Total
248902 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2003-0700 | 1 Redhat | 1 Kernel | 2023-12-10 | 7.5 HIGH | N/A |
The C-Media PCI sound driver in Linux before 2.4.22 does not use the get_user function to access userspace in certain conditions, which crosses security boundaries and may facilitate the exploitation of vulnerabilities, a different vulnerability than CVE-2003-0699. | |||||
CVE-2002-2125 | 1 Microsoft | 2 Ie, Internet Explorer | 2023-12-10 | 6.4 MEDIUM | N/A |
Internet Explorer 6.0 does not warn users when an expired certificate authority (CA) certificate is submitted to the user and a newer CA certificate is in the user's local repository, which could allow remote attackers to decrypt web sessions via a man-in-the-middle (MITM) attack. | |||||
CVE-2002-0037 | 1 Ibm | 1 Lotus Domino Server | 2023-12-10 | 7.5 HIGH | N/A |
Lotus Domino Servers 5.x, 4.6x, and 4.5x allows attackers to bypass the intended Reader and Author access list for a document's object via a Notes API call (NSFDbReadObject) that directly accesses the object. | |||||
CVE-1999-0775 | 1 Cisco | 1 Ios | 2023-12-10 | 10.0 HIGH | N/A |
Cisco Gigabit Switch routers running IOS allow remote attackers to forward unauthorized packets due to improper handling of the "established" keyword in an access list. | |||||
CVE-1999-0295 | 1 Sun | 2 Solaris, Sunos | 2023-12-10 | 7.2 HIGH | N/A |
Solaris sysdef command allows local users to read kernel memory, potentially leading to root privileges. | |||||
CVE-2004-0524 | 1 Thiago Melo De Paula | 1 Change Passwd | 2023-12-10 | 10.0 HIGH | N/A |
Buffer overflow in the chpasswd command in the Change_passwd plugin before 4.0, as used in SquirrelMail, allows local users to gain root privileges via a long user name. | |||||
CVE-2000-0872 | 1 Nathan Purciful | 1 Phpphotoalbum | 2023-12-10 | 5.0 MEDIUM | N/A |
explorer.php in PhotoAlbum 0.9.9 allows remote attackers to read arbitrary files via a .. (dot dot) attack. | |||||
CVE-2004-1366 | 1 Oracle | 9 Application Server, Collaboration Suite, E-business Suite and 6 more | 2023-12-10 | 4.6 MEDIUM | N/A |
Oracle 10g Database Server stores the password for the SYSMAN account in cleartext in the world-readable emoms.properties file, which could allow local users to gain DBA privileges. | |||||
CVE-2000-0357 | 1 Redhat | 1 Linux | 2023-12-10 | 7.5 HIGH | N/A |
ORBit and esound in Red Hat Linux 6.1 do not use sufficiently random numbers, which allows local users to guess the authentication keys. | |||||
CVE-2004-0561 | 1 University Of Minnesota | 1 Gopherd | 2023-12-10 | 7.5 HIGH | N/A |
Format string vulnerability in the log routine for gopher daemon (gopherd) 3.0.3 allows remote attackers to cause a denial of service and possibly execute arbitrary code. | |||||
CVE-2002-0540 | 1 Nortel | 1 Cvx 1800 Multi-service Access Switch | 2023-12-10 | 7.5 HIGH | N/A |
Nortel CVX 1800 is installed with a default "public" community string, which allows remote attackers to read usernames and passwords and modify the CVX configuration. | |||||
CVE-2002-0266 | 1 Thunderstone Software | 1 Texis | 2023-12-10 | 5.0 MEDIUM | N/A |
Thunderstone Texis CGI script allows remote attackers to obtain the full path of the web root via a request for a nonexistent file, which generates an error message that includes the full pathname. | |||||
CVE-2002-1365 | 1 Fetchmail | 1 Fetchmail | 2023-12-10 | 7.5 HIGH | N/A |
Heap-based buffer overflow in Fetchmail 6.1.3 and earlier does not account for the "@" character when determining buffer lengths for local addresses, which allows remote attackers to execute arbitrary code via a header with a large number of local addresses. | |||||
CVE-2004-0265 | 1 Francisco Burzi | 1 Php-nuke | 2023-12-10 | 6.8 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in modules.php for Php-Nuke 6.x-7.1.0 allows remote attackers to execute arbitrary script as other users via URL-encoded (1) title or (2) fname parameters in the News or Reviews modules. | |||||
CVE-2002-1962 | 1 Finjan Software | 1 Surfingate | 2023-12-10 | 7.5 HIGH | N/A |
Finjan Software SurfinGate 6.0 and 6.0 1 allows remote attackers to bypass URL access restrictions via a URL with an IP address instead of a hostname. | |||||
CVE-1999-1195 | 1 Network Associates | 1 Virusscan | 2023-12-10 | 5.1 MEDIUM | N/A |
NAI VirusScan NT 4.0.2 does not properly modify the scan.dat virus definition file during an update via FTP, but it reports that the update was successful, which could cause a system administrator to believe that the definitions have been updated correctly. | |||||
CVE-2003-1351 | 1 Greg Billock | 1 Edittag | 2023-12-10 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in edittag.cgi in EditTag 1.1 allows remote attackers to read arbitrary files via a "%2F.." (encoded slash dot dot) in the file parameter. | |||||
CVE-2004-1978 | 1 Moodle | 1 Moodle | 2023-12-10 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in help.php in Moodle before 1.3 allows remote attackers to inject arbitrary HTML and web script via the text parameter. | |||||
CVE-2002-1648 | 1 Squirrelmail | 1 Squirrelmail | 2023-12-10 | 7.5 HIGH | N/A |
Cross-site request forgery (CSRF) vulnerability in compose.php in SquirrelMail before 1.2.3 allows remote attackers to send email as other users via an IMG URL with modified send_to and subject parameters. | |||||
CVE-2004-0513 | 1 Apple | 1 Mac Os X | 2023-12-10 | 10.0 HIGH | N/A |
Unspecified vulnerability in Mac OS X before 10.3.4 has unknown impact and attack vectors related to "logging when tracing system calls." |