Total
266088 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-1999-1120 | 1 Sgi | 1 Irix | 2024-02-28 | 4.6 MEDIUM | N/A |
netprint in SGI IRIX 6.4 and earlier trusts the PATH environmental variable for finding and executing the disable program, which allows local users to gain privileges. | |||||
CVE-2002-0101 | 1 Microsoft | 1 Internet Explorer | 2024-02-28 | 5.0 MEDIUM | N/A |
Microsoft Internet Explorer 6.0 and earlier allows local users to cause a denial of service via an infinite loop for modeless dialogs showModelessDialog, which causes CPU usage while the focus for the dialog is not released. | |||||
CVE-2002-0897 | 1 Intranet-server | 1 Localweb2000 | 2024-02-28 | 7.5 HIGH | N/A |
LocalWEB2000 2.1.0 web server allows remote attackers to bypass access restrictions for restricted files via a URL that contains the "/./" directory. | |||||
CVE-2001-1374 | 3 Conectiva, Don Libes, Redhat | 3 Linux, Expect, Linux | 2024-02-28 | 7.2 HIGH | N/A |
expect before 5.32 searches for its libraries in /var/tmp before other directories, which could allow local users to gain root privileges via a Trojan horse library that is accessed by mkpasswd. | |||||
CVE-2002-0463 | 1 Arsc Really Simple Chat | 1 Arsc Really Simple Chat | 2024-02-28 | 5.0 MEDIUM | N/A |
home.php in ARSC (Really Simple Chat) 1.0.1 and earlier allows remote attackers to determine the full pathname of the web server via an invalid language in the arsc_language parameter, which leaks the pathname in an error message. | |||||
CVE-2002-2323 | 1 Sun | 1 Solaris Pc Netlink | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
Sun PC NetLink 1.0 through 1.2 does not properly set the access control list (ACL) for files and directories that use symbolic links and have been restored from backup, which could allow local or remote attackers to bypass intended access restrictions. | |||||
CVE-2003-0508 | 1 Adobe | 1 Acrobat Reader | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in the WWWLaunchNetscape function of Adobe Acrobat Reader (acroread) 5.0.7 and earlier allows remote attackers to execute arbitrary code via a .pdf file with a long mailto link. | |||||
CVE-2003-0849 | 1 Gnu | 1 Cfengine | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in net.c for cfengine 2.x before 2.0.8 allows remote attackers to execute arbitrary code via certain packets with modified length values, which is trusted by the ReceiveTransaction function when using a buffer provided by the BusyWithConnection function. | |||||
CVE-2002-0283 | 1 Microsoft | 1 Windows Xp | 2024-02-28 | 5.0 MEDIUM | N/A |
Windows XP with port 445 open allows remote attackers to cause a denial of service (CPU consumption) via a flood of TCP SYN packets containing possibly malformed data. | |||||
CVE-2002-2322 | 1 Ultimate Php Board | 1 Ultimate Php Board | 2024-02-28 | 5.0 MEDIUM | N/A |
Ultimate PHP Board (UPB) 1.0b stores the users.dat data file under the web root with insufficient access control, which allows remote attackers to obtain usernames and passwords. | |||||
CVE-2004-1974 | 1 Php Arena | 1 Pafiledb | 2024-02-28 | 5.0 MEDIUM | N/A |
paFileDB 3.1 allows remote attackers to gain sensitive information via a direct request to (1) login.php, (2) category.php, (3) search.php, (4) main.php, (5) viewall.php, (6) download.php, (7) email.php, (8) file.php, (9) rate.php, or (10) stats.php, which reveals the path in an error message. | |||||
CVE-2002-0209 | 1 Nortel | 1 Alteon Acedirector | 2024-02-28 | 5.0 MEDIUM | N/A |
Nortel Alteon ACEdirector WebOS 9.0, with the Server Load Balancing (SLB) and Cookie-Based Persistence features enabled, allows remote attackers to determine the real IP address of a web server with a half-closed session, which causes ACEdirector to send packets from the server without changing the address to the virtual IP address. | |||||
CVE-2004-1718 | 1 Pedestal Software | 1 Integrity Protection Driver | 2024-02-28 | 2.1 LOW | N/A |
The ZwOpenSection function in Integrity Protection Driver (IPD) 1.4 and earlier allows local users to cause a denial of service (crash) via an invalid pointer in the "oa" argument. | |||||
CVE-1999-0671 | 1 Toxsoft | 1 Nextftp | 2024-02-28 | 5.1 MEDIUM | N/A |
Buffer overflow in ToxSoft NextFTP client through CWD command. | |||||
CVE-2003-0642 | 1 Watchguard | 1 Serverlock | 2024-02-28 | 2.1 LOW | N/A |
WatchGuard ServerLock for Windows 2000 before SL 2.0.4 allows local users to access kernel memory via a symlink attack on \Device\PhysicalMemory. | |||||
CVE-2002-2254 | 1 Linux | 1 Linux Kernel | 2024-02-28 | 2.1 LOW | N/A |
The experimental IP packet queuing feature in Netfilter / IPTables in Linux kernel 2.4 up to 2.4.19 and 2.5 up to 2.5.31, when a privileged process exits and network traffic is not being queued, may allow a later process with the same Process ID (PID) to access certain network traffic that would otherwise be restricted. | |||||
CVE-2004-0167 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-02-28 | 7.5 HIGH | N/A |
DiskArbitration in Mac OS X 10.2.8 and 10.3.2 does not properly initialize writeable removable media. | |||||
CVE-2002-0040 | 1 Sgi | 1 Irix | 2024-02-28 | 2.1 LOW | N/A |
Vulnerability in SGI IRIX 6.5.11 through 6.5.15f allows local users to cause privileged applications to dump core via the HOSTALIASES environment variable, which might allow the users to gain privileges. | |||||
CVE-1999-0834 | 1 Rsa | 1 Rsaref | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflow in RSAREF2 via the encryption and decryption functions in the RSAREF library. | |||||
CVE-2004-1436 | 1 Cisco | 1 Optical Networking Systems Software | 2024-02-28 | 7.5 HIGH | N/A |
The Transaction Language 1 (TL1) login interface in Cisco ONS 15327 4.6(0) and 4.6(1) and 15454 and 15454 SDH 4.6(0) and 4.6(1), when a user account is configured with a blank password, allows remote attackers to gain unauthorized access by logging in with a password larger than 10 characters. |