Total
247171 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-1659 | 1 Iatek | 1 Portalapp | 2023-12-10 | 10.0 HIGH | N/A |
user_profile.asp in PortalApp 2.2 allows local users to gain privileges by modifying the user_id variable. | |||||
CVE-2001-1146 | 1 Lee Herron | 1 Allcommerce | 2023-12-10 | 1.2 LOW | N/A |
AllCommerce with debugging enabled in EnGarde Secure Linux 1.0.1 creates temporary files with predictable names, which allows local users to modify files via a symlink attack. | |||||
CVE-2000-0397 | 1 Seattle Lab Software | 1 Emurl | 2023-12-10 | 5.0 MEDIUM | N/A |
The EMURL web-based email account software encodes predictable identifiers in user session URLs, which allows a remote attacker to access a user's email account. | |||||
CVE-2002-1048 | 1 Hp | 1 Jetdirect | 2023-12-10 | 7.5 HIGH | N/A |
HP JetDirect printers allow remote attackers to obtain the administrative password for the (1) web and (2) telnet services via an SNMP request to the variable (.iso.3.6.1.4.1.11.2.3.9.4.2.1.3.9.1.1.0. | |||||
CVE-2000-0873 | 1 Ibm | 1 Aix | 2023-12-10 | 2.1 LOW | N/A |
netstat in AIX 4.x.x does not properly restrict access to the -Zi option, which allows local users to clear network interface statistics and possibly hide evidence of unusual network activities. | |||||
CVE-2004-2129 | 1 Loom Software | 2 Surfnow Professional, Surfnow Standard | 2023-12-10 | 5.0 MEDIUM | N/A |
SurfNOW 2.2 allows remote attackers to cause a denial of service (crash) via a series of long HTTP GET requests, possibly triggering a buffer overflow. | |||||
CVE-2000-0268 | 1 Cisco | 12 3660 Router, 7100 Router, 7200 Router and 9 more | 2023-12-10 | 5.0 MEDIUM | N/A |
Cisco IOS 11.x and 12.x allows remote attackers to cause a denial of service by sending the ENVIRON option to the Telnet daemon before it is ready to accept it, which causes the system to reboot. | |||||
CVE-2000-0392 | 3 Cygnus, Mit, Redhat | 5 Cygnus Network Security, Kerbnet, Kerberos and 2 more | 2023-12-10 | 7.2 HIGH | N/A |
Buffer overflow in ksu in Kerberos 5 allows local users to gain root privileges. | |||||
CVE-2002-1120 | 1 Savant | 1 Savant Web Server | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in Savant Web Server 3.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request. | |||||
CVE-2000-0490 | 1 Netwin | 1 Dmail | 2023-12-10 | 10.0 HIGH | N/A |
Buffer overflow in the NetWin DSMTP 2.7q in the NetWin dmail package allows remote attackers to execute arbitrary commands via a long ETRN request. | |||||
CVE-2002-1393 | 1 Kde | 1 Kde | 2023-12-10 | 7.5 HIGH | N/A |
Multiple vulnerabilities in KDE 2 and KDE 3.x through 3.0.5 do not quote certain parameters that are inserted into a shell command, which could allow remote attackers to execute arbitrary commands via (1) URLs, (2) filenames, or (3) e-mail addresses. | |||||
CVE-2002-1378 | 1 Openldap | 1 Openldap | 2023-12-10 | 7.5 HIGH | N/A |
Multiple buffer overflows in OpenLDAP2 (OpenLDAP 2) 2.2.0 and earlier allow remote attackers to execute arbitrary code via (1) long -t or -r parameters to slurpd, (2) a malicious ldapfilter.conf file that is not properly handled by getfilter functions, (3) a malicious ldaptemplates.conf that causes an overflow in libldap, (4) a certain access control list that causes an overflow in slapd, or (5) a long generated filename for logging rejected replication requests. | |||||
CVE-2004-0150 | 1 Python | 1 Python | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in the getaddrinfo function in Python 2.2 before 2.2.2, when IPv6 support is disabled, allows remote attackers to execute arbitrary code via an IPv6 address that is obtained using DNS. | |||||
CVE-2000-0506 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 10.0 HIGH | N/A |
The "capabilities" feature in Linux before 2.2.16 allows local users to cause a denial of service or gain privileges by setting the capabilities to prevent a setuid program from dropping privileges, aka the "Linux kernel setuid/setcap vulnerability." | |||||
CVE-2003-1450 | 1 Bitchx | 1 Bitchx | 2023-12-10 | 5.0 MEDIUM | N/A |
BitchX 75p3 and 1.0c16 through 1.0c20cvs allows remote attackers to cause a denial of service (segmentation fault) via a malformed RPL_NAMREPLY numeric 353 message. | |||||
CVE-2002-2007 | 1 Apache | 1 Tomcat | 2023-12-10 | 5.0 MEDIUM | N/A |
The default installations of Apache Tomcat 3.2.3 and 3.2.4 allows remote attackers to obtain sensitive system information such as directory listings and web root path, via erroneous HTTP requests for Java Server Pages (JSP) in the (1) test/jsp, (2) samples/jsp and (3) examples/jsp directories, or the (4) test/realPath.jsp servlet, which leaks pathnames in error messages. | |||||
CVE-2004-0067 | 1 Phpgedview | 1 Phpgedview | 2023-12-10 | 4.3 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in phpGedView before 2.65 allow remote attackers to inject arbitrary HTML or web script via (1) descendancy.php, (2) index.php, (3) individual.php, (4) login.php, (5) relationship.php, (6) source.php, (7) imageview.php, (8) calendar.php, (9) gedrecord.php, (10) login.php, and (11) gdbi_interface.php. NOTE: some aspects of vector 10 were later reported to affect 4.1. | |||||
CVE-2001-0182 | 1 Checkpoint | 1 Firewall-1 | 2023-12-10 | 5.0 MEDIUM | N/A |
FireWall-1 4.1 with a limited-IP license allows remote attackers to cause a denial of service by sending a large number of spoofed IP packets with various source addresses to the inside interface, which floods the console with warning messages and consumes CPU resources. | |||||
CVE-2000-0047 | 1 Yahoo | 1 Pager | 2023-12-10 | 5.0 MEDIUM | N/A |
Buffer overflow in Yahoo Pager/Messenger client allows remote attackers to cause a denial of service via a long URL within a message. | |||||
CVE-2004-1710 | 1 Andrew Kilpatrick | 1 Page Cgi | 2023-12-10 | 7.5 HIGH | N/A |
page.cgi allows remote attackers to execute arbitrary commands via shell metacharacters in the url parameter. |