Total
265933 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-1999-0204 | 1 Eric Allman | 1 Sendmail | 2024-02-28 | 10.0 HIGH | N/A |
Sendmail 8.6.9 allows remote attackers to execute root commands, using ident. | |||||
CVE-2003-0696 | 1 Ibm | 1 Aix | 2024-02-28 | 5.0 MEDIUM | N/A |
The getipnodebyname() API in AIX 5.1 and 5.2 does not properly close sockets, which allows attackers to cause a denial of service (resource exhaustion). | |||||
CVE-2002-1100 | 1 Cisco | 2 Vpn 3000 Concentrator Series Software, Vpn 3002 Hardware Client | 2024-02-28 | 5.0 MEDIUM | N/A |
Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.3, allows remote attackers to cause a denial of service (crash) via a long (1) username or (2) password to the HTML login interface. | |||||
CVE-2003-0906 | 1 Microsoft | 3 Windows 2000, Windows Nt, Windows Xp | 2024-02-28 | 7.6 HIGH | N/A |
Buffer overflow in the rendering for (1) Windows Metafile (WMF) or (2) Enhanced Metafile (EMF) image formats in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, and XP SP1 allows remote attackers to execute arbitrary code via a malformed WMF or EMF image. | |||||
CVE-2004-0047 | 1 Yamamoto Hirotaka | 1 Trr19 | 2024-02-28 | 4.6 MEDIUM | N/A |
Multiple programs in trr19 1.0 do not properly drop privileges before executing a system command, which could allow local users to gain privileges. | |||||
CVE-1999-1360 | 1 Microsoft | 1 Windows Nt | 2024-02-28 | 2.1 LOW | N/A |
Windows NT 4.0 allows local users to cause a denial of service via a user mode application that closes a handle that was opened in kernel mode, which causes a crash when the kernel attempts to close the handle. | |||||
CVE-2001-0412 | 1 Cisco | 3 Content Services Switch 11050, Content Services Switch 11150, Content Services Switch 11800 | 2024-02-28 | 7.2 HIGH | N/A |
Cisco Content Services (CSS) switch products 11800 and earlier, aka Arrowpoint, allows local users to gain privileges by entering debug mode. | |||||
CVE-2002-0651 | 1 Isc | 1 Bind | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in the DNS resolver code used in libc, glibc, and libbind, as derived from ISC BIND, allows remote malicious DNS servers to cause a denial of service and possibly execute arbitrary code via the stub resolvers. | |||||
CVE-2002-2335 | 1 John Drake | 1 Killer Protection | 2024-02-28 | 5.0 MEDIUM | N/A |
Killer Protection 1.0 stores the vars.inc include file under the web root with insufficient access control, which allows remote attackers to obtain user names and passwords and log in using protection.php. | |||||
CVE-2004-0395 | 1 Gatos | 1 Gatos | 2024-02-28 | 7.2 HIGH | N/A |
The xatitv program in the gatos package does not properly drop root privileges when the configuration file does not exist, which allows local users to execute arbitrary commands via shell metacharacters in a system call. | |||||
CVE-2000-1054 | 1 Cisco | 1 Secure Access Control Server | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflow in CSAdmin module in CiscoSecure ACS Server 2.4(2) and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a large packet. | |||||
CVE-1999-0304 | 4 Bsdi, Freebsd, Netbsd and 1 more | 4 Bsd Os, Freebsd, Netbsd and 1 more | 2024-02-28 | 7.2 HIGH | N/A |
mmap function in BSD allows local attackers in the kmem group to modify memory through devices. | |||||
CVE-1999-1296 | 1 Mit | 1 Kerberos 5 | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in Kerberos IV compatibility libraries as used in Kerberos V allows local users to gain root privileges via a long line in a kerberos configuration file, which can be specified via the KRB_CONF environmental variable. | |||||
CVE-2002-2046 | 1 Xqus | 1 X-news | 2024-02-28 | 7.5 HIGH | N/A |
x_news.php in X-News (x_news) 1.1 and earlier allows remote attackers to gain administrative privileges by stealing and replaying the md5_password cookie. | |||||
CVE-2003-0127 | 1 Linux | 1 Linux Kernel | 2024-02-28 | 7.2 HIGH | N/A |
The kernel module loader in Linux kernel 2.2.x before 2.2.25, and 2.4.x before 2.4.21, allows local users to gain root privileges by using ptrace to attach to a child process that is spawned by the kernel. | |||||
CVE-2002-2376 | 1 Leung | 1 E-guest | 2024-02-28 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in E-Guest_sign.pl in E-Guest 1.1 allows remote attackers to inject arbitrary SSI directives, web script, and HTML via the (1) full name, (2) email, (3) homepage, and (4) location parameters. NOTE: this issue might overlap CVE-2005-1605. | |||||
CVE-2000-0711 | 2 Microsoft, Netscape | 2 Virtual Machine, Communicator | 2024-02-28 | 7.5 HIGH | N/A |
Netscape Communicator does not properly prevent a ServerSocket object from being created by untrusted entities, which allows remote attackers to create a server on the victim's system via a malicious applet, as demonstrated by Brown Orifice. | |||||
CVE-2004-2012 | 3 Netbsd, Niels, Vladimir Kotal | 3 Netbsd, Provos Systrace, Systrace Port For Freebsd | 2024-02-28 | 7.2 HIGH | N/A |
The systrace_exit function in the systrace utility for NetBSD-current and 2.0 before April 16, 2004, and certain FreeBSD ports, does not verify the owner of the /dec/systrace connection before setting euid to 0, which allows local users to gain root privileges. | |||||
CVE-2004-1445 | 1 Nessus | 1 Nessus | 2024-02-28 | 3.7 LOW | N/A |
A race condition in nessus-adduser in Nessus 2.0.11 and possibly earlier versions, if the TMPDIR environment variable is not set, allows local users to gain privileges. | |||||
CVE-2001-1309 | 1 Ibm | 1 Secureway Directory | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflows in IBM SecureWay 3.2.1 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite. |