Search
Total
27796 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0120 | 1 Allaire | 1 Spectra | 2018-05-03 | 7.5 HIGH | N/A |
| The Remote Access Service invoke.cfm template in Allaire Spectra 1.0 allows users to bypass authentication via the bAuthenticated parameter. | |||||
| CVE-2002-1318 | 3 Hp, Samba, Sgi | 3 Cifs-9000 Server, Samba, Irix | 2018-05-03 | 10.0 HIGH | N/A |
| Buffer overflow in samba 2.2.2 through 2.2.6 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an encrypted password that causes the overflow during decryption in which a DOS codepage string is converted to a little-endian UCS2 unicode string. | |||||
| CVE-2000-0077 | 1 Hp | 1 Hp-ux | 2018-05-03 | 7.2 HIGH | N/A |
| The October 1998 version of the HP-UX aserver program allows local users to gain privileges by specifying an alternate PATH which aserver uses to find the ps and grep commands. | |||||
| CVE-2000-0078 | 1 Hp | 1 Hp-ux | 2018-05-03 | 7.2 HIGH | N/A |
| The June 1999 version of the HP-UX aserver program allows local users to gain privileges by specifying an alternate PATH which aserver uses to find the awk command. | |||||
| CVE-1999-0219 | 1 Cat Soft | 1 Serv-u | 2018-05-03 | 7.8 HIGH | N/A |
| Buffer overflow in FTP Serv-U 2.5 allows remote authenticated users to cause a denial of service (crash) via a long (1) CWD or (2) LS (list) command. | |||||
| CVE-1999-0036 | 1 Sgi | 1 Irix | 2018-05-03 | 7.2 HIGH | N/A |
| IRIX login program with a nonzero LOCKOUT parameter allows creation or damage to files. | |||||
| CVE-1999-1219 | 1 Sgi | 1 Irix | 2018-05-03 | 7.2 HIGH | N/A |
| Vulnerability in sgihelp in the SGI help system and print manager in IRIX 5.2 and earlier allows local users to gain root privileges, possibly through the clogin command. | |||||
| CVE-1999-0039 | 1 Sgi | 1 Irix | 2018-05-03 | 7.5 HIGH | N/A |
| webdist CGI program (webdist.cgi) in SGI IRIX allows remote attackers to execute arbitrary commands via shell metacharacters in the distloc parameter. | |||||
| CVE-2000-0887 | 1 Isc | 1 Bind | 2018-05-03 | 5.0 MEDIUM | N/A |
| named in BIND 8.2 through 8.2.2-P6 allows remote attackers to cause a denial of service by making a compressed zone transfer (ZXFR) request and performing a name service query on an authoritative record that is not cached, aka the "zxfr bug." | |||||
| CVE-2004-0418 | 5 Cvs, Gentoo, Openbsd and 2 more | 5 Cvs, Linux, Openbsd and 2 more | 2018-05-03 | 10.0 HIGH | N/A |
| serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle empty data lines, which may allow remote attackers to perform an "out-of-bounds" write for a single byte to execute arbitrary code or modify critical program data. | |||||
| CVE-2000-0811 | 1 Cgi Script Center | 1 Auction Weaver | 2018-05-03 | 5.0 MEDIUM | N/A |
| Auction Weaver 1.0 through 1.04 allows remote attackers to read arbitrary files via a .. (dot dot) attack on the username or bidfile form fields. | |||||
| CVE-2000-0810 | 1 Cgi Script Center | 1 Auction Weaver | 2018-05-03 | 7.5 HIGH | N/A |
| Auction Weaver 1.0 through 1.04 does not properly validate the names of form fields, which allows remote attackers to delete arbitrary files and directories via a .. (dot dot) attack. | |||||
| CVE-1999-0351 | 1 Ftp | 1 Ftp Pasv | 2018-05-03 | 6.4 MEDIUM | N/A |
| FTP PASV "Pizza Thief" denial of service and unauthorized data access. Attackers can steal data by connecting to a port that was intended for use by a client. | |||||
| CVE-1999-0930 | 1 Matt Wright | 1 Wwwboard | 2018-05-03 | 5.0 MEDIUM | N/A |
| wwwboard allows a remote attacker to delete message board articles via a malformed argument. | |||||
| CVE-1999-0743 | 1 Debian | 1 Debian Linux | 2018-05-03 | 2.1 LOW | N/A |
| Trn allows local users to overwrite other users' files via symlinks. | |||||
| CVE-1999-0085 | 3 Freebsd, Ibm, Netbsd | 3 Freebsd, Aix, Netbsd | 2018-05-03 | 7.5 HIGH | N/A |
| Buffer overflow in rwhod on AIX and other operating systems allows remote attackers to execute arbitrary code via a UDP packet with a long hostname. | |||||
| CVE-1999-1122 | 1 Sun | 1 Sunos | 2018-05-03 | 4.6 MEDIUM | N/A |
| Vulnerability in restore in SunOS 4.0.3 and earlier allows local users to gain privileges. | |||||
| CVE-2000-0585 | 1 Isc | 1 Dhcp Client | 2018-05-03 | 10.0 HIGH | N/A |
| ISC DHCP client program dhclient allows remote attackers to execute arbitrary commands via shell metacharacters. | |||||
| CVE-1999-1027 | 1 Sun | 1 Solaris | 2018-05-03 | 7.2 HIGH | N/A |
| Solaris 2.6 HW3/98 installs admintool with world-writable permissions, which allows local users to gain privileges by replacing it with a Trojan horse program. | |||||
| CVE-1999-0015 | 4 Hp, Microsoft, Netbsd and 1 more | 5 Hp-ux, Windows 95, Windows Nt and 2 more | 2018-05-03 | 5.0 MEDIUM | N/A |
| Teardrop IP denial of service. | |||||
| CVE-2000-0254 | 1 Craig Dansie | 1 Dansie Shopping Cart | 2018-05-03 | 5.0 MEDIUM | N/A |
| The dansie shopping cart application cart.pl allows remote attackers to obtain the shopping cart database and configuration information via a URL that references either the env, db, or vars form variables. | |||||
| CVE-2000-0584 | 2 Debian, Freebsd | 2 Debian Linux, Freebsd | 2018-05-03 | 10.0 HIGH | N/A |
| Buffer overflow in Canna input system allows remote attackers to execute arbitrary commands via an SR_INIT command with a long user name or group name. | |||||
| CVE-1999-0149 | 1 Sgi | 1 Irix | 2018-05-03 | 7.5 HIGH | N/A |
| The wrap CGI program in IRIX allows remote attackers to view arbitrary directory listings via a .. (dot dot) attack. | |||||
| CVE-1999-0025 | 1 Sgi | 1 Irix | 2018-05-03 | 7.2 HIGH | N/A |
| root privileges via buffer overflow in df command on SGI IRIX systems. | |||||
| CVE-1999-0270 | 1 Sgi | 1 Irix | 2018-05-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in pfdispaly.cgi program (sometimes referred to as "pfdisplay") for SGI's Performer API Search Tool (performer_tools) allows remote attackers to read arbitrary files. | |||||
| CVE-2001-0522 | 1 Gnu | 1 Privacy Guard | 2018-05-03 | 7.5 HIGH | N/A |
| Format string vulnerability in Gnu Privacy Guard (aka GnuPG or gpg) 1.05 and earlier can allow an attacker to gain privileges via format strings in the original filename that is stored in an encrypted file. | |||||
| CVE-1999-1088 | 1 Hp | 1 Hp-ux | 2018-05-03 | 7.2 HIGH | N/A |
| Vulnerability in chsh command in HP-UX 9.X through 10.20 allows local users to gain privileges. | |||||
| CVE-2004-0417 | 5 Cvs, Gentoo, Openbsd and 2 more | 5 Cvs, Linux, Openbsd and 2 more | 2018-05-03 | 5.0 MEDIUM | N/A |
| Integer overflow in the "Max-dotdot" CVS protocol command (serve_max_dotdot) for CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to cause a server crash, which could cause temporary data to remain undeleted and consume disk space. | |||||
| CVE-1999-1080 | 1 Sun | 1 Sunos | 2018-05-03 | 7.2 HIGH | N/A |
| rmmount in SunOS 5.7 may mount file systems without the nosuid flag set, contrary to the documentation and its use in previous versions of SunOS, which could allow local users with physical access to gain root privileges by mounting a floppy or CD-ROM that contains a setuid program and running volcheck, when the file systems do not have the nosuid option specified in rmmount.conf. | |||||
| CVE-1999-0693 | 3 Hp, Ibm, Sco | 3 Hp-ux, Aix, Unixware | 2018-05-03 | 7.2 HIGH | N/A |
| Buffer overflow in TT_SESSION environment variable in ToolTalk shared library allows local users to gain root privileges. | |||||
| CVE-2004-0414 | 5 Cvs, Gentoo, Openbsd and 2 more | 5 Cvs, Linux, Openbsd and 2 more | 2018-05-03 | 10.0 HIGH | N/A |
| CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle malformed "Entry" lines, which prevents a NULL terminator from being used and may lead to a denial of service (crash), modification of critical program data, or arbitrary code execution. | |||||
| CVE-2004-0180 | 1 Cvs | 1 Cvs | 2018-05-03 | 2.6 LOW | N/A |
| The client for CVS before 1.11 allows a remote malicious CVS server to create arbitrary files using certain RCS diff files that use absolute pathnames during checkouts or updates, a different vulnerability than CVE-2004-0405. | |||||
| CVE-1999-0959 | 1 Sgi | 1 Irix | 2018-05-03 | 7.2 HIGH | N/A |
| IRIX startmidi program allows local users to modify arbitrary files via a symlink attack. | |||||
| CVE-1999-0262 | 1 Renaud Deraison | 1 Faxsurvey | 2018-05-03 | 7.5 HIGH | N/A |
| Hylafax faxsurvey CGI script on Linux allows remote attackers to execute arbitrary commands via shell metacharacters in the query string. | |||||
| CVE-2001-0129 | 1 Tinyproxy | 1 Tinyproxy | 2018-05-03 | 10.0 HIGH | N/A |
| Buffer overflow in Tinyproxy HTTP proxy 1.3.3 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long connect request. | |||||
| CVE-2001-0825 | 1 Xinetd | 1 Xinetd | 2018-05-03 | 10.0 HIGH | N/A |
| Buffer overflow in internal string handling routines of xinetd before 2.1.8.8 allows remote attackers to execute arbitrary commands via a length argument of zero or less, which disables the length check. | |||||
| CVE-2001-0550 | 2 David Madore, Washington University | 2 Ftpd-bsd, Wu-ftpd | 2018-05-03 | 7.5 HIGH | N/A |
| wu-ftpd 2.6.1 allows remote attackers to execute arbitrary commands via a "~{" argument to commands such as CWD, which is not properly handled by the glob function (ftpglob). | |||||
| CVE-2001-0551 | 1 Hp | 1 Hp-ux | 2018-05-03 | 7.2 HIGH | N/A |
| Buffer overflow in CDE Print Viewer (dtprintinfo) allows local users to execute arbitrary code by copying text from the clipboard into the Help window. | |||||
| CVE-2000-1031 | 1 Hp | 2 Hp-ux, Tru64 | 2018-05-03 | 4.6 MEDIUM | N/A |
| Buffer overflow in dtterm in HP-UX 11.0 and HP Tru64 UNIX 4.0f through 5.1a allows local users to execute arbitrary code via a long -tn option. | |||||
| CVE-2001-0489 | 1 Gftp | 1 Gftp | 2018-05-03 | 7.5 HIGH | N/A |
| Format string vulnerability in gftp prior to 2.0.8 allows remote malicious FTP servers to execute arbitrary commands. | |||||
| CVE-2000-0996 | 1 Openbsd | 1 Openbsd | 2018-05-03 | 7.2 HIGH | N/A |
| Format string vulnerability in OpenBSD su program (and possibly other BSD-based operating systems) allows local attackers to gain root privileges via a malformed shell. | |||||
| CVE-2000-1180 | 1 Oracle | 1 Oracle8i | 2018-05-03 | 4.6 MEDIUM | N/A |
| Buffer overflow in cmctl program in Oracle 8.1.5 Connection Manager Control allows local users to gain privileges via a long command line argument. | |||||
| CVE-2001-0872 | 3 Openbsd, Redhat, Suse | 3 Openssh, Linux, Suse Linux | 2018-05-03 | 7.2 HIGH | N/A |
| OpenSSH 3.0.1 and earlier with UseLogin enabled does not properly cleanse critical environment variables such as LD_PRELOAD, which allows local users to gain root privileges. | |||||
| CVE-2001-0833 | 1 Oracle | 1 Database Server | 2018-05-03 | 7.2 HIGH | N/A |
| Buffer overflow in otrcrep in Oracle 8.0.x through 9.0.1 allows local users to execute arbitrary code via a long ORACLE_HOME environment variable, aka the "Oracle Trace Collection Security Vulnerability." | |||||
| CVE-2001-0144 | 2 Openbsd, Ssh | 2 Openssh, Ssh | 2018-05-03 | 10.0 HIGH | N/A |
| CORE SDI SSH1 CRC-32 compensation attack detector allows remote attackers to execute arbitrary commands on an SSH server or client via an integer overflow. | |||||
| CVE-2001-1380 | 1 Openbsd | 1 Openssh | 2018-05-03 | 7.5 HIGH | N/A |
| OpenSSH before 2.9.9, while using keypairs and multiple keys of different types in the ~/.ssh/authorized_keys2 file, may not properly handle the "from" option associated with a key, which could allow remote attackers to login from unauthorized IP addresses. | |||||
| CVE-2000-0984 | 1 Cisco | 1 Ios | 2018-05-03 | 5.0 MEDIUM | N/A |
| The HTTP server in Cisco IOS 12.0 through 12.1 allows local users to cause a denial of service (crash and reload) via a URL containing a "?/" string. | |||||
| CVE-2000-0973 | 1 Daniel Stenberg | 1 Curl | 2018-05-03 | 10.0 HIGH | N/A |
| Buffer overflow in curl earlier than 6.0-1.1, and curl-ssl earlier than 6.0-1.2, allows remote attackers to execute arbitrary commands by forcing a long error message to be generated. | |||||
| CVE-2001-0653 | 1 Sendmail | 1 Sendmail | 2018-05-03 | 4.6 MEDIUM | N/A |
| Sendmail 8.10.0 through 8.11.5, and 8.12.0 beta, allows local users to modify process memory and possibly gain privileges via a large value in the 'category' part of debugger (-d) command line arguments, which is interpreted as a negative number. | |||||
| CVE-2000-0994 | 1 Openbsd | 1 Openbsd | 2018-05-03 | 7.2 HIGH | N/A |
| Format string vulnerability in OpenBSD fstat program (and possibly other BSD-based operating systems) allows local users to gain root privileges via the PWD environmental variable. | |||||