Total
29805 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-1009 | 2 Redhat, Trustix | 2 Linux, Secure Linux | 2025-04-03 | 7.2 HIGH | N/A |
| dump in Red Hat Linux 6.2 trusts the pathname specified by the RSH environmental variable, which allows local users to obtain root privileges by modifying the RSH variable to point to a Trojan horse program. | |||||
| CVE-2004-0347 | 1 Netscreen | 1 Netscreen-sa 5000 Series | 2025-04-03 | 6.0 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in delhomepage.cgi in NetScreen-SA 5000 Series running firmware 3.3 Patch 1 (build 4797) allows remote authenticated users to execute arbitrary script as other users via the row parameter. | |||||
| CVE-2001-1298 | 1 Grant Horwood | 1 Webodex | 2025-04-03 | 5.0 MEDIUM | N/A |
| Webodex PHP script 1.0 and earlier allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable. | |||||
| CVE-2001-1023 | 1 Xcache Technologies | 1 Xcache | 2025-04-03 | 5.0 MEDIUM | N/A |
| Xcache 2.1 allows remote attackers to determine the absolute path of web server documents by requesting a URL that is not cached by Xcache, which returns the full pathname in the Content-PageName header. | |||||
| CVE-2000-0222 | 1 Microsoft | 1 Windows 2000 | 2025-04-03 | 10.0 HIGH | N/A |
| The installation for Windows 2000 does not activate the Administrator password until the system has rebooted, which allows remote attackers to connect to the ADMIN$ share without a password until the reboot occurs. | |||||
| CVE-1999-0479 | 2 Hp, Netscape | 2 Hp-ux, Enterprise Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Denial of service Netscape Enterprise Server with VirtualVault on HP-UX VVOS systems. | |||||
| CVE-2000-0233 | 1 Suse | 1 Suse Linux Imap Server | 2025-04-03 | 10.0 HIGH | N/A |
| SuSE Linux IMAP server allows remote attackers to bypass IMAP authentication and gain privileges. | |||||
| CVE-2000-0317 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in Solaris 7 lpset allows local users to gain root privileges via a long -r option. | |||||
| CVE-2004-1329 | 1 Ibm | 1 Aix | 2025-04-03 | 7.2 HIGH | N/A |
| Untrusted execution path vulnerability in the diag commands (1) lsmcode, (2) diag_exec, (3) invscout, and (4) invscoutd in AIX 5.1 through 5.3 allows local users to execute arbitrary programs by modifying the DIAGNOSTICS environment variable to point to a malicious Dctrl program. | |||||
| CVE-2002-1429 | 1 Endity.com | 1 Shoutbox | 2025-04-03 | 5.0 MEDIUM | N/A |
| Cross-site scripting vulnerability in board.php of endity.com ShoutBOX allows remote attackers to inject arbitrary HTML into the shoutbox page via the site parameter. | |||||
| CVE-2002-0471 | 1 Phpnettoolpack | 1 Phpnettoolpack | 2025-04-03 | 10.0 HIGH | N/A |
| PHPNetToolpack 0.1 allows remote attackers to execute arbitrary code via shell metacharacters in the a_query variable. | |||||
| CVE-2006-3025 | 1 Lucid Designs | 1 Lucid Calendar | 2025-04-03 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Cal.PHP3 in Chris Lea Lucid Calendar 0.22 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | |||||
| CVE-2005-1332 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | 7.5 HIGH | N/A |
| Bluetooth-enabled systems in Mac OS X 10.3.9 enables the Bluetooth file exchange service by default, which allows remote attackers to access files without the user being notified, and local users to access files via the default directory. | |||||
| CVE-2002-0691 | 1 Microsoft | 1 Internet Explorer | 2025-04-03 | 7.5 HIGH | N/A |
| Microsoft Internet Explorer 5.01 and 5.5 allows remote attackers to execute scripts in the Local Computer zone via a URL that references a local HTML resource file, a variant of "Cross-Site Scripting in Local HTML Resource" as identified by CAN-2002-0189. | |||||
| CVE-2000-0516 | 1 Intel | 1 Shiva Access Manager | 2025-04-03 | 7.2 HIGH | N/A |
| When configured to store configuration information in an LDAP directory, Shiva Access Manager 5.0.0 stores the root DN (Distinguished Name) name and password in cleartext in a file that is world readable, which allows local users to compromise the LDAP server. | |||||
| CVE-2003-1258 | 1 Versatilebulletinboard | 1 Versatilebulletinboard | 2025-04-03 | 7.5 HIGH | N/A |
| activate.php in versatileBulletinBoard (vBB) 0.9.5 and 0.9.6 allows remote attackers to gain unauthorized administrative access via a URL request with the uid parameter set to the webmaster uid. | |||||
| CVE-2006-4435 | 1 Openbsd | 1 Openbsd | 2025-04-03 | 4.9 MEDIUM | N/A |
| OpenBSD 3.8, 3.9, and possibly earlier versions allows context-dependent attackers to cause a denial of service (kernel panic) by allocating more semaphores than the default. | |||||
| CVE-2006-1755 | 1 Matthew Dingley | 1 Md News | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin.php in MD News 1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2004-0538 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | 7.5 HIGH | N/A |
| LaunchServices in Mac OS X 10.3.4 and 10.2.8 automatically registers and executes new applications, which could allow attackers to execute arbitrary code without warning the user. | |||||
| CVE-2002-1091 | 3 Mozilla, Netscape, Opera Software | 3 Mozilla, Navigator, Opera Web Browser | 2025-04-03 | 7.5 HIGH | N/A |
| Netscape 6.2.3 and earlier, and Mozilla 1.0.1, allow remote attackers to corrupt heap memory and execute arbitrary code via a GIF image with a zero width. | |||||