Total
250131 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-1999-1168 | 1 Iss | 1 Internet Security Scanner | 2023-12-10 | 7.2 HIGH | N/A |
install.iss installation script for Internet Security Scanner (ISS) for Linux, version 5.3, allows local users to change the permissions of arbitrary files via a symlink attack on a temporary file. | |||||
CVE-2004-1465 | 1 Winzip | 1 Winzip | 2023-12-10 | 3.7 LOW | N/A |
Multiple buffer overflows in WinZip 9.0 and earlier may allow attackers to execute arbitrary code via multiple vectors, including the command line. | |||||
CVE-2001-0721 | 1 Microsoft | 4 Windows 98, Windows 98se, Windows Me and 1 more | 2023-12-10 | 5.0 MEDIUM | N/A |
Universal Plug and Play (UPnP) in Windows 98, 98SE, ME, and XP allows remote attackers to cause a denial of service (memory consumption or crash) via a malformed UPnP request. | |||||
CVE-2002-0306 | 1 Avengers News System | 1 Avengers News System | 2023-12-10 | 7.5 HIGH | N/A |
ans.pl in Avenger's News System (ANS) 2.11 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the p (plugin) parameter. | |||||
CVE-2002-0011 | 1 Mozilla | 1 Bugzilla | 2023-12-10 | 5.0 MEDIUM | N/A |
Information leak in doeditvotes.cgi in Bugzilla before 2.14.1 may allow remote attackers to more easily conduct attacks on the login. | |||||
CVE-1999-0708 | 1 Infodrom | 1 Cfingerd | 2023-12-10 | 7.2 HIGH | N/A |
Buffer overflow in cfingerd allows local users to gain root privileges via a long GECOS field. | |||||
CVE-2002-1135 | 1 Phpwebsite | 1 Phpwebsite | 2023-12-10 | 7.5 HIGH | N/A |
modsecurity.php 1.10 and earlier, in phpWebSite 0.8.2 and earlier, allows remote attackers to execute arbitrary PHP source code via an inc_prefix parameter that points to the malicious code. | |||||
CVE-2004-1657 | 1 Newtelligence | 1 Dasblog | 2023-12-10 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in the Activity and Events Viewer for Newtelligence DasBlog allows remote attackers to inject arbitrary web script or HTML via the (1) User Agent or (2) Referrer HTTP headers. | |||||
CVE-1999-1437 | 1 Ralf S. Engelschall | 1 Eperl | 2023-12-10 | 7.5 HIGH | N/A |
ePerl 2.2.12 allows remote attackers to read arbitrary files and possibly execute certain commands by specifying a full pathname of the target file as an argument to bar.phtml. | |||||
CVE-2001-1213 | 1 Datawizard | 1 Ftpxq | 2023-12-10 | 6.4 MEDIUM | N/A |
The default configuration of DataWizard FtpXQ 2.0 and 2.1 includes a default username and password, which allows remote attackers to read and write arbitrary files in the root folder. | |||||
CVE-1999-1017 | 1 Seattle Lab Software | 1 Emurl | 2023-12-10 | 7.5 HIGH | N/A |
Seattle Labs Emurl 2.0, and possibly earlier versions, stores e-mail attachments in a specific directory with scripting enabled, which allows a malicious ASP file attachment to execute when the recipient opens the message. | |||||
CVE-2001-0925 | 2 Apache, Debian | 2 Http Server, Debian Linux | 2023-12-10 | 5.0 MEDIUM | N/A |
The default installation of Apache before 1.3.19 allows remote attackers to list directories instead of the multiview index.html file via an HTTP request for a path that contains many / (slash) characters, which causes the path to be mishandled by (1) mod_negotiation, (2) mod_dir, or (3) mod_autoindex. | |||||
CVE-2004-1391 | 1 Qnx | 2 Rtos, Rtp | 2023-12-10 | 4.6 MEDIUM | N/A |
Untrusted execution path vulnerability in the PPPoE daemon (PPPoEd) in QNX RTP 6.1 allows local users to execute arbitrary programs by modifying the PATH environment variable to point to a malicious mount program. | |||||
CVE-2004-0544 | 1 Ibm | 1 Aix | 2023-12-10 | 7.2 HIGH | N/A |
Multiple buffer overflows in LVM for AIX 5.1 and 5.2 allow local users to gain privileges via the (1) putlvcb or (2) getlvcb commands. | |||||
CVE-2004-1234 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 2.1 LOW | N/A |
load_elf_binary in Linux before 2.4.26 allows local users to cause a denial of service (system crash) via an ELF binary in which the interpreter is NULL. | |||||
CVE-1999-0279 | 1 Excite | 1 Ews | 2023-12-10 | 7.5 HIGH | N/A |
Excite for Web Servers (EWS) allows remote command execution via shell metacharacters. | |||||
CVE-2002-1615 | 1 Hp | 2 Hp-ux, Tru64 | 2023-12-10 | 7.2 HIGH | N/A |
Multiple buffer overflows in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allow local users to execute arbitrary code via (1) msgchk or (2) .upd..loader. | |||||
CVE-2003-1023 | 1 Midnight Commander | 1 Midnight Commander | 2023-12-10 | 7.5 HIGH | N/A |
Stack-based buffer overflow in vfs_s_resolve_symlink of vfs/direntry.c for Midnight Commander (mc) 4.6.0 and earlier, and possibly later versions, allows remote attackers to execute arbitrary code during symlink conversion. | |||||
CVE-2001-0117 | 4 Immunix, Mandrakesoft, Redhat and 1 more | 5 Immunix, Mandrake Linux, Mandrake Linux Corporate Server and 2 more | 2023-12-10 | 1.2 LOW | N/A |
sdiff 2.7 in the diffutils package allows local users to overwrite files via a symlink attack. | |||||
CVE-2003-0717 | 1 Microsoft | 5 Windows 2000, Windows 2003 Server, Windows Me and 2 more | 2023-12-10 | 7.5 HIGH | N/A |
The Messenger Service for Windows NT through Server 2003 does not properly verify the length of the message, which allows remote attackers to execute arbitrary code via a buffer overflow attack. |