Total
248586 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-1999-0488 | 1 Microsoft | 1 Internet Explorer | 2023-12-10 | 7.5 HIGH | N/A |
Internet Explorer 4.0 and 5.0 allows a remote attacker to execute security scripts in a different security context using malicious URLs, a variant of the "cross frame" vulnerability. | |||||
CVE-2004-1453 | 1 Gnu | 1 Glibc | 2023-12-10 | 2.1 LOW | N/A |
GNU glibc 2.3.4 before 2.3.4.20040619, 2.3.3 before 2.3.3.20040420, and 2.3.2 before 2.3.2-r10 does not restrict the use of LD_DEBUG for a setuid program, which allows local users to gain sensitive information, such as the list of symbols used by the program. | |||||
CVE-1999-1279 | 1 Microsoft | 1 Sna Server | 2023-12-10 | 5.0 MEDIUM | N/A |
An interaction between the AS/400 shared folders feature and Microsoft SNA Server 3.0 and earlier allows users to view each other's folders when the users share the same Local APPC LU. | |||||
CVE-2003-0329 | 1 Aclogic | 1 Cesarftp | 2023-12-10 | 4.6 MEDIUM | N/A |
CesarFTP 0.99g stores user names and passwords in plaintext in the settings.ini file, which could allow local users to gain privileges. | |||||
CVE-1999-0237 | 1 Webcom | 1 Cgi Guestbook | 2023-12-10 | 7.5 HIGH | N/A |
Remote execution of arbitrary commands through Guestbook CGI program. | |||||
CVE-2002-0432 | 1 Citadel | 1 Ux | 2023-12-10 | 10.0 HIGH | N/A |
Buffer overflow in (1) lprintf and (2) cprintf in sysdep.c of Citadel/UX 5.90 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via attacks such as a long HELO command to the SMTP server. | |||||
CVE-2000-0755 | 1 Hp | 1 Openview Network Node Manager | 2023-12-10 | 4.6 MEDIUM | N/A |
Vulnerability in the newgrp command in HP-UX 11.00 allows local users to gain privileges. | |||||
CVE-2001-1130 | 1 Suse | 1 Suse Linux | 2023-12-10 | 7.5 HIGH | N/A |
Sdbsearch.cgi in SuSE Linux 6.0-7.2 could allow remote attackers to execute arbitrary commands by uploading a keylist.txt file that contains filenames with shell metacharacters, then causing the file to be searched using a .. in the HTTP referer (from the HTTP_REFERER variable) to point to the directory that contains the keylist.txt file. | |||||
CVE-2003-0080 | 1 Gnome | 1 Gnome-lokkit | 2023-12-10 | 7.5 HIGH | N/A |
The iptables ruleset in Gnome-lokkit in Red Hat Linux 8.0 does not include any rules in the FORWARD chain, which could allow attackers to bypass intended access restrictions if packet forwarding is enabled. | |||||
CVE-2000-0385 | 1 Filemaker | 1 Filemaker | 2023-12-10 | 5.0 MEDIUM | N/A |
FileMaker Pro 5 Web Companion allows remote attackers to bypass Field-Level database security restrictions via the XML publishing or email capabilities. | |||||
CVE-2004-1908 | 1 Mcafee | 1 Freescan | 2023-12-10 | 5.0 MEDIUM | N/A |
McFreeScan.CoMcFreeScan.1 ActiveX object in Mcafee FreeScan allows remote attackers to obtain sensitive information via the GetSpecialFolderLocation function with certain parameters. | |||||
CVE-2001-0916 | 1 Berkeley | 1 Pmake | 2023-12-10 | 7.2 HIGH | N/A |
Buffer overflow in Berkeley parallel make (pmake) 2.1.33 and earlier allows a local user to gain root privileges via a long check argument of a shell definition. | |||||
CVE-2001-1215 | 1 Michael Baumer | 1 Pfinger | 2023-12-10 | 7.5 HIGH | N/A |
Format string vulnerability in PFinger 0.7.5 through 0.7.7 allows remote attackers to execute arbitrary code via format string specifiers in a .plan file. | |||||
CVE-2002-1427 | 1 Easy Scripts Archive | 2 Advanced Easy Homepage Creator, Easy Homepage Creator | 2023-12-10 | 7.5 HIGH | N/A |
The print_html_to_file function in edit.cgi for Easy Homepage Creator 1.0 does not check user credentials, which allows remote attackers to modify home pages of other users. | |||||
CVE-2004-1661 | 1 Sitecubed | 1 Mailworks Professional | 2023-12-10 | 7.5 HIGH | N/A |
MailWorks Professional allows remote attackers to bypass authentication and gain privileges via a cookie that contains "auth=1" and "uId=1." | |||||
CVE-2002-2401 | 1 Microsoft | 3 Windows 2000, Windows Nt, Windows Xp | 2023-12-10 | 3.6 LOW | N/A |
NT Virtual DOS Machine (NTVDM.EXE) in Windows 2000, NT and XP does not verify user execution permissions for 16-bit executable files, which allows local users to bypass the loader and execute arbitrary programs. | |||||
CVE-2002-0231 | 1 Khaled Mardam-bey | 1 Mirc | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in mIRC 5.91 and earlier allows a remote server to execute arbitrary code on the client via a long nickname. | |||||
CVE-2004-0418 | 5 Cvs, Gentoo, Openbsd and 2 more | 5 Cvs, Linux, Openbsd and 2 more | 2023-12-10 | 10.0 HIGH | N/A |
serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle empty data lines, which may allow remote attackers to perform an "out-of-bounds" write for a single byte to execute arbitrary code or modify critical program data. | |||||
CVE-2001-0002 | 1 Microsoft | 2 Internet Explorer, Windows Script Host | 2023-12-10 | 7.5 HIGH | N/A |
Internet Explorer 5.5 and earlier allows remote attackers to obtain the physical location of cached content and open the content in the Local Computer Zone, then use compiled HTML help (.chm) files to execute arbitrary programs. | |||||
CVE-2003-1439 | 1 Silc | 1 Secure Internet Live Conferencing | 2023-12-10 | 4.3 MEDIUM | N/A |
Secure Internet Live Conferencing (SILC) 0.9.11 and 0.9.12 stores passwords and sessions in plaintext in memory, which could allow local users to obtain sensitive information. |