Total
90913 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-0559 | 1 Paul Vixie | 1 Vixie Cron | 2023-12-10 | 7.2 HIGH | N/A |
| crontab in Vixie cron 3.0.1 and earlier does not properly drop privileges after the failed parsing of a modification operation, which could allow a local attacker to gain additional privileges when an editor is called to correct the error. | |||||
| CVE-2000-0646 | 1 Texas Imperial Software | 1 Wftpd | 2023-12-10 | 5.0 MEDIUM | N/A |
| WFTPD and WFTPD Pro 2.41 allows remote attackers to obtain the real pathname for a file by executing a STATUS (STAT) command while the file is being transferred. | |||||
| CVE-2001-0268 | 2 Netbsd, Openbsd | 2 Netbsd, Openbsd | 2023-12-10 | 7.2 HIGH | N/A |
| The i386_set_ldt system call in NetBSD 1.5 and earlier, and OpenBSD 2.8 and earlier, when the USER_LDT kernel option is enabled, does not validate a call gate target, which allows local users to gain root privileges by creating a segment call gate in the Local Descriptor Table (LDT) with a target that specifies an arbitrary kernel address. | |||||
| CVE-2002-0630 | 1 Polycom | 8 Viewstation 128, Viewstation 512, Viewstation Dcp and 5 more | 2023-12-10 | 5.0 MEDIUM | N/A |
| The Telnet service for Polycom ViewStation before 7.2.4 allows remote attackers to cause a denial of service (crash) via long or malformed ICMP packets. | |||||
| CVE-2001-0513 | 1 Oracle | 1 Oracle9i | 2023-12-10 | 5.0 MEDIUM | N/A |
| Oracle listener process on Windows NT redirects connection requests to another port and creates a separate thread to process the request, which allows remote attackers to cause a denial of service by repeatedly connecting to the Oracle listener but not connecting to the redirected port. | |||||
| CVE-2002-0836 | 3 Hp, Mandrakesoft, Redhat | 3 Secure Os, Mandrake Linux, Linux | 2023-12-10 | 7.5 HIGH | N/A |
| dvips converter for Postscript files in the tetex package calls the system() function insecurely, which allows remote attackers to execute arbitrary commands via certain print jobs, possibly involving fonts. | |||||
| CVE-2003-1282 | 1 Ibm | 1 Net.data | 2023-12-10 | 5.0 MEDIUM | N/A |
| IBM Net.Data allows remote attackers to obtain sensitive information such as path names, server names and possibly user names and passwords by causing the (1) $(DTW_CURRENT_FILENAME), (2) $(DATABASE), (3) $(LOGIN), (4) $(PASSWORD), and possibly other predefined variables that can be echoed back to the user via a web form. | |||||
| CVE-2004-1962 | 1 Protector System | 1 Protector System | 2023-12-10 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Protector System 1.15b1 allows remote attackers to bypass SQL injection filters by using "/**/" sequences in the targeted fields. | |||||
| CVE-2001-0088 | 1 Jason Hines | 1 Phpweblog | 2023-12-10 | 7.5 HIGH | N/A |
| common.inc.php in phpWebLog 0.4.2 does not properly initialize the $CONF array, which inadvertently sets the password to a single character, allowing remote attackers to easily guess the SiteKey and gain administrative privileges to phpWebLog. | |||||
| CVE-2001-1378 | 1 Fetchmail | 1 Fetchmail | 2023-12-10 | 2.1 LOW | N/A |
| fetchmailconf in fetchmail before 5.7.4 allows local users to overwrite files of other users via a symlink attack on temporary files. | |||||
| CVE-2004-2187 | 1 Mediawiki | 1 Mediawiki | 2023-12-10 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in ImagePage for MediaWiki 1.3.5, related to "filename validation," has unknown impact and attack vectors. | |||||
| CVE-2002-2202 | 1 Microsoft | 1 Outlook Express | 2023-12-10 | 3.8 LOW | N/A |
| Outlook Express 6.0 does not delete messages from dbx files, even when a user empties the Deleted items folder, which allows local users to read other users email. | |||||
| CVE-2001-0553 | 1 Ssh | 1 Secure Shell | 2023-12-10 | 7.2 HIGH | N/A |
| SSH Secure Shell 3.0.0 on Unix systems does not properly perform password authentication to the sshd2 daemon, which allows local users to gain access to accounts with short password fields, such as locked accounts that use "NP" in the password field. | |||||
| CVE-2000-1143 | 1 Recourse Technologies | 1 Mantrap | 2023-12-10 | 2.1 LOW | N/A |
| Recourse ManTrap 1.6 hides the first 4 processes that run on a Solaris system, which allows attackers to determine that they are in a honeypot system. | |||||
| CVE-2000-0106 | 1 Easycart | 1 Easycart | 2023-12-10 | 7.5 HIGH | N/A |
| The EasyCart shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. | |||||
| CVE-2002-1007 | 1 Blackboard | 1 Blackboard | 2023-12-10 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerabilities in Blackboard 5 allow remote attackers to execute arbitrary web script via (1) the course_id parameter in a link to login.pl, (2) the CTID parameter in ProcessInfo.cgi, or (3) the Message parameter in index.cgi. | |||||
| CVE-1999-1516 | 1 Tenfour | 1 Tfs Gateway Smtp | 2023-12-10 | 7.5 HIGH | N/A |
| A buffer overflow in TenFour TFS Gateway SMTP mail server 3.2 allows an attacker to crash the mail server and possibly execute arbitrary code by offering more than 128 bytes in a MAIL FROM string. | |||||
| CVE-2001-0076 | 1 Ikonboard.com | 1 Ikonboard | 2023-12-10 | 10.0 HIGH | N/A |
| register.cgi in Ikonboard 2.1.7b and earlier allows remote attackers to execute arbitrary commands via the SEND_MAIL parameter, which overwrites an internal program variable that references a program to be executed. | |||||
| CVE-2004-0938 | 1 Freeradius | 1 Freeradius | 2023-12-10 | 5.0 MEDIUM | N/A |
| FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of service (server crash) by sending an Ascend-Send-Secret attribute without the required leading packet. | |||||
| CVE-2000-0348 | 1 Sco | 1 Unixware | 2023-12-10 | 10.0 HIGH | N/A |
| A vulnerability in the Sendmail configuration file sendmail.cf as installed in SCO UnixWare 7.1.0 and earlier allows an attacker to gain root privileges. | |||||