Total
29737 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-1999-1402 | 2 Freebsd, Sun | 3 Freebsd, Solaris, Sunos | 2025-04-03 | N/A |
| The access permissions for a UNIX domain socket are ignored in Solaris 2.x and SunOS 4.x, and other BSD-based operating systems before 4.4, which could allow local users to connect to the socket and possibly disrupt or control the operations of the program using that socket. | ||||
| CVE-1999-1405 | 1 Ibm | 1 Aix | 2025-04-03 | N/A |
| snap command in AIX before 4.3.2 creates the /tmp/ibmsupt directory with world-readable permissions and does not remove or clear the directory when snap -a is executed, which could allow local users to access the shadowed password file by creating /tmp/ibmsupt/general/passwd before root runs snap -a. | ||||
| CVE-2006-0080 | 1 Jelsoft | 1 Vbulletin | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in vBulletin 3.5.2, and possibly earlier versions, allows remote attackers to inject arbitrary web script or HTML via the title of an event, which is not properly filtered by (1) calendar.php and (2) reminder.php. | ||||
| CVE-2006-0095 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2025-04-03 | N/A |
| dm-crypt in Linux kernel 2.6.15 and earlier does not clear a structure before it is freed, which leads to a memory disclosure that could allow local users to obtain sensitive information about a cryptographic key. | ||||
| CVE-1999-1410 | 1 Sgi | 1 Irix | 2025-04-03 | N/A |
| addnetpr in IRIX 5.3 and 6.2 allows local users to overwrite arbitrary files and possibly gain root privileges via a symlink attack on the printers temporary file. | ||||
| CVE-2005-2233 | 1 Ibm | 1 Aix | 2025-04-03 | N/A |
| Buffer overflow in multiple "p" commands in IBM AIX 5.1, 5.2 and 5.3 might allow local users to execute arbitrary code via long command line arguments to (1) penable or other hard-linked files including (2) pdisable, (3) pstart, (4) phold, (5) pdelay, or (6) pshare. | ||||
| CVE-2004-0838 | 1 Lexar | 1 Jumpdrive Secure | 2025-04-03 | N/A |
| Lexar Safe Guard for JumpDrive Secure 1.0 stores the password insecurely in memory using XOR encryption, which allows local users to read the password directly from the device and access the password protected part of the drive. | ||||
| CVE-2006-2966 | 1 Particle Soft | 1 Particle Wiki | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in Particle Soft Particle Wiki 1.0.2 allows remote attackers to inject arbitrary web script or HTML via a BR element with an extraneous IMG tag and a STYLE attribute that contains "/**/" comment sequences, which bypasses the XSS protection scheme. | ||||
| CVE-1999-1413 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | N/A |
| Solaris 2.4 before kernel jumbo patch -35 allows set-gid programs to dump core even if the real user id is not in the set-gid group, which allows local users to overwrite or create files at higher privileges by causing a core dump, e.g. through dmesg. | ||||
| CVE-2006-2969 | 1 L0j1k | 1 Tinymuw | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in L0j1k tinyMuw 0.1.0 allow remote attackers to inject arbitrary web script or HTML via a javascript URI in the SRC attribute of an IMG element in the input box in quickchat.php, and possibly other manipulations. | ||||
| CVE-1999-0150 | 1 Gnu | 1 Fingerd | 2025-04-03 | N/A |
| The Perl fingerd program allows arbitrary command execution from remote users. | ||||
| CVE-2002-1215 | 1 Linux-ha | 1 Heartbeat | 2025-04-03 | N/A |
| Multiple format string vulnerabilities in heartbeat 0.4.9 and earlier (claimed as buffer overflows in some sources) allow remote attackers to execute arbitrary code via certain packets to UDP port 694 (incorrectly claimed as TCP in some sources). | ||||
| CVE-2002-1214 | 1 Microsoft | 3 Windows 2000, Windows 2000 Terminal Services, Windows Xp | 2025-04-03 | N/A |
| Buffer overflow in Microsoft PPTP Service on Windows XP and Windows 2000 allows remote attackers to cause a denial of service (hang) and possibly execute arbitrary code via a certain PPTP packet with malformed control data. | ||||
| CVE-1999-0169 | 1 Sun | 1 Nfs | 2025-04-03 | N/A |
| NFS allows attackers to read and write any file on the system by specifying a false UID. | ||||
| CVE-2002-1223 | 2 Kde, Redhat | 2 Kde, Linux | 2025-04-03 | N/A |
| Buffer overflow in DSC 3.0 parser from GSview, as used in KGhostView in KDE 1.1 and KDE 3.0.3a, may allow attackers to cause a denial of service or execute arbitrary code via a modified .ps (PostScript) input file. | ||||
| CVE-2002-1231 | 1 Caldera | 2 Openunix, Unixware | 2025-04-03 | N/A |
| SCO UnixWare 7.1.1 and Open UNIX 8.0.0 allows local users to cause a denial of service via an rcp call on /proc. | ||||
| CVE-2004-0875 | 1 Phpgroupware | 1 Phpgroupware | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Phpgroupware (aka webdistro) 0.9.16.002 and earlier allow remote attackers to insert arbitrary HTML or web script, as demonstrated with a request to the wiki module. | ||||
| CVE-2006-0131 | 1 Boastmachine | 1 Boastmachine | 2025-04-03 | N/A |
| boastMachine 3.1 allows remote attackers to obtain sensitive information via a direct request to (1) footer.php and (2) side_menu.php, which reveals the path in an error message. | ||||
| CVE-1999-1416 | 1 Inso | 1 Dwhttpd | 2025-04-03 | N/A |
| AnswerBook2 (AB2) web server dwhttpd 3.1a4 allows remote attackers to cause a denial of service (resource exhaustion) via an HTTP POST request with a large content-length. | ||||
| CVE-2004-0886 | 9 Apple, Kde, Libtiff and 6 more | 13 Mac Os X, Mac Os X Server, Kde and 10 more | 2025-04-03 | N/A |
| Multiple integer overflows in libtiff 3.6.1 and earlier allow remote attackers to cause a denial of service (crash or memory corruption) via TIFF images that lead to incorrect malloc calls. | ||||