Vulnerabilities (CVE)

Filtered by NVD-CWE-Other
Total 29520 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2006-4528 1 Membrepass 1 Membrepass 2025-04-03 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in membrepass 1.5 allow remote attackers to inject arbitrary web script or HTML via the (1) recherche parameter in recherchemembre.php and the (2) email parameter in test.php.
CVE-2002-0584 1 Workforceroi 1 Xpede 2025-04-03 5.0 MEDIUM N/A
WorkforceROI Xpede 4.1 allows remote attackers to read user timesheets by modifying the TSN ID parameter to the ts_app_process.asp script, which is easily guessable because it is incremented by 1 for each new timesheet.
CVE-2002-1884 1 Py-membres 1 Py-membres 2025-04-03 7.5 HIGH N/A
index.php in Py-Membres 3.1 allows remote attackers to log in as an administrator by setting the pymembs parameter to "admin".
CVE-2004-2133 1 Cvsup 1 Cvsup 2025-04-03 4.6 MEDIUM N/A
Certain third-party packages for CVSup 16.1h, such as SuSE Linux, contain untrusted paths in the ELF RPATH fields of certain executables, which could allow local users to execute arbitrary code by causing cvsup to link against malicious libraries that are created in world-writable directories such as /usr/src/packages.
CVE-2000-0571 1 West Street Software 1 Localweb Http Server 2025-04-03 6.4 MEDIUM N/A
LocalWEB HTTP server 1.2.0 allows remote attackers to cause a denial of service via a long GET request.
CVE-2002-0849 1 Cisco 1 Iscsi Driver 2025-04-03 4.6 MEDIUM N/A
Linux-iSCSI iSCSI implementation installs the iscsi.conf file with world-readable permissions on some operating systems, including Red Hat Linux Limbo Beta #1, which could allow local users to gain privileges by reading the cleartext CHAP password.
CVE-2000-0302 1 Microsoft 1 Index Server 2025-04-03 5.0 MEDIUM N/A
Microsoft Index Server allows remote attackers to view the source code of ASP files by appending a %20 to the filename in the CiWebHitsFile argument to the null.htw URL.
CVE-1999-0216 3 Gnu, Hp, Linux 3 Inet, Hp-ux, Linux Kernel 2025-04-03 5.0 MEDIUM N/A
Denial of service of inetd on Linux through SYN and RST packets.
CVE-2003-0264 1 Seattle Lab Software 1 Slmail 2025-04-03 7.5 HIGH N/A
Multiple buffer overflows in SLMail 5.1.0.4420 allows remote attackers to execute arbitrary code via (1) a long EHLO argument to slmail.exe, (2) a long XTRN argument to slmail.exe, (3) a long string to POPPASSWD, or (4) a long password to the POP3 server.
CVE-2002-0355 1 Sgi 1 Irix 2025-04-03 2.1 LOW N/A
netstat in SGI IRIX before 6.5.12 allows local users to determine the existence of files on the system, even if the users do not have the appropriate permissions.
CVE-2003-1070 1 Sun 2 Solaris, Sunos 2025-04-03 5.0 MEDIUM N/A
Unknown vulnerability in rpcbind for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (rpcbind crash).
CVE-2000-0623 1 Oreilly 1 Website Professional 2025-04-03 10.0 HIGH N/A
Buffer overflow in O'Reilly WebSite Professional web server 2.4 and earlier allows remote attackers to execute arbitrary commands via a long GET request or Referrer header.
CVE-2005-3147 2 Storebackup, Suse 2 Storebackup, Suse Linux 2025-04-03 2.1 LOW N/A
StoreBackup before 1.19 creates the backup root with world-readable permissions, which allows local users to obtain sensitive information.
CVE-2005-0879 1 Vortex Portal 1 Vortex Portal 2025-04-03 7.5 HIGH N/A
PHP remote file include vulnerability in (1) content.php and (2) index.php for Vortex Portal allows remote attackers to execute arbitrary PHP code via a URL in the act parameter.
CVE-2002-0157 1 Eazel 1 Nautilus 2025-04-03 4.6 MEDIUM N/A
Nautilus 1.0.4 and earlier allows local users to overwrite arbitrary files via a symlink attack on the .nautilus-metafile.xml metadata file.
CVE-2001-0240 1 Microsoft 1 Word 2025-04-03 4.6 MEDIUM N/A
Microsoft Word before Word 2002 allows attackers to automatically execute macros without warning the user via a Rich Text Format (RTF) document that links to a template with the embedded macro.
CVE-2002-0631 1 Sgi 1 Irix 2025-04-03 7.2 HIGH N/A
Unknown vulnerability in nveventd in NetVisualyzer on SGI IRIX 6.5 through 6.5.16 allows local users to write arbitrary files and gain root privileges.
CVE-2005-2150 1 Microsoft 2 Windows 2000, Windows Nt 2025-04-03 5.0 MEDIUM N/A
Windows NT 4.0 and Windows 2000 before URP1 for Windows 2000 SP4 does not properly prevent NULL sessions from accessing certain alternate named pipes, which allows remote attackers to (1) list Windows services via svcctl or (2) read eventlogs via eventlog.
CVE-2004-0487 1 Symantec 1 Norton Antivirus 2025-04-03 10.0 HIGH N/A
A certain ActiveX control in Symantec Norton AntiVirus 2004 allows remote attackers to cause a denial of service (resource consumption) and possibly execute arbitrary programs.
CVE-2003-1294 1 Xscreensaver 1 Xscreensaver 2025-04-03 2.1 LOW N/A
Xscreensaver before 4.15 creates temporary files insecurely in (1) driver/passwd-kerberos.c, (2) driver/xscreensaver-getimage-video, (3) driver/xscreensaver.kss.in, and the (4) vidwhacker and (5) webcollage screensavers, which allows local users to overwrite arbitrary files via a symlink attack.