Total
29520 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2006-4528 | 1 Membrepass | 1 Membrepass | 2025-04-03 | 4.3 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in membrepass 1.5 allow remote attackers to inject arbitrary web script or HTML via the (1) recherche parameter in recherchemembre.php and the (2) email parameter in test.php. | |||||
CVE-2002-0584 | 1 Workforceroi | 1 Xpede | 2025-04-03 | 5.0 MEDIUM | N/A |
WorkforceROI Xpede 4.1 allows remote attackers to read user timesheets by modifying the TSN ID parameter to the ts_app_process.asp script, which is easily guessable because it is incremented by 1 for each new timesheet. | |||||
CVE-2002-1884 | 1 Py-membres | 1 Py-membres | 2025-04-03 | 7.5 HIGH | N/A |
index.php in Py-Membres 3.1 allows remote attackers to log in as an administrator by setting the pymembs parameter to "admin". | |||||
CVE-2004-2133 | 1 Cvsup | 1 Cvsup | 2025-04-03 | 4.6 MEDIUM | N/A |
Certain third-party packages for CVSup 16.1h, such as SuSE Linux, contain untrusted paths in the ELF RPATH fields of certain executables, which could allow local users to execute arbitrary code by causing cvsup to link against malicious libraries that are created in world-writable directories such as /usr/src/packages. | |||||
CVE-2000-0571 | 1 West Street Software | 1 Localweb Http Server | 2025-04-03 | 6.4 MEDIUM | N/A |
LocalWEB HTTP server 1.2.0 allows remote attackers to cause a denial of service via a long GET request. | |||||
CVE-2002-0849 | 1 Cisco | 1 Iscsi Driver | 2025-04-03 | 4.6 MEDIUM | N/A |
Linux-iSCSI iSCSI implementation installs the iscsi.conf file with world-readable permissions on some operating systems, including Red Hat Linux Limbo Beta #1, which could allow local users to gain privileges by reading the cleartext CHAP password. | |||||
CVE-2000-0302 | 1 Microsoft | 1 Index Server | 2025-04-03 | 5.0 MEDIUM | N/A |
Microsoft Index Server allows remote attackers to view the source code of ASP files by appending a %20 to the filename in the CiWebHitsFile argument to the null.htw URL. | |||||
CVE-1999-0216 | 3 Gnu, Hp, Linux | 3 Inet, Hp-ux, Linux Kernel | 2025-04-03 | 5.0 MEDIUM | N/A |
Denial of service of inetd on Linux through SYN and RST packets. | |||||
CVE-2003-0264 | 1 Seattle Lab Software | 1 Slmail | 2025-04-03 | 7.5 HIGH | N/A |
Multiple buffer overflows in SLMail 5.1.0.4420 allows remote attackers to execute arbitrary code via (1) a long EHLO argument to slmail.exe, (2) a long XTRN argument to slmail.exe, (3) a long string to POPPASSWD, or (4) a long password to the POP3 server. | |||||
CVE-2002-0355 | 1 Sgi | 1 Irix | 2025-04-03 | 2.1 LOW | N/A |
netstat in SGI IRIX before 6.5.12 allows local users to determine the existence of files on the system, even if the users do not have the appropriate permissions. | |||||
CVE-2003-1070 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 5.0 MEDIUM | N/A |
Unknown vulnerability in rpcbind for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (rpcbind crash). | |||||
CVE-2000-0623 | 1 Oreilly | 1 Website Professional | 2025-04-03 | 10.0 HIGH | N/A |
Buffer overflow in O'Reilly WebSite Professional web server 2.4 and earlier allows remote attackers to execute arbitrary commands via a long GET request or Referrer header. | |||||
CVE-2005-3147 | 2 Storebackup, Suse | 2 Storebackup, Suse Linux | 2025-04-03 | 2.1 LOW | N/A |
StoreBackup before 1.19 creates the backup root with world-readable permissions, which allows local users to obtain sensitive information. | |||||
CVE-2005-0879 | 1 Vortex Portal | 1 Vortex Portal | 2025-04-03 | 7.5 HIGH | N/A |
PHP remote file include vulnerability in (1) content.php and (2) index.php for Vortex Portal allows remote attackers to execute arbitrary PHP code via a URL in the act parameter. | |||||
CVE-2002-0157 | 1 Eazel | 1 Nautilus | 2025-04-03 | 4.6 MEDIUM | N/A |
Nautilus 1.0.4 and earlier allows local users to overwrite arbitrary files via a symlink attack on the .nautilus-metafile.xml metadata file. | |||||
CVE-2001-0240 | 1 Microsoft | 1 Word | 2025-04-03 | 4.6 MEDIUM | N/A |
Microsoft Word before Word 2002 allows attackers to automatically execute macros without warning the user via a Rich Text Format (RTF) document that links to a template with the embedded macro. | |||||
CVE-2002-0631 | 1 Sgi | 1 Irix | 2025-04-03 | 7.2 HIGH | N/A |
Unknown vulnerability in nveventd in NetVisualyzer on SGI IRIX 6.5 through 6.5.16 allows local users to write arbitrary files and gain root privileges. | |||||
CVE-2005-2150 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2025-04-03 | 5.0 MEDIUM | N/A |
Windows NT 4.0 and Windows 2000 before URP1 for Windows 2000 SP4 does not properly prevent NULL sessions from accessing certain alternate named pipes, which allows remote attackers to (1) list Windows services via svcctl or (2) read eventlogs via eventlog. | |||||
CVE-2004-0487 | 1 Symantec | 1 Norton Antivirus | 2025-04-03 | 10.0 HIGH | N/A |
A certain ActiveX control in Symantec Norton AntiVirus 2004 allows remote attackers to cause a denial of service (resource consumption) and possibly execute arbitrary programs. | |||||
CVE-2003-1294 | 1 Xscreensaver | 1 Xscreensaver | 2025-04-03 | 2.1 LOW | N/A |
Xscreensaver before 4.15 creates temporary files insecurely in (1) driver/passwd-kerberos.c, (2) driver/xscreensaver-getimage-video, (3) driver/xscreensaver.kss.in, and the (4) vidwhacker and (5) webcollage screensavers, which allows local users to overwrite arbitrary files via a symlink attack. |