Total
266147 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-1999-1039 | 1 Sgi | 1 Irix | 2024-02-28 | 7.2 HIGH | N/A |
Vulnerability in (1) diskalign and (2) diskperf in IRIX 6.4 patches 2291 and 2848 allow a local user to create root-owned files leading to a root compromise. | |||||
CVE-2000-0816 | 1 Redhat | 1 Linux | 2024-02-28 | 2.1 LOW | N/A |
Linux tmpwatch --fuser option allows local users to execute arbitrary commands by creating files whose names contain shell metacharacters. | |||||
CVE-2004-2100 | 1 Geovision | 1 Geohttpserver | 2024-02-28 | 5.0 MEDIUM | N/A |
GeoHttpServer, when configured to authenticate users, allows remote attackers to bypass authentication and access unauthorized files via a URL that contains %0a%0a (encoded newlines). | |||||
CVE-2003-1052 | 1 Ibm | 2 Db2, Db2 Universal Database | 2024-02-28 | 7.2 HIGH | N/A |
IBM DB2 7.1 and 8.1 allow the bin user to gain root privileges by modifying the shared libraries that are used in setuid root programs. | |||||
CVE-1999-1191 | 1 Sun | 2 Solaris, Sunos | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in chkey in Solaris 2.5.1 and earlier allows local users to gain root privileges via a long command line argument. | |||||
CVE-1999-0930 | 1 Matt Wright | 1 Wwwboard | 2024-02-28 | 5.0 MEDIUM | N/A |
wwwboard allows a remote attacker to delete message board articles via a malformed argument. | |||||
CVE-2001-0797 | 5 Hp, Ibm, Sco and 2 more | 6 Hp-ux, Aix, Openserver and 3 more | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin. | |||||
CVE-2003-1073 | 1 Sun | 2 Solaris, Sunos | 2024-02-28 | 1.2 LOW | N/A |
A race condition in the at command for Solaris 2.6 through 9 allows local users to delete arbitrary files via the -r argument with .. (dot dot) sequences in the job name, then modifying the directory structure after at checks permissions to delete the file and before the deletion actually takes place. | |||||
CVE-1999-0824 | 1 Microsoft | 1 Windows Nt | 2024-02-28 | 4.6 MEDIUM | N/A |
A Windows NT user can use SUBST to map a drive letter to a folder, which is not unmapped after the user logs off, potentially allowing that user to modify the location of folders accessed by later users. | |||||
CVE-2003-1068 | 1 Sun | 2 Solaris, Sunos | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in utmp_update for Solaris 2.6 through 9 allows local users to gain root privileges, as identified by Sun BugID 4659277, a different vulnerability than CVE-2003-1082. | |||||
CVE-2003-1029 | 1 Lbl | 1 Tcpdump | 2024-02-28 | 5.0 MEDIUM | N/A |
The L2TP protocol parser in tcpdump 3.8.1 and earlier allows remote attackers to cause a denial of service (infinite loop and memory consumption) via a packet with invalid data to UDP port 1701, which causes l2tp_avp_print to use a bad length value when calling print_octets. | |||||
CVE-2002-1283 | 1 Novell | 1 Emframe | 2024-02-28 | 5.0 MEDIUM | N/A |
Buffer overflow in Novell iManager (eMFrame) before 1.5 allows remote attackers to cause a denial of service via an authentication request with a long Distinguished Name (DN) attribute. | |||||
CVE-2003-0343 | 1 Selom Ofori | 1 Blackmoon Ftp Server | 2024-02-28 | 4.6 MEDIUM | N/A |
BlackMoon FTP Server 2.6 Free Edition, and possibly other distributions and versions, generates an "Account does not exist" error message when an invalid username is entered, which makes it easier for remote attackers to conduct brute force attacks. | |||||
CVE-2002-1210 | 1 Qualcomm | 1 Eudora | 2024-02-28 | 5.0 MEDIUM | N/A |
Qualcomm Eudora 5.1.1, 5.2, and possibly other versions stores email attachments in a predictable location, which allows remote attackers to read arbitrary files via a link that loads an attachment with malicious script into a frame, which then executes the script in the local browser context. | |||||
CVE-2002-1918 | 1 Microsoft | 1 Data Access Components | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflow in Microsoft Active Data Objects (ADO) in Microsoft MDAC 2.5 through 2.7 allows remote attackers to have unknown impact with unknown attack vectors. NOTE: due to the lack of details available regarding this issue, perhaps it should be REJECTED. | |||||
CVE-2002-0293 | 1 Alcatel-lucent | 1 Omnipcx | 2024-02-28 | 6.2 MEDIUM | N/A |
FTP service in Alcatel OmniPCX 4400 allows the "halt" user to gain root privileges by modifying root's .profile file. | |||||
CVE-2000-0236 | 1 Netscape | 1 Enterprise Server | 2024-02-28 | 5.0 MEDIUM | N/A |
Netscape Enterprise Server with Directory Indexing enabled allows remote attackers to list server directories via web publishing tags such as ?wp-ver-info and ?wp-cs-dump. | |||||
CVE-2003-1344 | 1 Trend Micro | 1 Virus Control System | 2024-02-28 | 5.0 MEDIUM | N/A |
Trend Micro Virus Control System (TVCS) Log Collector allows remote attackers to obtain usernames, encrypted passwords, and other sensitive information via a URL request for getservers.exe with the action parameter set to "selects1", which returns log files. | |||||
CVE-2001-1466 | 1 Van Dyke Technologies | 1 Securecrt | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in VanDyke SecureCRT before 3.4.2, when using the SSH-1 protocol, allows remote attackers to execute arbitrary code via a long (1) username or (2) password. | |||||
CVE-2004-0543 | 1 Oracle | 2 Applications, E-business Suite | 2024-02-28 | 10.0 HIGH | N/A |
Multiple SQL injection vulnerabilities in Oracle Applications 11.0 and Oracle E-Business Suite 11.5.1 through 11.5.8 allow remote attackers to execute arbitrary SQL procedures and queries. |