Total
90884 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-0077 | 1 Microsoft | 1 Internet Explorer | 2023-12-10 | 7.5 HIGH | N/A |
Microsoft Internet Explorer 5.01, 5.5 and 6.0 treats objects invoked on an HTML page with the codebase property as part of Local Computer zone, which allows remote attackers to invoke executables present on the local system through objects such as the popup object, aka the "Local Executable Invocation via Object tag" vulnerability. | |||||
CVE-2003-1264 | 2 D-link, Longshine Technologie | 2 Di-614\+, Longshine Wireless Ethernet Access Point | 2023-12-10 | 5.0 MEDIUM | N/A |
TFTP server in Longshine Wireless Access Point (WAP) LCS-883R-AC-B, and in D-Link DI-614+ 2.0 which is based on it, allows remote attackers to obtain the WEP secret and gain administrator privileges by downloading the configuration file (config.img) and other files without authentication. | |||||
CVE-1999-1425 | 1 Sun | 1 Solstice Adminsuite | 2023-12-10 | 6.2 MEDIUM | N/A |
Solaris Solstice AdminSuite (AdminSuite) 2.1 incorrectly sets write permissions on source files for NIS maps, which could allow local users to gain privileges by modifying /etc/passwd. | |||||
CVE-2000-0863 | 1 Listmanager | 1 Linux | 2023-12-10 | 7.2 HIGH | N/A |
Buffer overflow in listmanager earlier than 2.105.1 allows local users to gain additional privileges. | |||||
CVE-1999-0463 | 1 L0pht | 1 L0phtcrack | 2023-12-10 | 5.0 MEDIUM | N/A |
Remote attackers can perform a denial of service using IRIX fcagent. | |||||
CVE-2003-1545 | 2 Nukestyles, Phpnuke | 2 Viewpage, Nukestyles Viewpage Module | 2023-12-10 | 5.0 MEDIUM | N/A |
Absolute path traversal vulnerability in nukestyles.com viewpage.php addon for PHP-Nuke allows remote attackers to read arbitrary files via a full pathname in the file parameter. NOTE: This was originally reported as an issue in PHP-Nuke 6.5, but this is an independent addon. | |||||
CVE-2003-1438 | 1 Bea | 1 Weblogic Server | 2023-12-10 | 4.3 MEDIUM | N/A |
Race condition in BEA WebLogic Server and Express 5.1 through 7.0.0.1, when using in-memory session replication or replicated stateful session beans, causes the same buffer to be provided to two users, which could allow one user to see session data that was intended for another user. | |||||
CVE-1999-0744 | 1 Netscape | 2 Enterprise Server, Fasttrack Server | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in Netscape Enterprise Server and FastTrask Server allows remote attackers to gain privileges via a long HTTP GET request. | |||||
CVE-2002-1593 | 1 Apache | 1 Http Server | 2023-12-10 | 5.0 MEDIUM | N/A |
mod_dav in Apache before 2.0.42 does not properly handle versioning hooks, which may allow remote attackers to kill a child process via a null dereference and cause a denial of service (CPU consumption) in a preforked multi-processing module. | |||||
CVE-2003-0362 | 1 Debian | 1 Debian Linux | 2023-12-10 | 5.0 MEDIUM | N/A |
Buffer overflow in gPS before 0.10.2 may allow local users to cause a denial of service (SIGSEGV) in rgpsp via long command lines. | |||||
CVE-2002-0930 | 1 Novell | 1 Netware | 2023-12-10 | 5.0 MEDIUM | N/A |
Format string vulnerability in the FTP server for Novell Netware 6.0 SP1 (NWFTPD) allows remote attackers to cause a denial of service (ABEND) via format strings in the USER command. | |||||
CVE-2004-0304 | 1 Webcortex | 1 Webstores 2000 | 2023-12-10 | 10.0 HIGH | N/A |
SQL injection vulnerability in browse_items.asp in WebCortex WebStores 2000 6.0 allows remote attackers to gain unauthorized access and execute arbitrary commands via the Search_Text parameter. | |||||
CVE-1999-1185 | 1 Sco | 5 Cmw, Internet Faststart, Open Desktop and 2 more | 2023-12-10 | 7.2 HIGH | N/A |
Buffer overflow in SCO mscreen allows local users to gain root privileges via a long terminal entry (TERM) in the .mscreenrc file. | |||||
CVE-2004-1088 | 1 Apple | 4 Darwin Streaming Server, Mac Os X, Mac Os X Server and 1 more | 2023-12-10 | 7.5 HIGH | N/A |
Postfix server for Apple Mac OS X 10.3.6, when using CRAM-MD5, allows remote attackers to send mail without authentication by replaying authentication information. | |||||
CVE-2003-0280 | 1 Youngzsoft | 1 Cmailserver | 2023-12-10 | 10.0 HIGH | N/A |
Multiple buffer overflows in the SMTP Service for ESMTP CMailServer 4.0.2003.03.27 allow remote attackers to execute arbitrary code via long (1) MAIL FROM or (2) RCPT TO commands. | |||||
CVE-2001-1173 | 1 Masqmail | 1 Masqmail | 2023-12-10 | 7.2 HIGH | N/A |
Vulnerability in MasqMail before 0.1.15 allows local users to gain privileges via piped aliases. | |||||
CVE-2002-1469 | 1 Scponly | 1 Scponly | 2023-12-10 | 7.5 HIGH | N/A |
scponly does not properly verify the path when finding the (1) scp or (2) sftp-server programs, which could allow remote authenticated users to bypass access controls by uploading malicious programs and modifying the PATH variable in $HOME/.ssh/environment to locate those programs. | |||||
CVE-2001-1348 | 1 Twig Development Team | 1 Twig | 2023-12-10 | 7.5 HIGH | N/A |
TWIG 2.6.2 and earlier allows remote attackers to perform unauthorized database operations via a SQL injection attack on the id parameter. | |||||
CVE-2001-0544 | 1 Microsoft | 1 Internet Information Services | 2023-12-10 | 2.1 LOW | N/A |
IIS 5.0 allows local users to cause a denial of service (hang) via by installing content that produces a certain invalid MIME Content-Type header, which corrupts the File Type table. | |||||
CVE-2004-0047 | 1 Yamamoto Hirotaka | 1 Trr19 | 2023-12-10 | 4.6 MEDIUM | N/A |
Multiple programs in trr19 1.0 do not properly drop privileges before executing a system command, which could allow local users to gain privileges. |