Total
5243 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-2353 | 1 Tftpd32 | 1 Tftpd32 | 2023-12-10 | 6.4 MEDIUM | N/A |
tftpd32 2.50 and 2.50.2 allows remote attackers to read or write arbitrary files via a full pathname in GET and PUT requests. | |||||
CVE-1999-0839 | 1 Microsoft | 1 Ie | 2023-12-10 | 7.2 HIGH | N/A |
Windows NT Task Scheduler installed with Internet Explorer 5 allows a user to gain privileges by modifying the job after it has been scheduled. | |||||
CVE-2002-2394 | 1 Trend Micro | 1 Interscan Viruswall | 2023-12-10 | 5.0 MEDIUM | N/A |
InterScan VirusWall 3.6 for Linux and 3.52 for Windows allows remote attackers to bypass virus protection and possibly execute arbitrary code via HTTP 1.1 chunked transfer encoding. | |||||
CVE-2003-1495 | 1 Hp | 3 Insight Management Suite, Insight Manager, Remote Diagnostics Enabling Agent | 2023-12-10 | 10.0 HIGH | N/A |
Unspecified vulnerability in the non-SSL web agent in various HP Management Agent products allows local users or remote attackers to gain privileges or cause a denial of service via unknown attack vectors. | |||||
CVE-2003-1356 | 1 Hp | 1 Hp-ux | 2023-12-10 | 7.2 HIGH | N/A |
The "file handling" in sort in HP-UX 10.01 through 10.20, and 11.00 through 11.11 is "incorrect," which allows attackers to gain access or cause a denial of service via unknown vectors. | |||||
CVE-2003-1081 | 1 Sun | 2 Solaris, Sunos | 2023-12-10 | 10.0 HIGH | N/A |
Aspppls for Solaris 8 allows local users to overwrite arbitrary files via a symlink attack on the .asppp.fifo temporary file. | |||||
CVE-2002-2270 | 1 Hp | 1 Hp-ux | 2023-12-10 | 3.6 LOW | N/A |
Unspecified vulnerability in the ied command in HP-UX 10.10, 10.20, and 11.0 allows local users to view "normally invisible data" via unknown attack vectors. | |||||
CVE-1999-0899 | 1 Microsoft | 1 Windows Nt | 2023-12-10 | 7.2 HIGH | N/A |
The Windows NT 4.0 print spooler allows a local user to execute arbitrary commands due to inappropriate permissions that allow the user to specify an alternate print provider. | |||||
CVE-2003-0230 | 1 Microsoft | 2 Data Engine, Sql Server | 2023-12-10 | 7.2 HIGH | N/A |
Microsoft SQL Server 7, 2000, and MSDE allows local users to gain privileges by hijacking a named pipe during the authentication of another user, aka the "Named Pipe Hijacking" vulnerability. | |||||
CVE-1999-0909 | 1 Microsoft | 4 Terminal Server, Windows 95, Windows 98se and 1 more | 2023-12-10 | 7.5 HIGH | N/A |
Multihomed Windows systems allow a remote attacker to bypass IP source routing restrictions via a malformed packet with IP options, aka the "Spoofed Route Pointer" vulnerability. | |||||
CVE-2003-1474 | 1 Freebsd | 1 Slashem-tty | 2023-12-10 | 7.2 HIGH | N/A |
slashem-tty in the FreeBSD Ports Collection is installed with write permissions for the games group, which allows local users with group games privileges to modify slashem-tty and execute arbitrary code as other users, as demonstrated using a separate vulnerability in LTris. | |||||
CVE-2002-2261 | 1 Sendmail | 1 Sendmail | 2023-12-10 | 7.5 HIGH | N/A |
Sendmail 8.9.0 through 8.12.6 allows remote attackers to bypass relaying restrictions enforced by the 'check_relay' function by spoofing a blank DNS hostname. | |||||
CVE-2003-1423 | 4 Linux, Microsoft, Petitforum and 1 more | 4 Linux Kernel, All Windows, Petitforum and 1 more | 2023-12-10 | 5.0 MEDIUM | N/A |
Petitforum stores the liste.txt data file under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as e-mail addresses and encrypted passwords. | |||||
CVE-2004-1767 | 1 Sun | 2 Solaris, Sunos | 2023-12-10 | 7.2 HIGH | N/A |
The kernel in Solaris 2.6, 7, 8, and 9 allows local users to gain privileges by loading arbitrary loadable kernel modules (LKM), possibly involving the modload function. | |||||
CVE-2001-1247 | 1 Php | 1 Php | 2023-12-10 | 6.4 MEDIUM | N/A |
PHP 4.0.4pl1 and 4.0.5 in safe mode allows remote attackers to read and write files owned by the web server UID by uploading a PHP script that uses the error_log function to access the files. | |||||
CVE-2003-0497 | 1 Intersystems | 1 Cache Database | 2023-12-10 | 7.2 HIGH | N/A |
Caché Database 5.x installs /cachesys/bin/cache with world-writable permissions, which allows local users to gain privileges by modifying cache and executing it via cuxs. | |||||
CVE-2002-0012 | 1 Snmp | 1 Snmp | 2023-12-10 | 10.0 HIGH | N/A |
Vulnerabilities in a large number of SNMP implementations allow remote attackers to cause a denial of service or gain privileges via SNMPv1 trap handling, as demonstrated by the PROTOS c06-SNMPv1 test suite. NOTE: It is highly likely that this candidate will be SPLIT into multiple candidates, one or more for each vendor. This and other SNMP-related candidates will be updated when more accurate information is available. | |||||
CVE-2002-2265 | 2 Hp, Open Source Internet Solutions | 2 Tru64, Open Source Internet Solutions | 2023-12-10 | 6.4 MEDIUM | N/A |
Unspecified vulnerability in LDAP Module in System Authentication of Open Source Internet Solutions (OSIS) 5.4 running on Tru64 UNIX 4.0G and 4.0F allows remote attackers to gain access to arbitrary files or gain privileges via unknown attack vectors. | |||||
CVE-1999-0728 | 1 Microsoft | 1 Windows Nt | 2023-12-10 | 7.8 HIGH | N/A |
A Windows NT user can disable the keyboard or mouse by directly calling the IOCTLs which control them. | |||||
CVE-2003-1346 | 1 D-link | 1 Dwl-900ap\+ | 2023-12-10 | 10.0 HIGH | N/A |
D-Link wireless access point DWL-900AP+ 2.2, 2.3 and possibly 2.5 allows remote attackers to set factory default settings by upgrading the firmware using AirPlus Access Point Manager. |