Total
90717 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-0822 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2023-12-10 | 7.2 HIGH | N/A |
| Buffer overflow in The Core Foundation framework (CoreFoundation.framework) in Mac OS X 10.2.8, 10.3.4, and 10.3.5 allows local users to execute arbitrary code via a certain environment variable. | |||||
| CVE-2004-0490 | 1 Cpanel | 1 Cpanel | 2023-12-10 | 7.2 HIGH | N/A |
| cPanel, when compiling Apache 1.3.29 and PHP with the mod_phpsuexec option, does not set the --enable-discard-path option, which causes php to use the SCRIPT_FILENAME variable to find and execute a script instead of the PATH_TRANSLATED variable, which allows local users to execute arbitrary PHP code as other users via a URL that references the attacker's script after the user's script, which executes the attacker's script with the user's privileges, a different vulnerability than CVE-2004-0529. | |||||
| CVE-2000-0993 | 3 Freebsd, Netbsd, Openbsd | 3 Freebsd, Netbsd, Openbsd | 2023-12-10 | 7.2 HIGH | N/A |
| Format string vulnerability in pw_error function in BSD libutil library allows local users to gain root privileges via a malformed password in commands such as chpass or passwd. | |||||
| CVE-2000-0204 | 1 Trend Micro | 1 Officescan | 2023-12-10 | 5.0 MEDIUM | N/A |
| The Trend Micro OfficeScan client allows remote attackers to cause a denial of service by making 5 connections to port 12345, which raises CPU utilization to 100%. | |||||
| CVE-2002-2123 | 1 Gallery Project | 1 Gallery | 2023-12-10 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in publish_xp_docs.php for Gallery 1.3.2 allows remote attackers to inject arbitrary PHP code by specifying a URL to an init.php file in the GALLERY_BASEDIR parameter. | |||||
| CVE-2001-0794 | 1 A-ftp | 1 Anonymous Ftp Server | 2023-12-10 | 5.0 MEDIUM | N/A |
| Buffer overflow in A-FTP Anonymous FTP Server allows remote attackers to cause a denial of service via a long USER command. | |||||
| CVE-2000-0537 | 1 Tolis Group | 1 Bru | 2023-12-10 | 7.2 HIGH | N/A |
| BRU backup software allows local users to append data to arbitrary files by specifying an alternate configuration file with the BRUEXECLOG environmental variable. | |||||
| CVE-2002-0652 | 1 Sgi | 1 Irix | 2023-12-10 | 7.5 HIGH | N/A |
| xfsmd for IRIX 6.5 through 6.5.16 allows remote attackers to execute arbitrary code via shell metacharacters that are not properly filtered from several calls to the popen() function, such as export_fs(). | |||||
| CVE-2003-1060 | 1 Sun | 2 Solaris, Sunos | 2023-12-10 | 5.0 MEDIUM | N/A |
| The NFS Server for Solaris 7, 8, and 9 allows remote attackers to cause a denial of service (UFS panic) via certain invalid UFS requests, which triggers a null dereference. | |||||
| CVE-2003-0363 | 1 Licq | 1 Licq | 2023-12-10 | 7.5 HIGH | N/A |
| Format string vulnerability in LICQ 1.2.6, 1.0.3 and possibly other versions allows remote attackers to perform unknown actions via format string specifiers. | |||||
| CVE-2002-1673 | 1 Webmin | 1 Webmin | 2023-12-10 | 3.6 LOW | N/A |
| The web interface for Webmin 0.92 does not properly quote or filter script code in files that are displayed to the interface, which allows local users to execute script and possibly steal cookies by inserting the script into certain files or fields, such as a real user name entry in the passwd file. | |||||
| CVE-2002-0147 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2023-12-10 | 7.5 HIGH | N/A |
| Buffer overflow in the ASP data transfer mechanism in Internet Information Server (IIS) 4.0, 5.0, and 5.1 allows remote attackers to cause a denial of service or execute code, aka "Microsoft-discovered variant of Chunked Encoding buffer overrun." | |||||
| CVE-2002-1868 | 1 Daniel Stenberg | 1 Dispair | 2023-12-10 | 10.0 HIGH | N/A |
| Dispair 0.1 and 0.2 allows remote attackers to execute arbitrary shell commands via certain form fields. | |||||
| CVE-2002-2420 | 1 Independent Solution | 2 Simple Site Searcher, Super Site Searcher | 2023-12-10 | 7.5 HIGH | N/A |
| site_searcher.cgi in Super Site Searcher allows remote attackers to execute arbitrary commands via shell metacharacters in the page parameter. | |||||
| CVE-2002-0233 | 1 Eshare Communications Inc. | 1 Eshare Expressions | 2023-12-10 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in eshare Expressions 4 Web server allows remote attackers to read arbitrary files via a .. (dot dot) in an HTTP request. | |||||
| CVE-2001-1448 | 1 Magic | 1 Edeveloper | 2023-12-10 | 4.6 MEDIUM | N/A |
| Magic eDeveloper Enterprise Edition 8.30-5 and earlier allows local users to overwrite arbitrary files and possibly execute code via a symlink attack on temporary files created by the (1) mkuserproc, (2) mgrnt, and (3) mgdatasrvr.sc scripts. | |||||
| CVE-2004-0255 | 1 Xlight Ftp Server | 1 Xlight Ftp Server | 2023-12-10 | 5.0 MEDIUM | N/A |
| Xlight 1.52, with log to screen enabled, allows remote attackers to cause a denial of service by requesting a long directory consisting of . (dot) and / (slash) characters, which causes the server to crash when the administrator views the log file, possibly triggering a buffer overflow. | |||||
| CVE-2001-1327 | 1 Berkeley Softworks | 1 Pmake | 2023-12-10 | 4.6 MEDIUM | N/A |
| pmake before 2.1.35 in Turbolinux 6.05 and earlier is installed with setuid root privileges, which could allow local users to gain privileges by exploiting vulnerabilities in pmake or programs that are used by pmake. | |||||
| CVE-2001-0905 | 1 Procmail | 1 Procmail | 2023-12-10 | 6.2 MEDIUM | N/A |
| Race condition in signal handling of procmail 3.20 and earlier, when running setuid, allows local users to cause a denial of service or gain root privileges by sending a signal while a signal handling routine is already running. | |||||
| CVE-2003-1374 | 1 Hp | 1 Hp-ux | 2023-12-10 | 4.6 MEDIUM | N/A |
| Buffer overflow in disable of HP-UX 11.0 may allow local users to execute arbitrary code via a long argument to the (1) -r or (2)-c options. | |||||