Total
268501 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-1794 | 1 Vcard4j | 1 Vcard4j | 2024-02-28 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in the VCard4J Toolkit allows remote attackers to inject arbitrary web script or HTML via the NICKNAME tag in a vCard. | |||||
CVE-2003-1356 | 1 Hp | 1 Hp-ux | 2024-02-28 | 7.2 HIGH | N/A |
The "file handling" in sort in HP-UX 10.01 through 10.20, and 11.00 through 11.11 is "incorrect," which allows attackers to gain access or cause a denial of service via unknown vectors. | |||||
CVE-2002-0429 | 1 Linux | 1 Linux Kernel | 2024-02-28 | 3.6 LOW | N/A |
The iBCS routines in arch/i386/kernel/traps.c for Linux kernels 2.4.18 and earlier on x86 systems allow local users to kill arbitrary processes via a a binary compatibility interface (lcall). | |||||
CVE-2001-0195 | 1 Debian | 1 Debian Linux | 2024-02-28 | 2.1 LOW | 7.8 HIGH |
sash before 3.4-4 in Debian GNU/Linux does not properly clone /etc/shadow, which makes it world-readable and could allow local users to gain privileges via password cracking. | |||||
CVE-2002-2042 | 1 Qnx | 1 Rtos | 2024-02-28 | 7.2 HIGH | N/A |
ptrace in the QNX realtime operating system (RTOS) 4.25 and 6.1.0 allows programs to attach to privileged processes, which could allow local users to execute arbitrary code by modifying running processes. | |||||
CVE-2002-1368 | 2 Apple, Easy Software Products | 2 Mac Os X, Cups | 2024-02-28 | 7.5 HIGH | N/A |
Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by causing negative arguments to be fed into memcpy() calls via HTTP requests with (1) a negative Content-Length value or (2) a negative length in a chunked transfer encoding. | |||||
CVE-1999-0112 | 2 Cde, Ibm | 2 Cde, Aix | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in AIX dtterm program for the CDE. | |||||
CVE-2002-2301 | 1 Lawson Software | 1 Lawson Financials | 2024-02-28 | 3.3 LOW | N/A |
Lawson Financials 8.0, when configured to use a third party relational database, stores usernames and passwords in a world-readable file, which allows local users to read the passwords and log onto the database. | |||||
CVE-2002-0373 | 1 Microsoft | 1 Windows Media Player | 2024-02-28 | 7.2 HIGH | N/A |
The Windows Media Device Manager (WMDM) Service in Microsoft Windows Media Player 7.1 on Windows 2000 systems allows local users to obtain LocalSystem rights via a program that calls the WMDM service to connect to an invalid local storage device, aka "Privilege Elevation through Windows Media Device Manager Service". | |||||
CVE-1999-1458 | 1 Digital | 1 Unix | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in at program in Digital UNIX 4.0 allows local users to gain root privileges via a long command line argument. | |||||
CVE-2003-1348 | 1 Ftls | 1 Guestbook | 2024-02-28 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in guestbook.cgi in ftls.org Guestbook 1.1 allows remote attackers to inject arbitrary web script or HTML via the (1) comment, (2) name, or (3) title field. | |||||
CVE-2002-1248 | 1 Northern Solutions | 1 Xeneo Web Server | 2024-02-28 | 5.0 MEDIUM | N/A |
Northern Solutions Xeneo Web Server 2.1.0.0, 2.0.759.6, and other versions before 2.1.5 allows remote attackers to cause a denial of service (crash) via a GET request for a "%" URI. | |||||
CVE-2002-1234 | 2024-02-28 | N/A | N/A | ||
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2002-0180. Reason: This candidate is a an out-of-band assignment duplicate of CVE-2002-0180. Notes: All CVE users should reference CVE-2002-0180 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage | |||||
CVE-1999-0517 | 2 Hp, Sun | 2 Hp-ux, Sunos | 2024-02-28 | 7.5 HIGH | N/A |
An SNMP community name is the default (e.g. public), null, or missing. | |||||
CVE-2002-1512 | 1 Tolis Group | 1 Bru | 2024-02-28 | 6.2 MEDIUM | N/A |
xbru in BRU Workstation 17.0 allows local users to overwrite arbitrary files and gain root privileges via a symlink attack on the xbru_dscheck.dd temporary file. | |||||
CVE-2001-0914 | 2 Linux, Suse | 2 Linux Kernel, Suse Linux | 2024-02-28 | 2.1 LOW | N/A |
Linux kernel before 2.4.11pre3 in multiple Linux distributions allows local users to cause a denial of service (crash) by starting the core vmlinux kernel, possibly related to poor error checking during ELF loading. | |||||
CVE-2001-0652 | 1 Sun | 1 Sunos | 2024-02-28 | 7.2 HIGH | N/A |
Heap overflow in xlock in Solaris 2.6 through 8 allows local users to gain root privileges via a long (1) XFILESEARCHPATH or (2) XUSERFILESEARCHPATH environmental variable. | |||||
CVE-2003-0435 | 1 Typespeed | 1 Typespeed | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in net_swapscore for typespeed 0.4.1 and earlier allows remote attackers to execute arbitrary code. | |||||
CVE-2003-0090 | 2024-02-28 | N/A | N/A | ||
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2000-0844. Reason: This candidate is a duplicate of CVE-2000-0844. Notes: All CVE users should reference CVE-2000-0844 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage | |||||
CVE-2004-0121 | 1 Microsoft | 2 Office, Outlook | 2024-02-28 | 7.5 HIGH | N/A |
Argument injection vulnerability in Microsoft Outlook 2002 does not sufficiently filter parameters of mailto: URLs when using them as arguments when calling OUTLOOK.EXE, which allows remote attackers to use script code in the Local Machine zone and execute arbitrary programs. |