Total
28647 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-1999-0042 | 5 Bsdi, Caldera, Ibm and 2 more | 6 Bsd Os, Openlinux, Aix and 3 more | 2023-12-10 | 10.0 HIGH | N/A |
Buffer overflow in University of Washington's implementation of IMAP and POP servers. | |||||
CVE-2004-2105 | 1 Novell | 1 Netware | 2023-12-10 | 5.0 MEDIUM | N/A |
The webacc servlet in Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attackers to read arbitrary .htt files via a full pathname in the error parameter. | |||||
CVE-2002-1881 | 1 Macromedia | 1 Flash Player | 2023-12-10 | 5.0 MEDIUM | N/A |
Macromedia Flash Player 4.0 r12 through 6.0.47.0 allows remote attackers to cause a denial of service (web browser crash) via malformed content in a Flash Shockwave (.SWF) file, as demonstrated by by ROT13 encoding the body of the file but not the headers. | |||||
CVE-2002-1995 | 1 Lebios | 1 Phptonuke.php | 2023-12-10 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in phptonuke.php for PHP-Nuke allows remote attackers to inject arbitrary web script or HTML via the filnavn parameter. | |||||
CVE-2002-0442 | 1 Caldera | 1 Openserver | 2023-12-10 | 7.2 HIGH | N/A |
Buffer overflow in dlvr_audit for Caldera OpenServer 5.0.5 and 5.0.6 allows local users to gain root privileges. | |||||
CVE-2003-0583 | 1 Tolis Group | 1 Bru | 2023-12-10 | 7.2 HIGH | N/A |
Buffer overflow in Backup and Restore Utility for Unix (BRU) 17.0 and earlier, when running setuid, allows local users to execute arbitrary code via a long command line argument. | |||||
CVE-2003-0703 | 1 Kismac | 1 Kismac | 2023-12-10 | 7.2 HIGH | N/A |
KisMAC before 0.05d trusts user-supplied variables to load arbitrary kernels or kernel modules, which allows local users to gain privileges via the $DRIVER_KEXT environment variable as used in (1) viha_driver.sh, (2) macjack_load.sh, or (3) airojack_load.sh, or (4) via "similar techniques" using exchangeKernel.sh. | |||||
CVE-1999-1126 | 1 Cisco | 1 Resource Manager | 2023-12-10 | 2.1 LOW | N/A |
Cisco Resource Manager (CRM) 1.1 and earlier creates certain files with insecure permissions that allow local users to obtain sensitive configuration information including usernames, passwords, and SNMP community strings, from (1) swim_swd.log, (2) swim_debug.log, (3) dbi_debug.log, and (4) temporary files whose names begin with "DPR_". | |||||
CVE-1999-0339 | 1 Sun | 2 Solaris, Sunos | 2023-12-10 | 7.2 HIGH | N/A |
Buffer overflow in the libauth library in Solaris allows local users to gain additional privileges, possibly root access. | |||||
CVE-2003-0436 | 1 Mnogosearch | 1 Mnogosearch | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in search.cgi for mnoGoSearch 3.1.20 allows remote attackers to execute arbitrary code via a long ul parameter. | |||||
CVE-2003-0552 | 1 Redhat | 1 Linux | 2023-12-10 | 5.0 MEDIUM | N/A |
Linux 2.4.x allows remote attackers to spoof the bridge Forwarding table via forged packets whose source addresses are the same as the target. | |||||
CVE-2000-0520 | 1 Stelian | 1 Pop Dump | 2023-12-10 | 7.2 HIGH | N/A |
Buffer overflow in restore program 0.4b17 and earlier in dump package allows local users to execute arbitrary commands via a long tape name. | |||||
CVE-2002-1448 | 1 Avaya | 3 Cajun M770-atm, Cajun P130, Cajun P330 | 2023-12-10 | 7.5 HIGH | N/A |
An undocumented SNMP read/write community string ('NoGaH$@!') in Avaya P330, P130, and M770-ATM Cajun products allows remote attackers to gain administrative privileges. | |||||
CVE-2004-0062 | 1 Fishnet | 1 Fishcart | 2023-12-10 | 7.5 HIGH | N/A |
Integer overflow in the rnd arithmetic rounding function for various versions of FishCart before 3.1 allows remote attackers to "cause negative totals" via an order with a large quantity. | |||||
CVE-2004-0071 | 2023-12-10 | 5.0 MEDIUM | N/A | ||
Directory traversal vulnerability in buildManPage in class.manpagelookup.php for PHP Man Page Lookup 1.2.0 allows remote attackers to read arbitrary files via the command parameter ($cmd variable) to index.php. | |||||
CVE-2004-1493 | 1 Quicksilver | 1 Master Of Orion Iii | 2023-12-10 | 5.0 MEDIUM | N/A |
Master of Orion III 1.2.5 and earlier allows remote attackers to cause a denial of service (server crash) via multiple connections with long nicknames, possibly triggering a buffer overflow. | |||||
CVE-2003-0267 | 1 Bvrp Software | 1 Slwebmail | 2023-12-10 | 5.0 MEDIUM | N/A |
ShowGodLog.dll in SLWebMail 3 on Windows systems allows remote attackers to read arbitrary files by directly calling ShowGodLog.dll with an argument specifying the full path of the target file. | |||||
CVE-2002-1789 | 1 Newsx | 1 Newsx | 2023-12-10 | 7.2 HIGH | N/A |
Format string vulnerability in newsx NNTP client before 1.4.8 allows local users to execute arbitrary code via format string specifiers that are not properly handled in a call to the syslog function. | |||||
CVE-2003-0336 | 1 Qualcomm | 1 Eudora | 2023-12-10 | 5.0 MEDIUM | N/A |
Qualcomm Eudora 5.2.1 allows remote attackers to read arbitrary files via an email message with a carriage return (CR) character in a spoofed "Attachment Converted:" string, which is not properly handled by Eudora. | |||||
CVE-2004-2246 | 1 Goollery | 1 Goollery | 2023-12-10 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in Goollery before 0.04b allows remote attackers to inject arbitrary HTML or web script via the conversation_id parameter to viewpic.php. |