Total
266151 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2001-1322 | 1 Xinetd | 1 Xinetd | 2024-02-28 | 3.6 LOW | N/A |
xinetd 2.1.8 and earlier runs with a default umask of 0, which could allow local users to read or modify files that are created by an application that runs under xinetd but does not set its own safe umask. | |||||
CVE-2004-2061 | 1 Risearch | 2 Risearch, Risearch Pro | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
RiSearch 1.0.01 and RiSearch Pro 3.2.06 allows remote attackers to use the show.pl script as an open proxy, or read arbitrary local files, by setting the url parameter to a (1) http://, (2) ftp://, or (3) file:// URL. | |||||
CVE-2004-1124 | 1 Sco | 2 Openserver, Unixware | 2024-02-28 | 4.6 MEDIUM | N/A |
Unknown vulnerability in chroot on SCO UnixWare 7.1.1 through 7.1.4 allows local users to escape the chroot jail and conduct unauthorized activities. | |||||
CVE-2004-0152 | 1 Emil | 1 Emil | 2024-02-28 | 7.5 HIGH | N/A |
Multiple stack-based buffer overflows in (1) the encode_mime function, (2) the encode_uuencode function, (3) or the decode_uuencode function for emil 2.1.0 and earlier allow remote attackers to execute arbitrary code via e-mail messages containing attachments with filenames. | |||||
CVE-2002-1592 | 1 Apache | 1 Http Server | 2024-02-28 | 5.0 MEDIUM | N/A |
The ap_log_rerror function in Apache 2.0 through 2.035, when a CGI application encounters an error, sends error messages to the client that include the full path for the server, which allows remote attackers to obtain sensitive information. | |||||
CVE-2000-0324 | 1 Symantec | 1 Pcanywhere | 2024-02-28 | 5.0 MEDIUM | N/A |
pcAnywhere 8.x and 9.0 allows remote attackers to cause a denial of service via a TCP SYN scan, e.g. by nmap. | |||||
CVE-2000-1032 | 1 Checkpoint | 1 Firewall-1 | 2024-02-28 | 5.0 MEDIUM | N/A |
The client authentication interface for Check Point Firewall-1 4.0 and earlier generates different error messages for invalid usernames versus invalid passwords, which allows remote attackers to identify valid usernames on the firewall. | |||||
CVE-1999-0372 | 1 Microsoft | 3 Backoffice, Windows 2000, Windows Nt | 2024-02-28 | 2.1 LOW | N/A |
The installer for BackOffice Server includes account names and passwords in a setup file (reboot.ini) which is not deleted. | |||||
CVE-2001-1406 | 1 Mozilla | 1 Bugzilla | 2024-02-28 | 2.1 LOW | N/A |
process_bug.cgi in Bugzilla before 2.14 does not set the "groupset" bit when a bug is moved between product groups, which will cause the bug to have the old group's restrictions, which might not be as stringent. | |||||
CVE-1999-1362 | 1 Microsoft | 1 Windows Nt | 2024-02-28 | 2.1 LOW | N/A |
Win32k.sys in Windows NT 4.0 before SP2 allows local users to cause a denial of service (crash) by calling certain WIN32K functions with incorrect parameters. | |||||
CVE-2004-1371 | 1 Oracle | 10 Application Server, Collaboration Suite, Database Server and 7 more | 2024-02-28 | 9.0 HIGH | N/A |
Stack-based buffer overflow in Oracle 9i and 10g allows remote attackers to execute arbitrary code via a long token in the text of a wrapped procedure. | |||||
CVE-2002-0304 | 1 Summit Computer Networks | 1 Lil Http Server | 2024-02-28 | 5.0 MEDIUM | N/A |
Lil HTTP Server 2.1 allows remote attackers to read password-protected files via a /./ in the HTTP request. | |||||
CVE-2004-0547 | 1 Postgresql | 1 Postgresql | 2024-02-28 | 5.0 MEDIUM | N/A |
Buffer overflow in the ODBC driver for PostgreSQL before 7.2.1 allows remote attackers to cause a denial of service (crash). | |||||
CVE-2000-0987 | 1 Oracle | 2 Internet Directory, Oracle8i | 2024-02-28 | 4.6 MEDIUM | N/A |
Buffer overflow in oidldapd in Oracle 8.1.6 allow local users to gain privileges via a long "connect" command line parameter. | |||||
CVE-2004-1186 | 1 Gnu | 1 Enscript | 2024-02-28 | 5.0 MEDIUM | N/A |
Multiple buffer overflows in enscript 1.6.3 allow remote attackers or local users to cause a denial of service (application crash). | |||||
CVE-2003-1527 | 2 Ibm, Iss | 2 Internet Security Systems Blackice Defender, Blackice Server Protection | 2024-02-28 | 4.3 MEDIUM | N/A |
BlackICE Defender 2.9.cap and Server Protection 3.5.cdf, when configured to automatically block attacks, allows remote attackers to block IP addresses and cause a denial of service via spoofed packets. | |||||
CVE-2004-1704 | 1 Wire Plastic Design | 1 Wpquiz | 2024-02-28 | 7.5 HIGH | N/A |
WpQuiz 2.60b1 through 2.60b8 allows remote attackers to gain privileges via a direct request to adminrestore.php in the extras directory. | |||||
CVE-2004-2153 | 1 Real Estate Management Software | 1 Real Estate Management Software | 2024-02-28 | 10.0 HIGH | N/A |
Multiple unknown vulnerabilities in Real Estate Management Software 1.0 have unknown impact and attack vectors. | |||||
CVE-2002-1677 | 1 Mrtg | 1 Mrtgconfig | 2024-02-28 | 5.0 MEDIUM | N/A |
14all.cgi 1.1p15 in mrtgconfig allows remote attackers to determine the physical path to the web root directory via a request with an invalid cfg parameter, which generates an error message that reveals the path. | |||||
CVE-1999-1266 | 1 Metamail Corporation | 1 Metamail | 2024-02-28 | 5.0 MEDIUM | N/A |
rsh daemon (rshd) generates different error messages when a valid username is provided versus an invalid name, which allows remote attackers to determine valid users on the system. |