ReportizFlow
Filtered by vendor
Subscriptions
Total
5481 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-1999-0344 | 1 Microsoft | 1 Windows Nt | 2025-04-03 | N/A |
| NT users can gain debug-level access on a system process using the Sechole exploit. | ||||
| CVE-2002-1590 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | N/A |
| The Web-Based Enterprise Management (WBEM) packages (1) SUNWwbdoc, (2) SUNWwbcou, (3) SUNWwbdev and (4) SUNWmgapp packages, when installed using Solaris 8 Update 1/01 or later, install files with world or group write permissions, which allows local users to gain root privileges or cause a denial of service. | ||||
| CVE-2006-2198 | 3 Openoffice, Redhat, Sun | 3 Openoffice, Enterprise Linux, Staroffice | 2025-04-03 | N/A |
| OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to conduct unauthorized activities via an OpenOffice document with a malicious BASIC macro, which is executed without prompting the user. | ||||
| CVE-2006-0859 | 1 Michael Salzer | 1 Guestbox | 2025-04-03 | N/A |
| Michael Salzer Guestbox 0.6, and other versions before 0.8, allows remote attackers to post an admin comment to a guestbook entry via a certain modified form, possibly related to the nummer parameter. | ||||
| CVE-2002-2302 | 1 3d3.com | 1 Shopfactory | 2025-04-03 | N/A |
| 3D3.Com ShopFactory 5.5 through 5.8 allows remote attackers to modify the prices in their shopping carts by modifying the price in a hidden form field. | ||||
| CVE-2002-2360 | 1 Webmin | 1 Webmin | 2025-04-03 | N/A |
| The RPC module in Webmin 0.21 through 0.99, when installed without root or admin privileges, allows remote attackers to read and write to arbitrary files and execute arbitrary commands via remote_foreign_require and remote_foreign_call requests. | ||||
| CVE-2005-0244 | 2 Postgresql, Redhat | 2 Postgresql, Enterprise Linux | 2025-04-03 | N/A |
| PostgreSQL 8.0.0 and earlier allows local users to bypass the EXECUTE permission check for functions by using the CREATE AGGREGATE command. | ||||
| CVE-2006-0700 | 1 Imagevue | 1 Imagevue | 2025-04-03 | N/A |
| imageVue 16.1 allows remote attackers to obtain folder permission settings via a direct request to dir.php, which returns an XML document that lists folders and their permissions. | ||||
| CVE-2000-0219 | 1 Redhat | 1 Linux | 2025-04-03 | N/A |
| Red Hat 6.0 allows local users to gain root access by booting single user and hitting ^C at the password prompt. | ||||
| CVE-1999-1383 | 2 Gnu, Tcsh | 2 Bash, Tcsh | 2025-04-03 | N/A |
| (1) bash before 1.14.7, and (2) tcsh 6.05 allow local users to gain privileges via directory names that contain shell metacharacters (` back-tick), which can cause the commands enclosed in the directory name to be executed when the shell expands filenames using the \w option in the PS1 variable. | ||||
| CVE-2002-2361 | 1 Yahoo | 1 Messenger | 2025-04-03 | N/A |
| The installer in Yahoo! Messenger 4.0, 5.0 and 5.5 does not verify package signatures which could allow remote attackers to install trojan programs via DNS spoofing. | ||||
| CVE-2002-2363 | 1 Hp | 1 Hp-ux | 2025-04-03 | N/A |
| VJE.VJE-RUN in HP-UX 11.00 adds bin to /etc/PATH, which could allow local users to gain privileges. | ||||
| CVE-2006-1079 | 1 Acme Labs | 1 Thttpd | 2025-04-03 | N/A |
| htpasswd, as used in Acme thttpd 2.25b and possibly other products such as Apache, might allow local users to gain privileges via shell metacharacters in a command line argument, which is used in a call to the system function. NOTE: since htpasswd is normally installed as a non-setuid program, and the exploit is through command line options, perhaps this issue should not be included in CVE. However, if there are some typical or recommended configurations that use htpasswd with sudo privileges, or common products that access htpasswd remotely, then perhaps it should be included. | ||||
| CVE-2005-2936 | 1 Realnetworks | 2 Realone Player, Realplayer | 2025-04-03 | N/A |
| Unquoted Windows search path vulnerability in RealNetworks RealPlayer 10.5 6.0.12.1040 through 6.0.12.1348, RealPlayer 10, RealOne Player v2, RealOne Player v1, and RealPlayer 8 before 20060322 might allow local users to gain privileges via a malicious C:\program.exe file. | ||||
| CVE-2005-1532 | 2 Mozilla, Redhat | 3 Firefox, Mozilla, Enterprise Linux | 2025-04-03 | N/A |
| Firefox before 1.0.4 and Mozilla Suite before 1.7.8 do not properly limit privileges of Javascript eval and Script objects in the calling context, which allows remote attackers to conduct unauthorized activities via "non-DOM property overrides," a variant of CVE-2005-1160. | ||||
| CVE-2005-2741 | 2 Apple, Perry Kiehtreiber | 3 Mac Os X, Mac Os X Server, Securityd | 2025-04-03 | N/A |
| Authorization Services in securityd for Apple Mac OS X 10.3.9 allows local users to gain privileges by granting themselves certain rights that should be restricted to administrators. | ||||
| CVE-2002-1877 | 1 Netgear | 1 Fm114p | 2025-04-03 | N/A |
| NETGEAR FM114P allows remote attackers to bypass access restrictions for web sites via a URL that uses the IP address instead of the hostname. | ||||
| CVE-2005-4854 | 1 Ez | 1 Ez Publish | 2025-04-03 | N/A |
| eZ publish 3.5 through 3.7 before 20050830 does not use a folder's read permissions to restrict notifications, which allows remote authenticated users to obtain sensitive information about changes to content in arbitrary folders. | ||||
| CVE-2003-1515 | 1 Origo | 2 Asr-8100, Asr-8400 | 2025-04-03 | N/A |
| Origo ASR-8100 ADSL Router 3.21 has an administration service running on port 254 that does not require a password, which allows remote attackers to cause a denial of service by restoring the factory defaults. | ||||
| CVE-2006-2562 | 1 Zyxel | 1 P-335wt Router | 2025-04-03 | N/A |
| ZyXEL P-335WT router allows remote attackers to bypass access restrictions and conduct unauthorized operations via a UPnP request with a modified InternalClient parameter, which is not validated, as demonstrated by using AddPortMapping to forward arbitrary traffic. | ||||