Vulnerabilities (CVE)

Total 267711 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2000-0963 4 Freebsd, Gnu, Immunix and 1 more 4 Freebsd, Ncurses, Immunix and 1 more 2024-02-28 7.2 HIGH N/A
Buffer overflow in ncurses library allows local users to execute arbitrary commands via long environmental information such as TERM or TERMINFO_DIRS.
CVE-2003-1553 1 Sips 1 Sips 2024-02-28 4.3 MEDIUM N/A
Haakon Nilsen Simple Internet Publishing System (SIPS) 0.2.2 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain password and other user information via a direct request to a user-specific configuration directory.
CVE-2002-0276 1 Ettercap 1 Ettercap 2024-02-28 7.5 HIGH N/A
Buffer overflow in various decoders in Ettercap 0.6.3.1 and earlier, when running on networks with an MTU greater than 2000, allows remote attackers to execute arbitrary code via large packets.
CVE-2002-0268 1 Identix 1 Biologon 2024-02-28 7.2 HIGH N/A
Identix BioLogon 3 allows users with physical access to the system to gain administrative privileges by using CTRL-ALT-DEL and running a "Browse" function, which runs Explorer with SYSTEM privileges.
CVE-1999-0353 1 Hp 1 Hp-ux 2024-02-28 9.3 HIGH N/A
rpc.pcnfsd in HP gives remote root access by changing the permissions on the main printer spool directory.
CVE-2001-1265 1 Ibm 1 Alphaworks Tftp Server 2024-02-28 7.5 HIGH N/A
Directory traversal vulnerability in IBM alphaWorks Java TFTP server 1.21 allows remote attackers to conduct unauthorized operations on arbitrary files via a .. (dot dot) attack.
CVE-2003-0614 1 Gallery Project 1 Gallery 2024-02-28 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in search.php of Gallery 1.1 through 1.3.4 allows remote attackers to insert arbitrary web script via the searchstring parameter.
CVE-2002-1444 2 Google, Microsoft 2 Toolbar, Internet Explorer 2024-02-28 2.6 LOW N/A
The Google toolbar 1.1.60, when running on Internet Explorer 5.5 and 6.0, allows remote attackers to cause a denial of service (crash with an exception in oleaut32.dll) via malicious HTML, possibly related to small width and height parameters or an incorrect call to the Google.Search() function.
CVE-2002-1742 1 Paul Kulchenko 1 Soap Lite 2024-02-28 5.0 MEDIUM N/A
SOAP::Lite 0.50 through 0.52 allows remote attackers to load arbitrary Perl functions by suppling a non-existent function in a script using a SOAP::Lite module, which causes the AUTOLOAD subroutine to trigger.
CVE-2001-0487 1 Ibm 1 Aix Snmp 2024-02-28 5.0 MEDIUM N/A
AIX SNMP server snmpd allows remote attackers to cause a denial of service via a RST during the TCP connection.
CVE-2023-6837 1 Wso2 3 Api Manager, Identity Server, Identity Server As Key Manager 2024-01-05 N/A 8.2 HIGH
Multiple WSO2 products have been identified as vulnerable to perform user impersonatoin using JIT provisioning. In order for this vulnerability to have any impact on your deployment, following conditions must be met: * An IDP configured for federated authentication and JIT provisioning enabled with the "Prompt for username, password and consent" option. * A service provider that uses the above IDP for federated authentication and has the "Assert identity using mapped local subject identifier" flag enabled. Attacker should have: * A fresh valid user account in the federated IDP that has not been used earlier. * Knowledge of the username of a valid user in the local IDP. When all preconditions are met, a malicious actor could use JIT provisioning flow to perform user impersonation.