Total
254140 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-1999-0177 | 1 Oreilly | 1 Website | 2023-12-10 | 7.5 HIGH | N/A |
The uploader program in the WebSite web server allows a remote attacker to execute arbitrary programs. | |||||
CVE-2001-1399 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 2.1 LOW | N/A |
Certain operations in Linux kernel before 2.2.19 on the x86 architecture copy the wrong number of bytes, which might allow attackers to modify memory, aka "User access asm bug on x86." | |||||
CVE-1999-1106 | 1 Kde | 1 Kde | 2023-12-10 | 7.2 HIGH | N/A |
Buffer overflow in kppp in KDE allows local users to gain root access via a long -c (account_name) command line argument. | |||||
CVE-2001-0042 | 1 Apache | 1 Http Server | 2023-12-10 | 5.0 MEDIUM | N/A |
PHP 3.x (PHP3) on Apache 1.3.6 allows remote attackers to read arbitrary files via a modified .. (dot dot) attack containing "%5c" (encoded backslash) sequences. | |||||
CVE-2004-0667 | 2 Gentoo, Rsbac | 2 Linux, Rule Set Based Access Control | 2023-12-10 | 7.2 HIGH | N/A |
Rule Set Based Access Control (RSBAC) 1.2.2 through 1.2.3 allows access to sys_creat, sys_open, and sys_mknod inside jails, which could allow local users to gain elevated privileges. | |||||
CVE-2003-0103 | 1 Nokia | 1 6210 Handset | 2023-12-10 | 5.0 MEDIUM | N/A |
Format string vulnerability in Nokia 6210 handset allows remote attackers to cause a denial of service (crash, lockup, or restart) via a Multi-Part vCard with fields containing a large number of format string specifiers. | |||||
CVE-1999-0333 | 1 Hp | 1 Hp-ux | 2023-12-10 | 7.5 HIGH | N/A |
HP OpenView Omniback allows remote execution of commands as root via spoofing, and local users can gain root access via a symlink attack. | |||||
CVE-2002-0938 | 1 Cisco | 1 Secure Access Control Server | 2023-12-10 | 7.5 HIGH | N/A |
Cross-site scripting vulnerability in CiscoSecure ACS 3.0 allows remote attackers to execute arbitrary script or HTML as other web users via the action argument in a link to setup.exe. | |||||
CVE-2004-1642 | 1 Texas Imperial Software | 1 Wftpd | 2023-12-10 | 5.0 MEDIUM | N/A |
WFTPD Pro Server 3.21 allows remote authenticated users to cause a denial of service (crash) via a series of long MLIST commands. | |||||
CVE-2000-0205 | 1 Trend Micro | 1 Officescan | 2023-12-10 | 6.4 MEDIUM | N/A |
Trend Micro OfficeScan allows remote attackers to replay administrative commands and modify the configuration of OfficeScan clients. | |||||
CVE-2002-2391 | 2 Webchat.org, Xoops | 2 Webchat, Xoops | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in index.php of WebChat 1.5 included in XOOPS 1.0 allows remote attackers to execute arbitrary SQL commands via the roomid parameter. | |||||
CVE-2004-1986 | 2 Coppermine, Francisco Burzi | 2 Coppermine Photo Gallery, Php-nuke | 2023-12-10 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in modules.php in Coppermine Photo Gallery 1.2.2b and 1.2.0 RC4 allows remote attackers with administrative privileges to read arbitrary files via a .. (dot dot) in the startdir parameter. | |||||
CVE-2003-0150 | 1 Oracle | 1 Mysql | 2023-12-10 | 9.0 HIGH | N/A |
MySQL 3.23.55 and earlier creates world-writeable files and allows mysql users to gain root privileges by using the "SELECT * INFO OUTFILE" operator to overwrite a configuration file and cause mysql to run as root upon restart, as demonstrated by modifying my.cnf. | |||||
CVE-2004-0204 | 4 Bea, Borland Software, Businessobjects and 1 more | 9 Weblogic Server, J Builder, Crystal Enterprise and 6 more | 2023-12-10 | 7.5 HIGH | N/A |
Directory traversal vulnerability in the web viewers for Business Objects Crystal Reports 9 and 10, and Crystal Enterprise 9 or 10, as used in Visual Studio .NET 2003 and Outlook 2003 with Business Contact Manager, Microsoft Business Solutions CRM 1.2, and other products, allows remote attackers to read and delete arbitrary files via ".." sequences in the dynamicimag argument to crystalimagehandler.aspx. | |||||
CVE-1999-1387 | 1 Microsoft | 1 Windows Nt | 2023-12-10 | 5.0 MEDIUM | N/A |
Windows NT 4.0 SP2 allows remote attackers to cause a denial of service (crash), possibly via malformed inputs or packets, such as those generated by a Linux smbmount command that was compiled on the Linux 2.0.29 kernel but executed on Linux 2.0.25. | |||||
CVE-2000-0103 | 1 Netsmart | 1 Smartcart | 2023-12-10 | 7.5 HIGH | N/A |
The SmartCart shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. | |||||
CVE-2003-0207 | 1 Gs-common | 1 Gs-common | 2023-12-10 | 2.1 LOW | N/A |
ps2epsi creates insecure temporary files when calling ghostscript, which allows local attackers to overwrite arbitrary files. | |||||
CVE-2001-0887 | 1 Oliver Rauch | 1 Xsane | 2023-12-10 | 1.2 LOW | N/A |
xSANE 0.81 and earlier allows local users to modify files of other xSANE users via a symlink attack on temporary files. | |||||
CVE-1999-0183 | 2 Linux, Tftp | 2 Linux Kernel, Tftp | 2023-12-10 | 6.4 MEDIUM | N/A |
Linux implementations of TFTP would allow access to files outside the restricted directory. | |||||
CVE-2000-0484 | 1 Max Feoktistov | 1 Small Http Server | 2023-12-10 | 5.0 MEDIUM | N/A |
Small HTTP Server ver 3.06 contains a memory corruption bug causing a memory overflow. The overflowed buffer crashes into a Structured Exception Handler resulting in a Denial of Service. |