Total
91783 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2001-0588 | 1 Sco | 1 Openserver | 2023-12-10 | 4.6 MEDIUM | N/A |
sendmail 8.9.3, as included with the MMDF 2.43.3b package in SCO OpenServer 5.0.6, can allow a local attacker to gain additional privileges via a buffer overflow in the first argument to the command. | |||||
CVE-2001-1301 | 2 Gnu, Xemacs | 2 Emacs, Xemacs | 2023-12-10 | 1.2 LOW | N/A |
rcs2log, as used in Emacs 20.4, xemacs 21.1.10 and other versions before 21.4, and possibly other packages, allows local users to modify files of other users via a symlink attack on a temporary file. | |||||
CVE-2003-0936 | 1 Symantec | 1 Pcanywhere | 2023-12-10 | 7.2 HIGH | N/A |
Symantec PCAnywhere 10.x and 11, when started as a service, allows attackers to gain SYSTEM privileges via the help interface using AWHOST32.exe. | |||||
CVE-2003-1191 | 1 E107 | 1 E107 | 2023-12-10 | 5.0 MEDIUM | N/A |
chatbox.php in e107 0.554 and 0.603 allows remote attackers to cause a denial of service (pages fail to load) via HTML in the Name field, which prevents the main.php form from being loaded. | |||||
CVE-1999-1232 | 1 Sgi | 1 Irix | 2023-12-10 | 7.2 HIGH | N/A |
Untrusted search path vulnerability in day5datacopier in SGI IRIX 6.2 allows local users to execute arbitrary commands via a modified PATH environment variable that points to a malicious cp program. | |||||
CVE-1999-0424 | 1 Netscape | 1 Communicator | 2023-12-10 | 2.1 LOW | N/A |
talkback in Netscape 4.5 allows a local user to overwrite arbitrary files of another user whose Netscape crashes. | |||||
CVE-2003-1098 | 1 Hp | 1 Hp-ux | 2023-12-10 | 7.2 HIGH | N/A |
The Xserver for HP-UX 11.22 was not properly built, which introduced a vulnerability that allows local users to gain privileges. | |||||
CVE-2000-0737 | 1 Microsoft | 1 Windows 2000 | 2023-12-10 | 4.6 MEDIUM | N/A |
The Service Control Manager (SCM) in Windows 2000 creates predictable named pipes, which allows a local user with console access to gain administrator privileges, aka the "Service Control Manager Named Pipe Impersonation" vulnerability. | |||||
CVE-2003-1281 | 1 Eekim | 1 Cgihtml | 2023-12-10 | 2.1 LOW | N/A |
cgihtml 1.69 allows local users to overwrite arbitrary files via a symlink attack on certain temporary files. | |||||
CVE-2000-0112 | 1 Debian | 1 Debian Linux | 2023-12-10 | 7.2 HIGH | N/A |
The default installation of Debian GNU/Linux uses an insecure Master Boot Record (MBR) which allows a local user to boot from a floppy disk during the installation. | |||||
CVE-2002-2289 | 1 Working Resources Inc. | 1 Badblue | 2023-12-10 | 5.0 MEDIUM | N/A |
soinfo.php in BadBlue 1.7.1 calls the phpinfo function, which allows remote attackers to gain sensitive information including ODBC passwords. | |||||
CVE-1999-0588 | 2023-12-10 | 7.5 HIGH | N/A | ||
A filter in a router or firewall allows unusual fragmented packets. | |||||
CVE-2003-0962 | 4 Andrew Tridgell, Engardelinux, Redhat and 1 more | 5 Rsync, Secure Community, Secure Linux and 2 more | 2023-12-10 | 7.5 HIGH | N/A |
Heap-based buffer overflow in rsync before 2.5.7, when running in server mode, allows remote attackers to execute arbitrary code and possibly escape the chroot jail. | |||||
CVE-2001-0309 | 1 Redhat | 1 Linux | 2023-12-10 | 5.0 MEDIUM | N/A |
inetd in Red Hat 6.2 does not properly close sockets for internal services such as chargen, daytime, echo, etc., which allows remote attackers to cause a denial of service via a series of connections to the internal services. | |||||
CVE-2002-0903 | 1 Woltlab | 1 Burning Board | 2023-12-10 | 7.5 HIGH | N/A |
register.php for WoltLab Burning Board (wbboard) 1.1.1 uses a small number of random values for the "code" parameter that is provided to action.php to approve a new registration, along with predictable new user ID's, which allows remote attackers to hijack new user accounts via a brute force attack on the new user ID and the code value. | |||||
CVE-2001-1242 | 1 Steve Grimm | 1 Un-cgi | 2023-12-10 | 7.5 HIGH | N/A |
Directory traversal vulnerability in Un-CGI 1.9 and earlier allows remote attackers to execute arbitrary code via a .. (dot dot) in an HTML form. | |||||
CVE-2004-1923 | 1 Tiki | 1 Tikiwiki Cms\/groupware | 2023-12-10 | 5.0 MEDIUM | N/A |
Tiki CMS/Groupware (TikiWiki) 1.8.1 and earlier allows remote attackers to gain sensitive information via a direct request to (1) banner_click.php, (2) categorize.php, (3) tiki-admin_include_directory.php, (4) tiki-directory_search.php, which reveal the web server path in an error message. | |||||
CVE-2004-0577 | 1 Qbik | 1 Wingate | 2023-12-10 | 5.0 MEDIUM | N/A |
WinGate 5.2.3 build 901 and 6.0 beta 2 build 942, and other versions such as 5.0.5, allows remote attackers to read arbitrary files from the root directory via a URL request to the wingate-internal directory. | |||||
CVE-2004-1742 | 1 Web-app.org | 1 Webapp | 2023-12-10 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in WebAPP 0.9.9 allows remote attackers to view arbitrary files via a .. (dot dot) in the viewcat parameter. | |||||
CVE-2004-2202 | 1 Duware | 1 Duclassified | 2023-12-10 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in DUware DUclassified 4.0 through 4.2 allows remote attackers to bypass authentication and execute other commands on the server's underlying database via the (1) cat_id or (2) sub_id parameters in adDetail.asp, or (2) the password parameter in the login form. |