Total
250163 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2001-1553 | 1 University Of California | 1 Seti At Home | 2023-12-10 | 4.6 MEDIUM | N/A |
Buffer overflow in setiathome for SETI@home 3.03, if installed setuid, could allow local users to execute arbitrary code via long command line options (1) socks_server, (2) socks_user, and (3) socks_passwd. NOTE: since the default configuration of setiathome is not setuid, perhaps this issue should not be included in CVE. | |||||
CVE-2004-0564 | 2 Debian, Roaring Penguin | 2 Debian Linux, Pppoe | 2023-12-10 | 2.1 LOW | N/A |
Roaring Penguin pppoe (rp-ppoe), if installed or configured to run setuid root contrary to its design, allows local users to overwrite arbitrary files. NOTE: the developer has publicly disputed the claim that this is a vulnerability because pppoe "is NOT designed to run setuid-root." Therefore this identifier applies *only* to those configurations and installations under which pppoe is run setuid root despite the developer's warnings. | |||||
CVE-2003-1105 | 1 Microsoft | 2 Ie, Internet Explorer | 2023-12-10 | 2.6 LOW | N/A |
Unknown vulnerability in Internet Explorer 5.01 SP3 through 6.0 SP1 allows remote attackers to cause a denial of service (browser or Outlook Express crash) via HTML with certain input tags that are not properly rendered. | |||||
CVE-2002-0499 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 2.1 LOW | N/A |
The d_path function in Linux kernel 2.2.20 and earlier, and 2.4.18 and earlier, truncates long pathnames without generating an error, which could allow local users to force programs to perform inappropriate operations on the wrong directories. | |||||
CVE-2000-1061 | 1 Microsoft | 1 Ie | 2023-12-10 | 5.1 MEDIUM | N/A |
Microsoft Virtual Machine (VM) in Internet Explorer 4.x and 5.x allows an unsigned applet to create and use ActiveX controls, which allows a remote attacker to bypass Internet Explorer's security settings and execute arbitrary commands via a malicious web page or email, aka the "Microsoft VM ActiveX Component" vulnerability. | |||||
CVE-2002-1460 | 1 Leszek Krupinski | 1 L-forum | 2023-12-10 | 5.0 MEDIUM | N/A |
L-Forum 2.40 and earlier does not properly verify whether a file was uploaded or if the associated variables were set by POST (attachment, attachment_name, attachment_size and attachment_type), which allows remote attackers to read arbitrary files. | |||||
CVE-2001-1059 | 1 Vmware | 1 Workstation | 2023-12-10 | 3.6 LOW | N/A |
VMWare creates a temporary file vmware-log.USERNAME with insecure permissions, which allows local users to read or modify license information. | |||||
CVE-1999-0090 | 1 Ibm | 1 Aix | 2023-12-10 | 7.2 HIGH | N/A |
Buffer overflow in AIX rcp command allows local users to obtain root access. | |||||
CVE-2000-0591 | 1 Novell | 1 Bordermanager | 2023-12-10 | 5.0 MEDIUM | N/A |
Novell BorderManager 3.0 and 3.5 allows remote attackers to bypass URL filtering by encoding characters in the requested URL. | |||||
CVE-2001-0930 | 1 Sendpage | 1 Sendpage.pl | 2023-12-10 | 7.5 HIGH | N/A |
Sendpage.pl allows remote attackers to execute arbitrary commands via a message containing shell metacharacters. | |||||
CVE-2002-2043 | 1 Cyrus | 1 Sasl | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in the LDAP and MySQL authentication patch for Cyrus SASL 1.5.24 and 1.5.27 allows remote attackers to execute arbitrary SQL commands and log in as arbitrary POP mail users via the password. | |||||
CVE-2002-1474 | 1 Hp | 1 Tru64 | 2023-12-10 | 5.0 MEDIUM | N/A |
Unknown vulnerability or vulnerabilities in TCP/IP component for HP Tru64 UNIX 4.0f, 4.0g, and 5.0a allows remote attackers to cause a denial of service. | |||||
CVE-2003-1090 | 1 Celestial Software | 1 Absolutetelnet | 2023-12-10 | 10.0 HIGH | N/A |
Buffer overflow in AbsoluteTelnet before 2.12 RC10 allows remote attackers to execute arbitrary code via a long window title. | |||||
CVE-2002-1122 | 1 Iss | 1 Internet Scanner | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in the parsing mechanism for ISS Internet Scanner 6.2.1, when using the license banner HTTP check, allows remote attackers to execute arbitrary code via a long web server response. | |||||
CVE-2001-0886 | 2 Debian, Redhat | 2 Debian Linux, Linux | 2023-12-10 | 4.6 MEDIUM | N/A |
Buffer overflow in glob function of glibc allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a glob pattern that ends in a brace "{" character. | |||||
CVE-1999-0963 | 1 Freebsd | 1 Freebsd | 2023-12-10 | 7.2 HIGH | N/A |
FreeBSD mount_union command allows local users to gain root privileges via a symlink attack. | |||||
CVE-2004-0246 | 1 Laurent Adda | 1 Les Commentaires | 2023-12-10 | 10.0 HIGH | N/A |
Multiple PHP remote file inclusion vulnerabilities in (1) fonctions.lib.php, (2) derniers_commentaires.php, and (3) admin.php in Les Commentaires 2.0 allow remote attackers to execute arbitrary PHP code via the rep parameter. | |||||
CVE-2004-0518 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2023-12-10 | 7.5 HIGH | N/A |
Unknown vulnerability in AppleFileServer for Mac OS X 10.3.4, related to "the use of SSH and reporting errors," has unknown impact and attack vectors. | |||||
CVE-2002-1559 | 1 Research Systems Inc. | 1 Ion Script | 2023-12-10 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in ion-p.exe (aka ion-p) allows remote attackers to read arbitrary files via (1) C: (drive letter) or (2) .. (dot-dot) sequences in the page parameter. | |||||
CVE-1999-1118 | 1 Sun | 1 Solaris | 2023-12-10 | 2.1 LOW | N/A |
ndd in Solaris 2.6 allows local users to cause a denial of service by modifying certain TCP/IP parameters. |