Total
27865 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-0853 | 1 Entrust | 1 Getaccess | 2017-07-10 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Entrust GetAccess allows remote attackers to read arbitrary files via a .. (dot dot) in the locale parameter to (1) helpwin.gas.bat or (2) AboutBox.gas.bat. | |||||
| CVE-2001-0555 | 1 Screaming Media | 1 Siteware | 2017-07-10 | 10.0 HIGH | N/A |
| ScreamingMedia SITEWare versions 2.5 through 3.1 allows a remote attacker to read world-readable files via a .. (dot dot) attack through (1) the SITEWare Editor's Desktop or (2) the template parameter in SWEditServlet. | |||||
| CVE-2001-1461 | 1 Rsa | 1 Securid | 2017-07-10 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in WebID in RSA Security SecurID 5.0 as used by ACE/Agent for Windows, Windows NT and Windows 2000 allows attackers to access restricted resources via URL-encoded (1) /.. or (2) \.. sequences. | |||||
| CVE-1999-0593 | 1 Microsoft | 1 Windows Nt | 2017-07-10 | 4.9 MEDIUM | N/A |
| The default setting for the Winlogon key entry ShutdownWithoutLogon in Windows NT allows users with physical access to shut down a Windows NT system without logging in. | |||||
| CVE-1999-1089 | 1 Hp | 1 Hp-ux | 2017-07-10 | 7.2 HIGH | N/A |
| Buffer overflow in chfn command in HP-UX 9.X through 10.20 allows local users to gain privileges via a long command line argument. | |||||
| CVE-2001-1379 | 1 Guiseppe Tanzilli And Matthias Eckermann | 1 Mod Auth Pgsql | 2017-07-10 | 7.5 HIGH | N/A |
| The PostgreSQL authentication modules (1) mod_auth_pgsql 0.9.5, and (2) mod_auth_pgsql_sys 0.9.4, allow remote attackers to bypass authentication and execute arbitrary SQL via a SQL injection attack on the user name. | |||||
| CVE-2001-1446 | 1 Apple | 1 Mac Os X | 2017-07-10 | 7.5 HIGH | N/A |
| Find-By-Content in Mac OS X 10.0 through 10.0.4 creates world-readable index files named .FBCIndex in every directory, which allows remote attackers to learn the contents of files in web accessible directories. | |||||
| CVE-2001-1449 | 2 Apache, Mandrakesoft | 4 Http Server, Mandrake Linux, Mandrake Linux Corporate Server and 1 more | 2017-07-10 | 7.5 HIGH | N/A |
| The default installation of Apache before 1.3.19 on Mandrake Linux 7.1 through 8.0 and Linux Corporate Server 1.0.1 allows remote attackers to list the directory index of arbitrary web directories. | |||||
| CVE-2002-0535 | 2 Postboard, Postnuke Software Foundation | 2 Postboard, Postnuke | 2017-07-10 | 5.0 MEDIUM | N/A |
| Cross-site scripting vulnerabilities in PostBoard 2.0.1 and earlier allows remote attackers to execute script as other users via (1) an [IMG] tag when BBCode is enabled, or (2) in a topic title. | |||||
| CVE-1999-0650 | 2017-07-10 | 5.0 MEDIUM | N/A | ||
| The netstat service is running, which provides sensitive information to remote attackers. | |||||
| CVE-2002-1927 | 1 Aquonics Scripting | 1 Aquonics File Manager | 2017-07-10 | 2.1 LOW | N/A |
| Aquonics File Manager 1.5 allows users with edit privileges to modify user accounts by editing the userlist.cgi file. | |||||
| CVE-2001-1448 | 1 Magic | 1 Edeveloper | 2017-07-10 | 4.6 MEDIUM | N/A |
| Magic eDeveloper Enterprise Edition 8.30-5 and earlier allows local users to overwrite arbitrary files and possibly execute code via a symlink attack on temporary files created by the (1) mkuserproc, (2) mgrnt, and (3) mgdatasrvr.sc scripts. | |||||
| CVE-2001-1447 | 1 Apple | 1 Mac Os X | 2017-07-10 | 7.2 HIGH | N/A |
| NetInfo Manager for Mac OS X 10.0 through 10.1 allows local users to gain root privileges by opening applications using the (1) "recent items" and (2) "services" menus, which causes the applications to run with root privileges. | |||||
| CVE-2002-0526 | 1 Inn | 1 Inn | 2017-07-10 | 7.2 HIGH | N/A |
| Vulnerability in (1) inews or (2) rnews for INN 2.2.3 and earlier, related to insecure open() calls. | |||||
| CVE-2001-1460 | 1 Postnuke Software Foundation | 1 Postnuke | 2017-07-10 | 7.5 HIGH | N/A |
| SQL injection vulnerability in article.php in PostNuke 0.62 through 0.64 allows remote attackers to bypass authentication via the user parameter. | |||||
| CVE-2001-1455 | 1 Netegrity | 1 Siteminder | 2017-07-10 | 7.5 HIGH | N/A |
| Netegrity SiteMinder 3.6 through 4.5.1 allows remote attackers to bypass filtering via URLs containing Unicode characters. | |||||
| CVE-2001-0224 | 1 Brightstation | 1 Muscat Empower | 2017-07-10 | 5.0 MEDIUM | N/A |
| Muscat Empower CGI program allows remote attackers to obtain the absolute pathname of the server via an invalid request in the DB parameter. | |||||
| CVE-2002-0592 | 1 Aol | 1 Instant Messenger | 2017-07-10 | 7.5 HIGH | N/A |
| AOL Instant Messenger (AIM) allows remote attackers to steal files that are being transferred to other clients by connecting to port 4443 (Direct Connection) or port 5190 (file transfer) before the intended user. | |||||
| CVE-2002-0602 | 1 Snapgear | 1 Snapgear Lite\+ Firewall | 2017-07-10 | 5.0 MEDIUM | N/A |
| Snapgear Lite+ firewall 1.5.4 and 1.5.3 allows remote attackers to cause a denial of service (crash) via a large number of connections to (1) the HTTP web management port, or (2) the PPTP port. | |||||
| CVE-2001-1459 | 1 Openbsd | 1 Openssh | 2017-07-10 | 7.5 HIGH | N/A |
| OpenSSH 2.9 and earlier does not initiate a Pluggable Authentication Module (PAM) session if commands are executed with no pty, which allows local users to bypass resource limits (rlimits) set in pam.d. | |||||