Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-9229 | 3 Oniguruma Project, Php, Ruby-lang | 3 Oniguruma, Php, Ruby | 2018-05-04 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A SIGSEGV occurs in left_adjust_char_head() during regular expression compilation. Invalid handling of reg->dmax in forward_search_range() could result in an invalid pointer dereference, normally as an immediate denial-of-service condition. | |||||
| CVE-2018-4140 | 1 Apple | 1 Iphone Os | 2018-05-03 | 7.8 HIGH | 7.5 HIGH |
| An issue was discovered in certain Apple products. iOS before 11.3 is affected. The issue involves the "Telephony" component. It allows remote attackers to cause a denial of service (NULL pointer dereference and reboot) via a Class 0 SMS message. | |||||
| CVE-2017-7075 | 1 Apple | 1 Iphone Os | 2018-05-03 | 2.1 LOW | 5.5 MEDIUM |
| An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Notes" component. It allows local users to obtain sensitive information by reading search results that contain locked-note content. | |||||
| CVE-2018-9238 | 1 Yahei | 1 Yahei Php Prober | 2018-05-03 | 4.3 MEDIUM | 6.1 MEDIUM |
| proberv.php in Yahei-PHP Proberv 0.4.7 has XSS via the funName parameter. | |||||
| CVE-1999-0015 | 4 Hp, Microsoft, Netbsd and 1 more | 5 Hp-ux, Windows 95, Windows Nt and 2 more | 2018-05-03 | 5.0 MEDIUM | N/A |
| Teardrop IP denial of service. | |||||
| CVE-1999-0025 | 1 Sgi | 1 Irix | 2018-05-03 | 7.2 HIGH | N/A |
| root privileges via buffer overflow in df command on SGI IRIX systems. | |||||
| CVE-1999-0036 | 1 Sgi | 1 Irix | 2018-05-03 | 7.2 HIGH | N/A |
| IRIX login program with a nonzero LOCKOUT parameter allows creation or damage to files. | |||||
| CVE-1999-0039 | 1 Sgi | 1 Irix | 2018-05-03 | 7.5 HIGH | N/A |
| webdist CGI program (webdist.cgi) in SGI IRIX allows remote attackers to execute arbitrary commands via shell metacharacters in the distloc parameter. | |||||
| CVE-1999-0052 | 3 Bsdi, Freebsd, Openbsd | 3 Bsd Os, Freebsd, Openbsd | 2018-05-03 | 5.0 MEDIUM | N/A |
| IP fragmentation denial of service in FreeBSD allows a remote attacker to cause a crash. | |||||
| CVE-1999-0059 | 1 Sgi | 1 Irix | 2018-05-03 | 7.1 HIGH | N/A |
| IRIX fam service allows an attacker to obtain a list of all files on the server. | |||||
| CVE-1999-0085 | 3 Freebsd, Ibm, Netbsd | 3 Freebsd, Aix, Netbsd | 2018-05-03 | 7.5 HIGH | N/A |
| Buffer overflow in rwhod on AIX and other operating systems allows remote attackers to execute arbitrary code via a UDP packet with a long hostname. | |||||
| CVE-1999-0108 | 1 Sgi | 1 Irix | 2018-05-03 | 7.2 HIGH | N/A |
| The printers program in IRIX has a buffer overflow that gives root access to local users. | |||||
| CVE-1999-0112 | 2 Cde, Ibm | 2 Cde, Aix | 2018-05-03 | 7.2 HIGH | N/A |
| Buffer overflow in AIX dtterm program for the CDE. | |||||
| CVE-1999-0146 | 1 Ncsa | 2 Campas, Servers | 2018-05-03 | 7.5 HIGH | N/A |
| The campas CGI program provided with some NCSA web servers allows an attacker to execute arbitrary commands via encoded carriage return characters in the query string, as demonstrated by reading the password file. | |||||
| CVE-1999-0149 | 1 Sgi | 1 Irix | 2018-05-03 | 7.5 HIGH | N/A |
| The wrap CGI program in IRIX allows remote attackers to view arbitrary directory listings via a .. (dot dot) attack. | |||||
| CVE-1999-0219 | 1 Cat Soft | 1 Serv-u | 2018-05-03 | 7.8 HIGH | N/A |
| Buffer overflow in FTP Serv-U 2.5 allows remote authenticated users to cause a denial of service (crash) via a long (1) CWD or (2) LS (list) command. | |||||
| CVE-1999-0262 | 1 Renaud Deraison | 1 Faxsurvey | 2018-05-03 | 7.5 HIGH | N/A |
| Hylafax faxsurvey CGI script on Linux allows remote attackers to execute arbitrary commands via shell metacharacters in the query string. | |||||
| CVE-1999-0270 | 1 Sgi | 1 Irix | 2018-05-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in pfdispaly.cgi program (sometimes referred to as "pfdisplay") for SGI's Performer API Search Tool (performer_tools) allows remote attackers to read arbitrary files. | |||||
| CVE-1999-0288 | 1 Microsoft | 1 Windows Nt | 2018-05-03 | 5.0 MEDIUM | N/A |
| The WINS server in Microsoft Windows NT 4.0 before SP4 allows remote attackers to cause a denial of service (process termination) via invalid UDP frames to port 137 (NETBIOS Name Service), as demonstrated via a flood of random packets. | |||||
| CVE-1999-0305 | 3 Bsdi, Freebsd, Openbsd | 3 Bsd Os, Freebsd, Openbsd | 2018-05-03 | 5.0 MEDIUM | N/A |
| The system configuration control (sysctl) facility in BSD based operating systems OpenBSD 2.2 and earlier, and FreeBSD 2.2.5 and earlier, does not properly restrict source routed packets even when the (1) dosourceroute or (2) forwarding variables are set, which allows remote attackers to spoof TCP connections. | |||||
| CVE-1999-0351 | 1 Ftp | 1 Ftp Pasv | 2018-05-03 | 6.4 MEDIUM | N/A |
| FTP PASV "Pizza Thief" denial of service and unauthorized data access. Attackers can steal data by connecting to a port that was intended for use by a client. | |||||
| CVE-1999-0693 | 3 Hp, Ibm, Sco | 3 Hp-ux, Aix, Unixware | 2018-05-03 | 7.2 HIGH | N/A |
| Buffer overflow in TT_SESSION environment variable in ToolTalk shared library allows local users to gain root privileges. | |||||
| CVE-1999-0710 | 1 Redhat | 1 Linux | 2018-05-03 | 7.5 HIGH | N/A |
| The Squid package in Red Hat Linux 5.2 and 6.0, and other distributions, installs cachemgr.cgi in a public web directory, which allows remote attackers to use it as an intermediary to connect to other systems. | |||||
| CVE-1999-0743 | 1 Debian | 1 Debian Linux | 2018-05-03 | 2.1 LOW | N/A |
| Trn allows local users to overwrite other users' files via symlinks. | |||||
| CVE-1999-0751 | 1 Netscape | 1 Enterprise Server | 2018-05-03 | 5.0 MEDIUM | N/A |
| Buffer overflow in Accept command in Netscape Enterprise Server 3.6 with the SSL Handshake Patch. | |||||
| CVE-1999-0883 | 1 Zeus Technologies | 1 Zeus Web Server | 2018-05-03 | 10.0 HIGH | N/A |
| Zeus web server allows remote attackers to read arbitrary files by specifying the file name in an option to the search engine. | |||||
| CVE-1999-0884 | 1 Zeus Technologies | 1 Zeus Web Server | 2018-05-03 | 5.0 MEDIUM | N/A |
| The Zeus web server administrative interface uses weak encryption for its passwords. | |||||
| CVE-1999-0930 | 1 Matt Wright | 1 Wwwboard | 2018-05-03 | 5.0 MEDIUM | N/A |
| wwwboard allows a remote attacker to delete message board articles via a malformed argument. | |||||
| CVE-1999-0934 | 2018-05-03 | 5.0 MEDIUM | N/A | ||
| classifieds.cgi allows remote attackers to read arbitrary files via shell metacharacters. | |||||
| CVE-1999-0959 | 1 Sgi | 1 Irix | 2018-05-03 | 7.2 HIGH | N/A |
| IRIX startmidi program allows local users to modify arbitrary files via a symlink attack. | |||||
| CVE-1999-1027 | 1 Sun | 1 Solaris | 2018-05-03 | 7.2 HIGH | N/A |
| Solaris 2.6 HW3/98 installs admintool with world-writable permissions, which allows local users to gain privileges by replacing it with a Trojan horse program. | |||||
| CVE-1999-1080 | 1 Sun | 1 Sunos | 2018-05-03 | 7.2 HIGH | N/A |
| rmmount in SunOS 5.7 may mount file systems without the nosuid flag set, contrary to the documentation and its use in previous versions of SunOS, which could allow local users with physical access to gain root privileges by mounting a floppy or CD-ROM that contains a setuid program and running volcheck, when the file systems do not have the nosuid option specified in rmmount.conf. | |||||
| CVE-1999-1088 | 1 Hp | 1 Hp-ux | 2018-05-03 | 7.2 HIGH | N/A |
| Vulnerability in chsh command in HP-UX 9.X through 10.20 allows local users to gain privileges. | |||||
| CVE-1999-1122 | 1 Sun | 1 Sunos | 2018-05-03 | 4.6 MEDIUM | N/A |
| Vulnerability in restore in SunOS 4.0.3 and earlier allows local users to gain privileges. | |||||
| CVE-1999-1147 | 1 Platinum | 1 Policy Compliance Manager | 2018-05-03 | 7.5 HIGH | N/A |
| Buffer overflow in Platinum Policy Compliance Manager (PCM) 7.0 allows remote attackers to execute arbitrary commands via a long string to the Agent port (1827), which is handled by smaxagent.exe. | |||||
| CVE-1999-1156 | 1 Bisonware | 1 Bisonware Ftp Server | 2018-05-03 | 5.0 MEDIUM | N/A |
| BisonWare FTP Server 4.1 and earlier allows remote attackers to cause a denial of service via a malformed PORT command that contains a non-numeric character and a large number of carriage returns. | |||||
| CVE-1999-1205 | 1 Hp | 1 Hp-ux | 2018-05-03 | 2.1 LOW | N/A |
| nettune in HP-UX 10.01 and 10.00 is installed setuid root, which allows local users to cause a denial of service by modifying critical networking configuration information. | |||||
| CVE-1999-1219 | 1 Sgi | 1 Irix | 2018-05-03 | 7.2 HIGH | N/A |
| Vulnerability in sgihelp in the SGI help system and print manager in IRIX 5.2 and earlier allows local users to gain root privileges, possibly through the clogin command. | |||||
| CVE-1999-1265 | 1 Seatle Lab Software | 1 Slmail | 2018-05-03 | 5.0 MEDIUM | N/A |
| SMTP server in SLmail 3.1 and earlier allows remote attackers to cause a denial of service via malformed commands whose arguments begin with a "(" (parenthesis) character, such as (1) SEND, (2) VRFY, (3) EXPN, (4) MAIL FROM, (5) RCPT TO. | |||||
| CVE-2000-0005 | 1 Hp | 3 9000, Aserver, Hp-ux | 2018-05-03 | 7.2 HIGH | N/A |
| HP-UX aserver program allows local users to gain privileges via a symlink attack. | |||||
| CVE-2000-0007 | 1 Trend Micro | 1 Pc-cillin | 2018-05-03 | 5.0 MEDIUM | N/A |
| Trend Micro PC-Cillin does not restrict access to its internal proxy port, allowing remote attackers to conduct a denial of service. | |||||
| CVE-2000-0077 | 1 Hp | 1 Hp-ux | 2018-05-03 | 7.2 HIGH | N/A |
| The October 1998 version of the HP-UX aserver program allows local users to gain privileges by specifying an alternate PATH which aserver uses to find the ps and grep commands. | |||||
| CVE-2000-0078 | 1 Hp | 1 Hp-ux | 2018-05-03 | 7.2 HIGH | N/A |
| The June 1999 version of the HP-UX aserver program allows local users to gain privileges by specifying an alternate PATH which aserver uses to find the awk command. | |||||
| CVE-2000-0094 | 1 Netbsd | 1 Netbsd | 2018-05-03 | 7.2 HIGH | N/A |
| procfs in BSD systems allows local users to gain root privileges by modifying the /proc/pid/mem interface via a modified file descriptor for stderr. | |||||
| CVE-2000-0120 | 1 Allaire | 1 Spectra | 2018-05-03 | 7.5 HIGH | N/A |
| The Remote Access Service invoke.cfm template in Allaire Spectra 1.0 allows users to bypass authentication via the bAuthenticated parameter. | |||||
| CVE-2000-0149 | 1 Zeus Technologies | 1 Zeus Web Server | 2018-05-03 | 5.0 MEDIUM | N/A |
| Zeus web server allows remote attackers to view the source code for CGI programs via a null character (%00) at the end of a URL. | |||||
| CVE-2000-0165 | 1 Etl | 1 Delegate | 2018-05-03 | 7.5 HIGH | N/A |
| The Delegate application proxy has several buffer overflows which allow a remote attacker to execute commands. | |||||
| CVE-2000-0212 | 1 Pragma Systems | 1 Interaccess Telnetd Server | 2018-05-03 | 5.0 MEDIUM | N/A |
| InterAccess TelnetD Server 4.0 allows remote attackers to conduct a denial of service via malformed terminal client configuration information. | |||||
| CVE-2000-0253 | 1 Craig Dansie | 1 Dansie Shopping Cart | 2018-05-03 | 10.0 HIGH | N/A |
| The dansie shopping cart application cart.pl allows remote attackers to modify sensitive purchase information via hidden form fields. | |||||
| CVE-2000-0254 | 1 Craig Dansie | 1 Dansie Shopping Cart | 2018-05-03 | 5.0 MEDIUM | N/A |
| The dansie shopping cart application cart.pl allows remote attackers to obtain the shopping cart database and configuration information via a URL that references either the env, db, or vars form variables. | |||||