Vulnerabilities (CVE)

Total 245391 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2002-1885 1 Powerphlogger 1 Powerphlogger 2023-12-10 7.5 HIGH N/A
PHP remote file inclusion vulnerability in showhits.php3 for PowerPhlogger (PPhlogger) 2.0.9 through 2.2.2 allows remote attackers to execute arbitrary PHP code via the rel_path parameter.
CVE-1999-1385 1 Freebsd 1 Freebsd 2023-12-10 7.2 HIGH N/A
Buffer overflow in ppp program in FreeBSD 2.1 and earlier allows local users to gain privileges via a long HOME environment variable.
CVE-2000-0730 1 Hp 1 Hp-ux 2023-12-10 4.6 MEDIUM N/A
Vulnerability in newgrp command in HP-UX 11.0 allows local users to gain privileges.
CVE-2000-0503 1 Microsoft 1 Internet Explorer 2023-12-10 2.6 LOW N/A
The IFRAME of the WebBrowser control in Internet Explorer 5.01 allows a remote attacker to violate the cross frame security policy via the NavigateComplete2 event.
CVE-2003-0270 1 Apple 1 802.11n 2023-12-10 7.6 HIGH N/A
The administration capability for Apple AirPort 802.11 wireless access point devices uses weak encryption (XOR with a fixed key) for protecting authentication credentials, which could allow remote attackers to obtain administrative access via sniffing when the capability is available via Ethernet or non-WEP connections.
CVE-2001-0706 1 Maxum Development Corporation 1 Rumpus Ftp Server 2023-12-10 2.1 LOW N/A
Maximum Rumpus FTP Server 2.0.3 dev and before allows an attacker to cause a denial of service (crash) via a mkdir command that specifies a large number of sub-folders.
CVE-2002-0081 1 Php 1 Php 2023-12-10 7.5 HIGH N/A
Buffer overflows in (1) php_mime_split in PHP 4.1.0, 4.1.1, and 4.0.6 and earlier, and (2) php3_mime_split in PHP 3.0.x allows remote attackers to execute arbitrary code via a multipart/form-data HTTP POST request when file_uploads is enabled.
CVE-2001-0052 1 Ibm 1 Db2 Universal Database 2023-12-10 2.1 LOW N/A
IBM DB2 Universal Database version 6.1 allows users to cause a denial of service via a malformed query.
CVE-1999-1021 1 Sun 1 Sunos 2023-12-10 7.2 HIGH N/A
NFS on SunOS 4.1 through 4.1.2 ignores the high order 16 bits in a 32 bit UID, which allows a local user to gain root access if the lower 16 bits are set to 0, as fixed by the NFS jumbo patch upgrade.
CVE-2004-2104 1 Novell 1 Netware 2023-12-10 5.0 MEDIUM N/A
Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attackers to obtain sensitive server information, including the internal IP address, via a direct request to (1) snoop.jsp, (2) SnoopServlet, (3) env.bas, or (4) lcgitest.nlm.
CVE-2000-0844 13 Caldera, Conectiva, Debian and 10 more 16 Openlinux, Openlinux Ebuilder, Openlinux Eserver and 13 more 2023-12-10 10.0 HIGH N/A
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.
CVE-2001-0592 1 Watchguard 1 Firebox Ii 2023-12-10 5.0 MEDIUM N/A
Watchguard Firebox II prior to 4.6 allows a remote attacker to create a denial of service in the kernel via a large stream (>10,000) of malformed ICMP or TCP packets.
CVE-2004-0088 1 Apple 1 Mac Os X 2023-12-10 2.1 LOW N/A
The System Configuration subsystem in Mac OS 10.2.8 allows local users to modify network settings, a different vulnerability than CVE-2004-0087.
CVE-2000-0921 1 Hassan Consulting 1 Shopping Cart 2023-12-10 5.0 MEDIUM N/A
Directory traversal vulnerability in Hassan Consulting shop.cgi shopping cart program allows remote attackers to read arbitrary files via a .. (dot dot) attack on the page parameter.
CVE-2001-1151 1 Trend Micro 2 Officescan, Virus Buster 2023-12-10 5.0 MEDIUM N/A
Trend Micro OfficeScan Corporate Edition (aka Virus Buster) 3.53 allows remote attackers to access sensitive information from the hotdownload directory without authentication, such as the ofcscan.ini configuration file, which contains a weakly encrypted password.
CVE-2003-0160 1 Squirrelmail 1 Squirrelmail 2023-12-10 5.8 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail before 1.2.11 allow remote attackers to inject arbitrary HTML code and steal information from a client's web browser.
CVE-2004-0034 1 Phorum 1 Phorum 2023-12-10 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in Phorum 3.4.5 and earlier allow remote attackers to inject arbitrary HTML or web script via (1) the phorum_check_xss function in common.php, (2) the EditError variable in profile.php, and (3) the Error variable in login.php.
CVE-1999-1286 1 Sgi 1 Irix 2023-12-10 7.2 HIGH N/A
addnetpr in SGI IRIX 6.2 and earlier allows local users to modify arbitrary files and possibly gain root access via a symlink attack on a temporary file.
CVE-2001-1240 1 Engardelinux 1 Secure Linux 2023-12-10 10.0 HIGH N/A
The default configuration of sudo in Engarde Secure Linux 1.0.1 allows any user in the admin group to run certain commands that could be leveraged to gain full root access.
CVE-1999-0568 1 Sun 1 Solaris 2023-12-10 10.0 HIGH N/A
rpc.admind in Solaris is not running in a secure mode.