Total
266102 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0609 | 1 Netwin | 2 Cwmail, Dmailweb | 2024-02-28 | 5.0 MEDIUM | N/A |
| NetWin dMailWeb and cwMail 2.6g and earlier allows remote attackers to cause a denial of service via a long username parameter. | |||||
| CVE-1999-1371 | 1 Sun | 1 Sunos | 2024-02-28 | 7.2 HIGH | N/A |
| Buffer overflow in /usr/bin/write in Solaris 2.6 and 7 allows local users to gain privileges via a long string in the terminal name argument. | |||||
| CVE-1999-0138 | 7 Apple, Digital, Freebsd and 4 more | 9 A Ux, Osf 1, Freebsd and 6 more | 2024-02-28 | 7.2 HIGH | N/A |
| The suidperl and sperl program do not give up root privileges when changing UIDs back to the original users, allowing root access. | |||||
| CVE-2001-1241 | 1 Steve Grimm | 1 Un-cgi | 2024-02-28 | 7.5 HIGH | N/A |
| Un-CGI 1.9 and earlier does not verify that a CGI script has the execution bits set before executing it, which allows remote attackers to execute arbitrary commands by directing Un-CGI to a document that begins with "#!" and the desired program name. | |||||
| CVE-2002-2035 | 1 Realityscape | 1 Mylogin 2000 | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in RealityScape MyLogin 2000 1.0.0 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) Username or (2) Password in the login form. | |||||
| CVE-2002-1944 | 1 Motorola | 1 Surfboard | 2024-02-28 | 5.0 MEDIUM | N/A |
| Motorola Surfboard 4200 cable modem allows remote attackers to cause a denial of service (crash) by performing a SYN scan using a tool such as nmap. | |||||
| CVE-2000-0137 | 1 Cartit | 1 Cartit | 2024-02-28 | 7.5 HIGH | N/A |
| The CartIt shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. | |||||
| CVE-1999-1365 | 1 Microsoft | 1 Windows Nt | 2024-02-28 | 7.2 HIGH | N/A |
| Windows NT searches a user's home directory (%systemroot% by default) before other directories to find critical programs such as NDDEAGNT.EXE, EXPLORER.EXE, USERINIT.EXE or TASKMGR.EXE, which could allow local users to bypass access restrictions or gain privileges by placing a Trojan horse program into the root directory, which is writable by default. | |||||
| CVE-1999-1439 | 1 Gcc | 1 Gcc | 2024-02-28 | 2.1 LOW | N/A |
| gcc 2.7.2 allows local users to overwrite arbitrary files via a symlink attack on temporary .i, .s, or .o files. | |||||
| CVE-2000-0746 | 1 Microsoft | 3 Frontpage, Internet Information Server, Internet Information Services | 2024-02-28 | 7.5 HIGH | N/A |
| Vulnerabilities in IIS 4.0 and 5.0 do not properly protect against cross-site scripting (CSS) attacks. They allow a malicious web site operator to embed scripts in a link to a trusted site, which are returned without quoting in an error message back to the client. The client then executes those scripts in the same context as the trusted site, aka the "IIS Cross-Site Scripting" vulnerabilities. | |||||
| CVE-2003-0109 | 1 Microsoft | 2 Windows 2000, Windows 2000 Terminal Services | 2024-02-28 | 7.5 HIGH | N/A |
| Buffer overflow in ntdll.dll on Microsoft Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows remote attackers to execute arbitrary code, as demonstrated via a WebDAV request to IIS 5.0. | |||||
| CVE-1999-0605 | 1 Austin Contract Computing | 1 Merchant Order Form | 2024-02-28 | 5.0 MEDIUM | N/A |
| An incorrect configuration of the Order Form 1.0 shopping cart CGI program could disclose private information. | |||||
| CVE-2002-0153 | 1 Microsoft | 1 Ie | 2024-02-28 | 7.5 HIGH | N/A |
| Internet Explorer 5.1 for Macintosh allows remote attackers to bypass security checks and invoke local AppleScripts within a specific HTML element, aka the "Local Applescript Invocation" vulnerability. | |||||
| CVE-2004-0951 | 1 Hp | 1 Ignite-ux | 2024-02-28 | 7.5 HIGH | N/A |
| The make_recovery command for the TFTP server in HP Ignite-UX before C.6.2.241 makes a copy of the password file in the TFTP directory tree, which allows remote attackers to obtain sensitive information. | |||||
| CVE-2004-0017 | 1 Phpgroupware | 1 Phpgroupware | 2024-02-28 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in the (1) calendar and (2) infolog modules for phpgroupware 0.9.14 allow remote attackers to perform unauthorized database operations. | |||||
| CVE-2001-0272 | 1 W3.org | 1 Sendtemp.pl | 2024-02-28 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in sendtemp.pl in W3.org Anaya Web development server allows remote attackers to read arbitrary files via a .. (dot dot) attack in the templ parameter. | |||||
| CVE-2002-1093 | 1 Cisco | 1 Vpn 3000 Concentrator Series Software | 2024-02-28 | 5.0 MEDIUM | N/A |
| HTML interface for Cisco VPN 3000 Concentrator 2.x.x and 3.x.x before 3.0.3(B) allows remote attackers to cause a denial of service (CPU consumption) via a long URL request. | |||||
| CVE-2004-0369 | 2 Entrust, Symantec | 5 Entrust Libkmp Isakmp Library, Enterprise Firewall, Gateway Security 5300 and 2 more | 2024-02-28 | 7.5 HIGH | N/A |
| Buffer overflow in Entrust LibKmp ISAKMP library, as used by Symantec Enterprise Firewall 7.0 through 8.0, Gateway Security 5300 1.0, Gateway Security 5400 2.0, and VelociRaptor 1.5, allows remote attackers to execute arbitrary code via a crafted ISAKMP payload. | |||||
| CVE-2002-0747 | 1 Ibm | 1 Aix | 2024-02-28 | 10.0 HIGH | N/A |
| Buffer overflow in lsmcode in AIX 4.3.3. | |||||
| CVE-1999-0072 | 1 Ibm | 1 Aix | 2024-02-28 | 7.2 HIGH | N/A |
| Buffer overflow in AIX xdat gives root access to local users. | |||||