Total
29802 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-1545 | 1 Moniwiki | 1 Moniwiki | 2025-04-03 | 5.0 MEDIUM | N/A |
| UploadFile.php in MoniWiki 1.0.9.2 and earlier, when used with Apache mod_mime, does not properly handle files with two file extensions, such as .php.hwp, which allows remote attackers to upload and execute arbitrary code. | |||||
| CVE-2005-2538 | 1 Flatnuke | 1 Flatnuke | 2025-04-03 | 5.0 MEDIUM | N/A |
| FlatNuke 2.5.5 and possibly earlier versions allows remote attackers to obtain sensitive information via (1) a null byte or (2) an MS-DOS device name such as AUX, CON, PRN, COM1, or LPT1 in the mod parameter. | |||||
| CVE-2001-0992 | 1 Kabotie Software Technologies | 1 Shopplus Cart | 2025-04-03 | 7.5 HIGH | N/A |
| shopplus.cgi in ShopPlus shopping cart allows remote attackers to execute arbitrary commands via shell metacharacters in the "file" parameter. | |||||
| CVE-2005-0604 | 1 Gfi | 1 Languard Network Security Scanner | 2025-04-03 | 4.6 MEDIUM | N/A |
| lnss.exe in GFI Languard Network Security Scanner 5.0 stores the username and password in memory in plaintext, which could allow local administrators to obtain domain administrator credentials. | |||||
| CVE-1999-1076 | 1 Apple | 1 Macos | 2025-04-03 | 4.6 MEDIUM | N/A |
| Idle locking function in MacOS 9 allows local users to bypass the password protection of idled sessions by selecting the "Log Out" option and selecting a "Cancel" option in the dialog box for an application that attempts to verify that the user wants to log out, which returns the attacker into the locked session. | |||||
| CVE-2006-0381 | 1 Freebsd | 1 Freebsd | 2025-04-03 | 5.0 MEDIUM | N/A |
| A logic error in the IP fragment cache functionality in pf in FreeBSD 5.3, 5.4, and 6.0, and OpenBSD, when a 'scrub fragment crop' or 'scrub fragment drop-ovl' rule is being used, allows remote attackers to cause a denial of service (crash) via crafted packets that cause a packet fragment to be inserted twice. | |||||
| CVE-2005-0471 | 1 Sun | 2 Jdk, Jre | 2025-04-03 | 5.0 MEDIUM | N/A |
| Sun Java JRE 1.1.x through 1.4.x writes temporary files with long filenames that become predictable on a file system that uses 8.3 style short names, which allows remote attackers to write arbitrary files to known locations and facilitates the exploitation of vulnerabilities in applications that rely on unpredictable file names. | |||||
| CVE-1999-1282 | 1 Realnetworks | 1 Realsystem G2 Server | 2025-04-03 | 4.6 MEDIUM | N/A |
| RealSystem G2 server stores the administrator password in cleartext in a world-readable configuration file, which allows local users to gain privileges. | |||||
| CVE-2005-4328 | 1 University Of Arizona | 1 Webglimpse | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in webglimpse.cgi in Webglimpse 2.14.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the ID parameter. | |||||
| CVE-2006-4717 | 1 Drupal | 1 Drupal Pubcookie Module | 2025-04-03 | 7.5 HIGH | N/A |
| The login redirection mechanism in the Drupal 4.7 Pubcookie module before 1.2.2.4 2006/09/06 and the Drupal 4.6 Pubcookie module before 1.6.2.1 2006/09/07 allows remote attackers to bypass authentication requirements and spoof identities of arbitrary users via unspecified vectors. | |||||
| CVE-2001-0570 | 1 Minicom | 1 Minicom | 2025-04-03 | 7.2 HIGH | N/A |
| minicom 1.83.1 and earlier allows a local attacker to gain additional privileges via numerous format string attacks. | |||||
| CVE-2001-0190 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in /usr/bin/cu in Solaris 2.8 and earlier, and possibly other operating systems, allows local users to gain privileges by executing cu with a long program name (arg0). | |||||
| CVE-2002-0120 | 1 Palm | 1 Palm Desktop | 2025-04-03 | 2.1 LOW | N/A |
| Apple Palm Desktop 4.0b76 and 4.0b77 creates world-readable backup files and folders when a hotsync is performed, which could allow a local user to obtain sensitive information. | |||||
| CVE-2004-2665 | 1 Hp | 1 Hp-ux | 2025-04-03 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport software in HP-UX B.11.00, B.11.04, and B.11.11 before 20040628 allows local users to cause a denial of service via unspecified vectors. | |||||
| CVE-2002-0994 | 1 Sun | 1 Sun Pci Ii Driver | 2025-04-03 | 7.5 HIGH | N/A |
| SunPCi II VNC uses a weak authentication scheme, which allows remote attackers to obtain the VNC password by sniffing the random byte challenge, which is used as the key for encrypted communications. | |||||
| CVE-1999-1404 | 1 Ibm | 1 Tivoli Opc Tracker Agent | 2025-04-03 | 5.0 MEDIUM | N/A |
| IBM/Tivoli OPC Tracker Agent version 2 release 1 allows remote attackers to cause a denial of service (resource exhaustion) via malformed data to the localtracker client port (5011), which prevents the connection from being closed properly. | |||||
| CVE-2002-1385 | 1 Open Webmail | 1 Open Webmail | 2025-04-03 | 7.2 HIGH | N/A |
| openwebmail_init in Open WebMail 1.81 and earlier allows local users to execute arbitrary code via .. (dot dot) sequences in a login name, such as the name provided in the sessionid parameter for openwebmail-abook.pl, which is used to find a configuration file that specifies additional code to be executed. | |||||
| CVE-2004-0350 | 1 Spidersales | 1 Spidersales | 2025-04-03 | 2.1 LOW | N/A |
| SpiderSales shopping cart does not enforce a minimum length for the private key, which can make it easier for local users to obtain the private key by factoring. | |||||
| CVE-2001-1569 | 1 Cmg | 1 Openwave Wap Gateway | 2025-04-03 | 6.4 MEDIUM | N/A |
| Openwave WAP gateway does not verify the fully qualified domain name URL with X.509 certificates from root certificate authorities, which allows remote attackers to spoof SSL certificates via a man-in-the-middle attack. | |||||
| CVE-2001-0235 | 1 Debian | 1 Debian Linux | 2025-04-03 | 2.1 LOW | N/A |
| Vulnerability in crontab allows local users to read crontab files of other users by replacing the temporary file that is being edited while crontab is running. | |||||