Vulnerabilities (CVE)

Total 268496 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-1999-0309 1 Hp 1 Hp-ux 2024-02-28 7.2 HIGH N/A
HP-UX vgdisplay program gives root access to local users.
CVE-2001-0400 1 Matt Tourtillott 1 Nph-maillist 2024-02-28 7.5 HIGH N/A
nph-maillist.pl allows remote attackers to execute arbitrary commands via shell metacharacters ("`") in the email address.
CVE-2002-0215 1 Steve Kneizys 1 Agora.cgi 2024-02-28 5.0 MEDIUM N/A
Agora.cgi 3.2r through 4.0 while in debug mode allows remote attackers to determine the full pathname of the agora.cgi file by requesting a non-existent .html file, which leaks the pathname in an error message.
CVE-2000-1135 1 Debian 1 Debian Linux 2024-02-28 4.6 MEDIUM N/A
fshd (fsh daemon) in Debian GNU/Linux allows local users to overwrite files of other users via a symlink attack.
CVE-2002-0353 1 Ethereal Group 1 Ethereal 2024-02-28 5.0 MEDIUM N/A
The ASN.1 parser in Ethereal 0.9.2 and earlier allows remote attackers to cause a denial of service (crash) via a certain malformed packet, which causes Ethereal to allocate memory incorrectly, possibly due to zero-length fields.
CVE-1999-1440 1 Mirabilis 1 Icq 98a 2024-02-28 5.1 MEDIUM N/A
Win32 ICQ 98a 1.30, and possibly other versions, does not display the entire portion of long filenames, which could allow attackers to send an executable file with a long name that contains so many spaces that the .exe extension is not displayed, which could make the user believe that the file is safe to open from the client.
CVE-1999-1574 1 Ibm 1 Aix 2024-02-28 7.5 HIGH N/A
Buffer overflow in the lex routines of nslookup for AIX 4.3 may allow attackers to cause a core dump and possibly execute arbitrary code via "long input strings."
CVE-1999-1014 1 Sun 2 Solaris, Sunos 2024-02-28 4.6 MEDIUM N/A
Buffer overflow in mail command in Solaris 2.7 and 2.7 allows local users to gain privileges via a long -m argument.
CVE-2003-0304 1 Oneorzero 1 Oneorzero Helpdesk 2024-02-28 10.0 HIGH N/A
one||zero (aka One or Zero) Helpdesk 1.4 rc4 allows remote attackers to create administrator accounts by directly calling the install.php Helpdesk Installation script.
CVE-1999-0195 2 Linux, Sgi 2 Linux Kernel, Irix 2024-02-28 5.0 MEDIUM N/A
Denial of service in RPC portmapper allows attackers to register or unregister RPC services or spoof RPC services using a spoofed source IP address such as 127.0.0.1.
CVE-2004-0190 1 Symantec 3 Firewall Vpn Appliance 100, Firewall Vpn Appliance 200, Firewall Vpn Appliance 200r 2024-02-28 7.5 HIGH N/A
Symantec FireWall/VPN Appliance model 200 records a cleartext password for the password administration page, which may be cached on the administrator's local system or in a proxy, which allows attackers to steal the password and gain privileges.
CVE-2004-2180 1 Wowbb 1 Wowbb Web Forum 2024-02-28 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in WowBB Forum 1.61 allow remote attackers to inject arbitrary web script or HTML via the (1) country parameter to view_user.php, (2) show parameter to view_forum.php, (3) letter parameter to view_user.php, (4) highlight parameter to view_topic.php, (5) show parameter to index.php, (6) q parameter to search.php, (7) Referer header to admin.php, or the (8) user_email parameter to login.php.
CVE-2000-1163 1 Aladdin Enterprises 1 Ghostscript 2024-02-28 4.6 MEDIUM N/A
ghostscript before 5.10-16 uses an empty LD_RUN_PATH environmental variable to find libraries in the current directory, which could allow local users to execute commands as other users by placing a Trojan horse library into a directory from which another user executes ghostscript.
CVE-2002-2185 6 Debian, Mandrakesoft, Microsoft and 3 more 11 Debian Linux, Mandrake Linux, Windows 98 and 8 more 2024-02-28 4.9 MEDIUM N/A
The Internet Group Management Protocol (IGMP) allows local users to cause a denial of service via an IGMP membership report to a target's Ethernet address instead of the Multicast group address, which causes the target to stop sending reports to the router and effectively disconnect the group from the network.
CVE-2002-1782 1 University Of Washington 1 Uw-imap 2024-02-28 2.1 LOW N/A
The default configuration of University of Washington IMAP daemon (wu-imapd), when running on a system that does not allow shell access, allows a local user with a valid IMAP account to read arbitrary files as that user.
CVE-1999-0212 1 Sun 1 Sunos 2024-02-28 7.8 HIGH N/A
Solaris rpc.mountd generates error messages that allow a remote attacker to determine what files are on the server.
CVE-1999-1058 1 Arcane Software 1 Vermillion Ftp Daemon 2024-02-28 7.5 HIGH N/A
Buffer overflow in Vermillion FTP Daemon VFTPD 1.23 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via several long CWD commands.
CVE-1999-1389 1 3com 1 Total Control Netserver Card 2024-02-28 7.5 HIGH N/A
US Robotics/3Com Total Control Chassis with Frame Relay between 3.6.22 and 3.7.24 does not properly enforce access filters when the "set host prompt" setting is made for a port, which allows attackers to bypass restrictions by providing the hostname twice at the "host: " prompt.
CVE-2004-1966 1 Openbb 1 Openbb 2024-02-28 7.5 HIGH N/A
Multiple SQL injection vulnerabilities in Open Bulletin Board (OpenBB) 1.0.6 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) FID parameter in board.php, (2) sortorder, perpage, or id parameters in member.php, (3) forums parameter in search.php, or (4) PID or FID parameters in post.php.
CVE-1999-0961 1 Hp 1 Hp-ux 2024-02-28 6.2 MEDIUM N/A
HPUX sysdiag allows local users to gain root privileges via a symlink attack during log file creation.