Search Results (29815 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-1970 1 Snortcenter 1 Snortcenter 2025-04-03 N/A
SnortCenter 0.9.5, when configured to push Snort rules, stores the rules in a temporary file with world-readable and world-writable permissions, which allows local users to obtain usernames and passwords for the alert database servers.
CVE-2000-0045 1 Oracle 1 Mysql 2025-04-03 N/A
MySQL allows local users to modify passwords for arbitrary MySQL users via the GRANT privilege.
CVE-2000-0047 1 Yahoo 1 Pager 2025-04-03 N/A
Buffer overflow in Yahoo Pager/Messenger client allows remote attackers to cause a denial of service via a long URL within a message.
CVE-2000-0049 1 Nullsoft 1 Winamp 2025-04-03 N/A
Buffer overflow in Winamp client allows remote attackers to execute commands via a long entry in a .pls file.
CVE-2002-0735 2 C-note, Padl Software 3 Squid Auth Ldap, Nss Ldap, Pam Ldap 2025-04-03 N/A
Format string vulnerability in the logging() function in C-Note Squid LDAP authentication module (squid_auth_LDAP) 2.0.2 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code by triggering log messages.
CVE-2002-1972 1 Sebastian Dehne 1 Pp Powerswitch 2025-04-03 N/A
Unknown vulnerability in Parallel port powerSwitch (aka pp_powerSwitch) 0.1 does not properly enforce access controls, which allows local users to access arbitrary ports.
CVE-1999-0354 1 Microsoft 2 Internet Explorer, Word 2025-04-03 N/A
Internet Explorer 4.x or 5.x with Word 97 allows arbitrary execution of Visual Basic programs to the IE client through the Word 97 template, which doesn't warn the user that the template contains executable content. Also applies to Outlook when the client views a malicious email message.
CVE-2000-0083 1 Hp 1 Hp-ux 2025-04-03 N/A
HP asecure creates the Audio Security File audio.sec with insecure permissions, which allows local users to cause a denial of service or gain additional privileges.
CVE-2000-0084 1 Globalscape 1 Cuteftp 2025-04-03 N/A
CuteFTP uses weak encryption to store password information in its tree.dat file.
CVE-2000-0087 1 Netscape 2 Communicator, Navigator 2025-04-03 N/A
Netscape Mail Notification (nsnotify) utility in Netscape Communicator uses IMAP without SSL, even if the user has set a preference for Communicator to use an SSL connection, allowing a remote attacker to sniff usernames and passwords in plaintext.
CVE-2002-0762 1 Suse 1 Suse Linux 2025-04-03 N/A
shadow package in SuSE 8.0 allows local users to destroy the /etc/passwd and /etc/shadow files or assign extra group privileges to some users by changing filesize limits before calling programs that modify the files.
CVE-2003-0557 1 Lagarde 1 Storefront 2025-04-03 N/A
SQL injection vulnerability in login.asp for StoreFront 6.0, and possibly earlier versions, allows remote attackers to obtain sensitive user information via SQL statements in the password field.
CVE-2006-0238 1 Gamerz 1 Wp-stats 2025-04-03 N/A
SQL injection vulnerability in wp-stats.php in GaMerZ WP-Stats 2.0 allows remote attackers to execute arbitrary SQL commands via the author parameter.
CVE-1999-0368 7 Caldera, Debian, Proftpd Project and 4 more 8 Openlinux, Debian Linux, Proftpd and 5 more 2025-04-03 N/A
Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto.
CVE-1999-0369 1 Sun 2 Solaris, Sunos 2025-04-03 N/A
The Sun sdtcm_convert calendar utility for OpenWindows has a buffer overflow which can gain root access.
CVE-2000-0099 1 Sco 1 Unixware 2025-04-03 N/A
Buffer overflow in UnixWare ppptalk command allows local users to gain privileges via a long prompt argument.
CVE-2002-0765 1 Openbsd 2 Openbsd, Openssh 2025-04-03 N/A
sshd in OpenSSH 3.2.2, when using YP with netgroups and under certain conditions, may allow users to successfully authenticate and log in with another user's password.
CVE-2000-0109 1 Comstock 1 Multicsp 2025-04-03 N/A
The mcsp Client Site Processor system (MultiCSP) in Standard and Poor's ComStock is installed with several accounts that have no passwords or easily guessable default passwords.
CVE-2000-0119 2 Mcafee, Symantec 2 Virusscan, Norton Antivirus 2025-04-03 N/A
The default configurations for McAfee Virus Scan and Norton Anti-Virus virus checkers do not check files in the RECYCLED folder that is used by the Windows Recycle Bin utility, which allows attackers to store malicious code without detection.
CVE-2000-0125 1 Wired Community Software 1 Wwwthreads 2025-04-03 N/A
wwwthreads does not properly cleanse numeric data or table names that are passed to SQL queries, which allows remote attackers to gain privileges for wwwthreads forums.