Total
29739 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-0113 | 1 Emc | 1 Networker | 2025-04-03 | N/A |
| EMC NetWorker (formerly Legato NetWorker) before 7.0 stores log files in the /nsr/logs/ directory with world-readable permissions, which allows local users to read sensitive information and possibly gain privileges. NOTE: this was originally reported for Legato NetWorker 6.1 on the Solaris 7 platform. | ||||
| CVE-2000-0596 | 1 Microsoft | 1 Internet Explorer | 2025-04-03 | N/A |
| Internet Explorer 5.x does not warn a user before opening a Microsoft Access database file that is referenced within ActiveX OBJECT tags in an HTML document, which could allow remote attackers to execute arbitrary commands, aka the "IE Script" vulnerability. | ||||
| CVE-2004-2187 | 1 Mediawiki | 1 Mediawiki | 2025-04-03 | N/A |
| Unknown vulnerability in ImagePage for MediaWiki 1.3.5, related to "filename validation," has unknown impact and attack vectors. | ||||
| CVE-2003-0066 | 2 Redhat, Rxvt | 3 Enterprise Linux, Linux, Rxvt | 2025-04-03 | N/A |
| The rxvt terminal emulator 2.7.8 and earlier allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. | ||||
| CVE-2002-0067 | 2 Redhat, Squid | 2 Linux, Squid | 2025-04-03 | N/A |
| Squid 2.4 STABLE3 and earlier does not properly disable HTCP, even when "htcp_port 0" is specified in squid.conf, which could allow remote attackers to bypass intended access restrictions. | ||||
| CVE-2004-2234 | 1 Moodle | 1 Moodle | 2025-04-03 | N/A |
| Unknown vulnerability in Moodle before 1.2 allows teachers to log in as administrators. | ||||
| CVE-2005-4669 | 1 Rt Internet Solutions | 1 Rt Internet Solutions Webadmin | 2025-04-03 | N/A |
| SQL injection vulnerability in RT Internet Solutions (RTIS) WebAdmin allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password fields. | ||||
| CVE-2002-0136 | 1 Microsoft | 1 Internet Explorer | 2025-04-03 | N/A |
| Microsoft Internet Explorer 5.5 on Windows 98 allows remote web pages to cause a denial of service (hang) via extremely long values for form fields such as INPUT and TEXTAREA, which can be automatically filled via Javascript. | ||||
| CVE-2002-1708 | 1 Basilix | 1 Basilix Webmail | 2025-04-03 | N/A |
| Cross-site scripting vulnerability (XSS) in BasiliX Webmail 1.10 allows remote attackers to execute arbitrary script as other users by injecting script into the (1) subject or (2) message fields. | ||||
| CVE-2003-0074 | 1 Plptools | 1 Plptools | 2025-04-03 | N/A |
| Format string vulnerability in mpmain.c for plpnfsd of the plptools package allows remote attackers to execute arbitrary code via the functions (1) debuglog, (2) errorlog, and (3) infolog. | ||||
| CVE-2000-0599 | 1 Imesh.com | 1 Imesh | 2025-04-03 | N/A |
| Buffer overflow in iMesh 1.02 allows remote attackers to execute arbitrary commands via a long string to the iMesh port. | ||||
| CVE-2002-0131 | 1 Activestate | 1 Activepython | 2025-04-03 | N/A |
| ActivePython ActiveX control for Python in the AXScript package, when used in Internet Explorer, does not prevent a script from reading files from the client's filesystem, which allows remote attackers to read arbitrary files via a malicious web page containing Python script. | ||||
| CVE-2001-0411 | 1 Siemens | 1 Reliant Unix | 2025-04-03 | N/A |
| Reliant Unix 5.44 and earlier allows remote attackers to cause a denial of service via an ICMP port unreachable packet, which causes Reliant to drop all connections to the source address of the packet. | ||||
| CVE-2000-0606 | 3 Debian, Mandrakesoft, Redhat | 3 Debian Linux, Mandrake Linux, Linux | 2025-04-03 | N/A |
| Buffer overflow in kon program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via a long -StartupMessage parameter. | ||||
| CVE-2000-0612 | 1 Microsoft | 2 Windows 95, Windows 98 | 2025-04-03 | N/A |
| Windows 95 and Windows 98 do not properly process spoofed ARP packets, which allows remote attackers to overwrite static entries in the cache table. | ||||
| CVE-2002-0169 | 1 Redhat | 3 Docbook Stylesheets, Docbook Utils, Linux | 2025-04-03 | N/A |
| The default stylesheet for DocBook on Red Hat Linux 6.2 through 7.2 is installed with an insecure option enabled, which could allow users to overwrite files outside of the current directory from an untrusted document by using a full pathname as an element identifier. | ||||
| CVE-2002-1747 | 1 Maxim Krasnyansky | 1 Vtun | 2025-04-03 | N/A |
| Vtun 2.5b1 does not authenticate forwarded packets, which allows remote attackers to inject data into user sessions without detection, and possibly control the data contents via cut-and-paste attacks on ECB. | ||||
| CVE-2003-0100 | 1 Cisco | 1 Ios | 2025-04-03 | N/A |
| Buffer overflow in Cisco IOS 11.2.x to 12.0.x allows remote attackers to cause a denial of service and possibly execute commands via a large number of OSPF neighbor announcements. | ||||
| CVE-2004-2398 | 1 Netenberg | 1 Fantastico De Luxe | 2025-04-03 | N/A |
| Netenberg Fantastico De Luxe 2.8 uses database file names that contain the associated usernames, which allows local users to determine valid usernames and conduct brute force attacks by reading the file names from /var/lib/mysql, which is assigned world-readable permissions by cPanel 9.3.0 R5. | ||||
| CVE-2001-0412 | 1 Cisco | 3 Content Services Switch 11050, Content Services Switch 11150, Content Services Switch 11800 | 2025-04-03 | N/A |
| Cisco Content Services (CSS) switch products 11800 and earlier, aka Arrowpoint, allows local users to gain privileges by entering debug mode. | ||||