Vulnerabilities (CVE)

Total 250651 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2002-0806 1 Mozilla 1 Bugzilla 2023-12-10 2.1 LOW N/A
Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, allows authenticated users with editing privileges to delete other users by directly calling the editusers.cgi script with the "del" option.
CVE-2001-0110 1 Iomega 1 Jazip 2023-12-10 7.2 HIGH N/A
Buffer overflow in jaZip Zip/Jaz drive manager allows local users to gain root privileges via a long DISPLAY environmental variable.
CVE-2003-0895 1 Apple 1 Mac Os X 2023-12-10 4.6 MEDIUM N/A
Buffer overflow in the Mac OS X kernel 10.2.8 and earlier allows local users, and possibly remote attackers, to cause a denial of service (crash), access portions of memory, and possibly execute arbitrary code via a long command line argument (argv[]).
CVE-1999-1459 1 Bmc 1 Patrol Agent 2023-12-10 7.2 HIGH N/A
BMC PATROL Agent before 3.2.07 allows local users to gain root privileges via a symlink attack on a temporary file.
CVE-2004-0318 1 Platform 1 Lsf 2023-12-10 10.0 HIGH N/A
Load Sharing Facility (LSF) 4.x, 5.x, and 6.x uses the LSF_EAUTH_UID environment variable, if it exists, instead of the real UID of the user, which could allow remote attackers within the local cluster to gain privileges.
CVE-2001-0272 1 1 2023-12-10 5.0 MEDIUM N/A
Directory traversal vulnerability in in Anaya Web development server allows remote attackers to read arbitrary files via a .. (dot dot) attack in the templ parameter.
CVE-2001-0743 1 Oreilly 1 Webboard 2023-12-10 5.0 MEDIUM N/A
Paging function in O'Reilly WebBoard Pager 4.10 allows remote attackers to cause a denial of service via a message with an escaped ' character followed by JavaScript commands.
CVE-2002-2054 1 Teekai 1 Teekai Forum 2023-12-10 7.5 HIGH N/A
TeeKai Forum 1.2 allows remote attackers to authenticate as the administrator and and gain privileged web forum access by setting the valid_level cookie to admin.
CVE-2001-1484 1 Alcatel 2 Adsl Modem 1000, Speed Touch Adsl Modem 2023-12-10 7.5 HIGH N/A
Alcatel ADSL modems allow remote attackers to access the Trivial File Transfer Protocol (TFTP) to modify firmware and configuration via a bounce attack from a system on the local area network (LAN) side, which is allowed to access TFTP without authentication.
CVE-2001-1434 1 Cisco 1 Ios 2023-12-10 5.0 MEDIUM N/A
Cisco IOS 12.0(5)XU through 12.1(2) allows remote attackers to read system administration and topology information via an "snmp-server host" command, which creates a readable "community" community string if one has not been previously created.
CVE-1999-1210 1 Digital 1 Unix 2023-12-10 7.2 HIGH N/A
xterm in Digital UNIX 4.0B *with* patch kit 5 allows local users to overwrite arbitrary files via a symlink attack on a core dump file, which is created when xterm is called with a DISPLAY environmental variable set to a display that xterm cannot access.
CVE-2001-0509 1 Microsoft 4 Exchange Server, Sql Server, Windows 2000 and 1 more 2023-12-10 5.0 MEDIUM N/A
Vulnerabilities in RPC servers in (1) Microsoft Exchange Server 2000 and earlier, (2) Microsoft SQL Server 2000 and earlier, (3) Windows NT 4.0, and (4) Windows 2000 allow remote attackers to cause a denial of service via malformed inputs.
CVE-2003-1001 1 Cisco 9 Catalyst 6500, Catalyst 6500 Ws-svc-nam-1, Catalyst 6500 Ws-svc-nam-2 and 6 more 2023-12-10 5.0 MEDIUM N/A
Buffer overflow in the Cisco Firewall Services Module (FWSM) in Cisco Catalyst 6500 and 7600 series devices allows remote attackers to cause a denial of service (crash and reload) via HTTP auth requests for (1) TACACS+ or (2) RADIUS authentication.
CVE-2004-1799 1 Openbsd 1 Openbsd 2023-12-10 7.5 HIGH N/A
PF in certain OpenBSD versions, when stateful filtering is enabled, does not limit packets for a session to the original interface, which allows remote attackers to bypass intended packet filters via spoofed packets to other interfaces.
CVE-1999-0969 1 Microsoft 1 Windows Nt 2023-12-10 5.0 MEDIUM N/A
The Windows NT RPC service allows remote attackers to conduct a denial of service using spoofed malformed RPC packets which generate an error message that is sent to the spoofed host, potentially setting up a loop, aka Snork.
CVE-2003-0099 1 Apc 1 Apcupsd 2023-12-10 7.2 HIGH N/A
Multiple buffer overflows in apcupsd before 3.8.6, and 3.10.x before 3.10.5, may allow attackers to cause a denial of service or execute arbitrary code, related to usage of the vsprintf function.
CVE-1999-0959 1 Sgi 1 Irix 2023-12-10 7.2 HIGH N/A
IRIX startmidi program allows local users to modify arbitrary files via a symlink attack.
CVE-2004-1687 1 Snitz Communications 1 Snitz Forums 2000 2023-12-10 5.0 MEDIUM N/A
CRLF injection vulnerability in down.asp for Snitz Forums 2000 3.4.04 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the location parameter.
CVE-2003-0769 1 Mirabilis 1 Icq 2023-12-10 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in the ICQ Web Front guestbook (guestbook.html) allows remote attackers to insert arbitrary web script and HTML via the message field.
CVE-2002-1192 2 Netbsd, Rogue 2 Netbsd, Rogue 2023-12-10 4.6 MEDIUM N/A
Multiple buffer overflows in rogue on NetBSD 1.6 and earlier, FreeBSD 4.6, and possibly other operating systems, allows local users to gain "games" group privileges via malformed entries in a game save file.