Total
345224 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-1999-1138 | 1 Sco | 4 Open Desktop, Open Desktop Lite, Openserver and 1 more | 2026-04-16 | N/A |
| SCO UNIX System V/386 Release 3.2, and other SCO products, installs the home directories (1) /tmp for the dos user, and (2) /usr/tmp for the asg user, which allows other users to gain access to those accounts since /tmp and /usr/tmp are world-writable. | ||||
| CVE-2002-2051 | 1 Modlogan | 1 Modlogan | 2026-04-16 | N/A |
| The processor_web plugin for ModLogAn 0.5.0 through 0.7.11, when used with the splitby option, allows local users to overwrite arbitrary files via a symlink attack on files specified as hostnames in a log file. | ||||
| CVE-2002-2057 | 1 Teekai | 1 Teekai Forum | 2026-04-16 | N/A |
| TeeKai Forum 1.2 uses weak encryption of web usage statistics in data/member_log.txt, which is stored under the web document root with insufficient access control, which allows remote attackers to identify IP's visiting the site by dividing each octet by the MD5 hash of '20'. | ||||
| CVE-2004-0155 | 2 Kame, Redhat | 2 Racoon, Enterprise Linux | 2026-04-16 | N/A |
| The KAME IKE Daemon Racoon, when authenticating a peer during Phase 1, validates the X.509 certificate but does not verify the RSA signature authentication, which allows remote attackers to establish unauthorized IP connections or conduct man-in-the-middle attacks using a valid, trusted X.509 certificate. | ||||
| CVE-1999-1157 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| Tcpip.sys in Windows NT 4.0 before SP4 allows remote attackers to cause a denial of service via an ICMP Subnet Mask Address Request packet, when certain multiple IP addresses are bound to the same network interface. | ||||
| CVE-2004-0157 | 1 Xonix | 1 Xonix | 2026-04-16 | N/A |
| x11.c in xonix 1.4 and earlier uses the current working directory to find and execute the rmail program, which allows local users to execute arbitrary code by modifying the path to point to a malicious rmail program. | ||||
| CVE-2002-2066 | 1 Jetico | 1 Bcwipe | 2026-04-16 | 7.5 High |
| BestCrypt BCWipe 1.0.7 and 2.0 through 2.35.1 does not clear Windows alternate data streams that are attached to files on NTFS file systems, which allows attackers to recover sensitive information that was supposed to be deleted. | ||||
| CVE-1999-1193 | 1 Next | 1 Next | 2026-04-16 | N/A |
| The "me" user in NeXT NeXTstep 2.1 and earlier has wheel group privileges, which could allow the me user to use the su command to become root. | ||||
| CVE-2004-0159 | 1 Samhain Labs | 1 Hsftp | 2026-04-16 | N/A |
| Format string vulnerability in hsftp 1.11 allows remote authenticated users to cause a denial of service and possibly execute arbitrary code via file names containing format string characters that are not properly handled when executing an "ls" command. | ||||
| CVE-2002-2093 | 1 Sgi | 1 Irix | 2026-04-16 | N/A |
| The Video Control Panel on SGI O2/IRIX 6.5, when the Default Input is set to "Output Video", allows attackers to access a console session by running videoout then videoin. | ||||
| CVE-1999-1324 | 1 Hp | 1 Openvms Vax | 2026-04-16 | 9.8 Critical |
| VAXstations running Open VMS 5.3 through 5.5-2 with VMS DECwindows or MOTIF do not properly disable access to user accounts that exceed the break-in limit threshold for failed login attempts, which makes it easier for attackers to conduct brute force password guessing. | ||||
| CVE-1999-1452 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| GINA in Windows NT 4.0 allows attackers with physical access to display a portion of the clipboard of the user who has locked the workstation by pasting (CTRL-V) the contents into the username prompt. | ||||
| CVE-2002-2111 | 1 Gianni Tedesco | 1 Fwmon | 2026-04-16 | N/A |
| Fwmon before 1.0.10 allows remote attackers to cause a denial of service (crash) by causing the kernel to return a large packet. | ||||
| CVE-2000-0740 | 1 Network Associates | 1 Net Tools Pki Server | 2026-04-16 | N/A |
| Buffer overflow in strong.exe program in NAI Net Tools PKI server 1.0 before HotFix 3 allows remote attackers to execute arbitrary commands via a long URL in the HTTPS port. | ||||
| CVE-2002-2118 | 1 Blue World Communications | 1 Lasso Web Data Engine | 2026-04-16 | N/A |
| Buffer overflow in Blue World Lasso Web Data Engine 3.6.5 allows remote attackers to cause a denial of service via a long URL. | ||||
| CVE-2002-2127 | 1 Pedestal Software | 1 Integrity Protection Driver | 2026-04-16 | N/A |
| Integrity Protection Driver (IPD) 1.2 and earlier blocks access to \Device\PhysicalMemory by its name, which could allow local privileged processes to overwrite kernel memory by accessing the device through a symlink. | ||||
| CVE-2004-0160 | 1 Synaesthesia | 1 Synaesthesia | 2026-04-16 | N/A |
| Synaesthesia 2.2 and earlier allows local users to execute arbitrary code via a symlink attack on the configuration file. | ||||
| CVE-2002-2129 | 1 W-agora | 1 W-agora | 2026-04-16 | N/A |
| Cross-site scripting vulnerability (XSS) in editform.php for w-Agora 4.1.5 allows remote attackers to execute arbitrary web script via an arbitrary form field name containing the script, which is echoed back to the user when displaying the form. | ||||
| CVE-2000-0839 | 1 Ipswitch | 1 Wincom Lpd | 2026-04-16 | N/A |
| WinCOM LPD 1.00.90 allows remote attackers to cause a denial of service via a large number of LPD options to the LPD port (515). | ||||
| CVE-2000-0679 | 1 Cvs | 1 Cvs | 2026-04-16 | N/A |
| The CVS 1.10.8 client trusts pathnames that are provided by the CVS server, which allows the server to force the client to create arbitrary files. | ||||