Total
5245 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-0728 | 1 Microsoft | 1 Windows Nt | 2023-12-10 | 7.8 HIGH | N/A |
| A Windows NT user can disable the keyboard or mouse by directly calling the IOCTLs which control them. | |||||
| CVE-2003-1346 | 1 D-link | 1 Dwl-900ap\+ | 2023-12-10 | 10.0 HIGH | N/A |
| D-Link wireless access point DWL-900AP+ 2.2, 2.3 and possibly 2.5 allows remote attackers to set factory default settings by upgrading the firmware using AirPlus Access Point Manager. | |||||
| CVE-2000-0219 | 1 Redhat | 1 Linux | 2023-12-10 | 7.2 HIGH | N/A |
| Red Hat 6.0 allows local users to gain root access by booting single user and hitting ^C at the password prompt. | |||||
| CVE-2002-2361 | 1 Yahoo | 1 Messenger | 2023-12-10 | 5.8 MEDIUM | N/A |
| The installer in Yahoo! Messenger 4.0, 5.0 and 5.5 does not verify package signatures which could allow remote attackers to install trojan programs via DNS spoofing. | |||||
| CVE-2001-0771 | 1 Spytech-web | 1 Spyanywhere | 2023-12-10 | 7.5 HIGH | N/A |
| Spytech SpyAnywhere 1.50 allows remote attackers to gain administrator access via a single character in the "loginpass" field. | |||||
| CVE-2001-1371 | 1 Oracle | 1 Application Server | 2023-12-10 | 7.5 HIGH | N/A |
| The default configuration of Oracle Application Server 9iAS 1.0.2.2 enables SOAP and allows anonymous users to deploy applications by default via urn:soap-service-manager and urn:soap-provider-manager. | |||||
| CVE-2003-1358 | 1 Hp | 1 Hp-ux | 2023-12-10 | 7.2 HIGH | N/A |
| rs.F300 for HP-UX 10.0 through 11.22 uses the PATH environment variable to find and execute programs such as rm while operating at raised privileges, which allows local users to gain privileges by modifying the path to point to a malicious rm program. | |||||
| CVE-2002-2334 | 1 Joseph Allen | 1 Joe | 2023-12-10 | 3.6 LOW | N/A |
| Joe text editor 2.8 through 2.9.7 does not remove the group and user setuid bits for backup files, which could allow local users to execute arbitrary setuid and setgid root programs when root edits scripts owned by other users. | |||||
| CVE-2002-2360 | 1 Webmin | 1 Webmin | 2023-12-10 | 9.3 HIGH | N/A |
| The RPC module in Webmin 0.21 through 0.99, when installed without root or admin privileges, allows remote attackers to read and write to arbitrary files and execute arbitrary commands via remote_foreign_require and remote_foreign_call requests. | |||||
| CVE-2003-1386 | 1 Axis | 2 2400 Video Server, 2401 Video Server | 2023-12-10 | 6.4 MEDIUM | N/A |
| AXIS 2400 Video Server 2.00 through 2.33 allows remote attackers to obtain sensitive information via an HTTP request to /support/messages, which displays the server's /var/log/messages file. | |||||
| CVE-2002-2242 | 1 Kismac | 1 Kismac | 2023-12-10 | 6.4 MEDIUM | N/A |
| The Apple Package Manager in KisMAC 0.02a and earlier modifies file permissions of sensitive files after installation, which could allow attackers to conduct unauthorized activities on those files. | |||||
| CVE-2002-2344 | 1 Ensim | 1 Webppliance | 2023-12-10 | 5.0 MEDIUM | N/A |
| Ensim WEBppliance 3.0 and 3.1 allows remote attackers to read mail intended for other users by defining an alias that is the target's email address. | |||||
| CVE-2002-1978 | 1 Darren Reed | 1 Ipfilter | 2023-12-10 | 7.5 HIGH | N/A |
| IPFilter 3.1.1 through 3.4.28 allows remote attackers to bypass firewall rules by sending a PASV command string as the argument of another command to an FTP server, which generates a response that contains the string, causing IPFilter to treat the response as if it were a legitimate PASV command from the server. | |||||
| CVE-2002-2327 | 1 Sun | 2 Sun Fire, Sunos | 2023-12-10 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in the environmental monitoring subsystem in Solaris 8 running on Sun Fire 280R, V480 and V880 allows local users to cause a denial of service by setting volatile properties. | |||||
| CVE-2003-1541 | 1 Planetmoon | 1 Guestbook | 2023-12-10 | 5.0 MEDIUM | N/A |
| PlanetMoon Guestbook tr3.a stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain the admin script password, and other passwords, via a direct request to files/passwd.txt. | |||||
| CVE-2001-1009 | 1 Fetchmail | 1 Fetchmail | 2023-12-10 | 10.0 HIGH | N/A |
| Fetchmail (aka fetchmail-ssl) before 5.8.17 allows a remote malicious (1) IMAP server or (2) POP/POP3 server to overwrite arbitrary memory and possibly gain privileges via a negative index number as part of a response to a LIST request. | |||||
| CVE-2003-0857 | 1 Redhat | 1 Enterprise Linux | 2023-12-10 | 4.6 MEDIUM | N/A |
| The (1) ipq_read and (2) ipulog_read functions in iptables allow local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface. | |||||
| CVE-2002-2356 | 1 Hamweather | 1 Hamweather | 2023-12-10 | 6.4 MEDIUM | N/A |
| HAMweather 2.x allows remote attackers to modify administrative settings and obtain sensitive information via a direct request to hwadmin.cgi. | |||||
| CVE-2002-2320 | 1 Mysimplenews | 1 Mysimplenews | 2023-12-10 | 7.8 HIGH | N/A |
| MySimpleNews 1.0 allows remote attackers to delete arbitrary email messages via a direct request to vider.php3. | |||||
| CVE-2004-0041 | 1 Mod Auth Shadow | 1 Mod Auth Shadow | 2023-12-10 | 7.5 HIGH | N/A |
| The mod_auth_shadow module 1.4 and earlier does not properly enforce the expiration of a user account and password, which could allow remote authenticated users to bypass intended access restrictions. | |||||