003-0074 | 1 Plptools | 1 Plptools | 2024-02-28 | 7.2 HIGH | N/A |
Format string vulnerability in mpmain.c for plpnfsd of the plptools package allows remote attackers to execute arbitrary code via the functions (1) debuglog, (2) errorlog, and (3) infolog. | |||||
CVE-1999-1214 | 5 Bsd, Freebsd, Netbsd and 2 more | 5 Bsd, Freebsd, Netbsd and 2 more | 2024-02-28 | 2.1 LOW | N/A |
The asynchronous I/O facility in 4.4 BSD kernel does not check user credentials when setting the recipient of I/O notification, which allows local users to cause a denial of service by using certain ioctl and fcntl calls to cause the signal to be sent to an arbitrary process ID. | |||||
CVE-2003-0609 | 1 Sun | 2 Solaris, Sunos | 2024-02-28 | 7.2 HIGH | N/A |
Stack-based buffer overflow in the runtime linker, ld.so.1, on Solaris 2.6 through 9 allows local users to gain root privileges via a long LD_PRELOAD environment variable. | |||||
CVE-2003-0621 | 1 Bea | 2 Tuxedo, Weblogic Server | 2024-02-28 | 5.0 MEDIUM | N/A |
The Administration Console for BEA Tuxedo 8.1 and earlier allows remote attackers to determine the existence of files outside the web root via modified paths in the INIFILE argument. | |||||
CVE-2001-0956 | 1 Speechio | 1 Speechd | 2024-02-28 | 7.2 HIGH | N/A |
speechd 0.54 and earlier, with the Festival or rsynth speech synthesis package, allows attackers to execute arbitrary commands via shell metacharacters. | |||||
CVE-1999-0243 | 2024-02-28 | 10.0 HIGH | N/A | ||
Linux cfingerd could be exploited to gain root access. | |||||
CVE-2001-1100 | 1 Spencer Miles | 1 W3mail | 2024-02-28 | 7.5 HIGH | N/A |
sendmessage.cgi in W3Mail 1.0.2, and possibly other CGI programs, allows remote attackers to execute arbitrary commands via shell metacharacters in any field of the 'Compose Message' page. |