Vulnerabilities (CVE)

Filtered by CWE-264
Total 5247 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2005-4069 1 Sunncomm 1 Mediamax Drm 2025-04-03 4.6 MEDIUM N/A
SunnComm MediaMax DRM 5.0.21.0, as used by Sony BMG, assigns insecure Everyone/Full Control permissions to the "SunnComm Shared" directory, which allows local users to gain privileges by modifying programs installed in that directory, such as MMX.exe.
CVE-1999-0899 1 Microsoft 1 Windows Nt 2025-04-03 7.2 HIGH N/A
The Windows NT 4.0 print spooler allows a local user to execute arbitrary commands due to inappropriate permissions that allow the user to specify an alternate print provider.
CVE-2006-2562 1 Zyxel 1 P-335wt Router 2025-04-03 7.5 HIGH N/A
ZyXEL P-335WT router allows remote attackers to bypass access restrictions and conduct unauthorized operations via a UPnP request with a modified InternalClient parameter, which is not validated, as demonstrated by using AddPortMapping to forward arbitrary traffic.
CVE-2002-2265 2 Hp, Open Source Internet Solutions 2 Tru64, Open Source Internet Solutions 2025-04-03 6.4 MEDIUM N/A
Unspecified vulnerability in LDAP Module in System Authentication of Open Source Internet Solutions (OSIS) 5.4 running on Tru64 UNIX 4.0G and 4.0F allows remote attackers to gain access to arbitrary files or gain privileges via unknown attack vectors.
CVE-2005-3058 1 Fortinet 2 Fortigate, Fortios 2025-04-03 7.5 HIGH N/A
Interpretation conflict in Fortinet FortiGate 2.8, running FortiOS 2.8MR10 and v3beta, allows remote attackers to bypass the URL blocker via an (1) HTTP request terminated with a line feed (LF) and not carriage return line feed (CRLF) or (2) HTTP request with no Host field, which is still processed by most web servers without violating RFC2616.
CVE-2002-2353 1 Tftpd32 1 Tftpd32 2025-04-03 6.4 MEDIUM N/A
tftpd32 2.50 and 2.50.2 allows remote attackers to read or write arbitrary files via a full pathname in GET and PUT requests.
CVE-1999-1383 2 Gnu, Tcsh 2 Bash, Tcsh 2025-04-03 4.6 MEDIUM N/A
(1) bash before 1.14.7, and (2) tcsh 6.05 allow local users to gain privileges via directory names that contain shell metacharacters (` back-tick), which can cause the commands enclosed in the directory name to be executed when the shell expands filenames using the \w option in the PS1 variable.
CVE-2006-0697 1 Zen-cart 1 Zen Cart 2025-04-03 10.0 HIGH N/A
Zen Cart before 1.2.7 does not protect the admin/includes directory, which allows remote attackers to cause unknown impact via unspecified vectors, probably direct requests.
CVE-2005-4093 1 Checkpoint 2 Secureclient Ng, Vpn-1 Secureclient 2025-04-03 6.5 MEDIUM N/A
Check Point VPN-1 SecureClient NG with Application Intelligence R56, NG FP1, 4.0, and 4.1 allows remote attackers to bypass security policies by modifying the local copy of the local.scv policy file after it has been downloaded from the VPN Endpoint.
CVE-2004-2694 1 Microsoft 1 Outlook Express 2025-04-03 5.8 MEDIUM N/A
Microsoft Outlook Express 6.0 allows remote attackers to bypass intended access restrictions, load content from arbitrary sources into the Outlook context, and facilitate phishing attacks via a "BASE HREF" with the target set to "_top".
CVE-2001-1247 1 Php 1 Php 2025-04-03 6.4 MEDIUM N/A
PHP 4.0.4pl1 and 4.0.5 in safe mode allows remote attackers to read and write files owned by the web server UID by uploading a PHP script that uses the error_log function to access the files.
CVE-2006-1725 1 Mozilla 2 Firefox, Seamonkey 2025-04-03 2.6 LOW N/A
Mozilla Firefox 1.5 before 1.5.0.2 and SeaMonkey before 1.0.1 causes certain windows to become translucent due to an interaction between XUL content windows and the history mechanism, which might allow user-assisted remote attackers to trick users into executing arbitrary code.
CVE-2006-1174 1 Debian 1 Shadow 2025-04-03 3.7 LOW N/A
useradd in shadow-utils before 4.0.3, and possibly other versions before 4.0.8, does not provide a required argument to the open function when creating a new user mailbox, which causes the mailbox to be created with unpredictable permissions and possibly allows attackers to read or modify the mailbox.
CVE-2006-4640 1 Adobe 1 Flash Player 2025-04-03 6.8 MEDIUM N/A
Unspecified vulnerability in Adobe Flash Player before 9.0.16.0 allows user-assisted remote attackers to bypass the allowScriptAccess protection via unspecified vectors.
CVE-2002-2324 1 Microsoft 1 Windows Xp 2025-04-03 7.2 HIGH N/A
The "System Restore" directory and subdirectories, and possibly other subdirectories in the "System Volume Information" directory on Windows XP Professional, have insecure access control list (ACL) permissions, which allows local users to access restricted files and modify registry settings.
CVE-2000-0844 13 Caldera, Conectiva, Debian and 10 more 16 Openlinux, Openlinux Ebuilder, Openlinux Eserver and 13 more 2025-04-03 10.0 HIGH N/A
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.
CVE-2005-2741 2 Apple, Perry Kiehtreiber 3 Mac Os X, Mac Os X Server, Securityd 2025-04-03 7.2 HIGH N/A
Authorization Services in securityd for Apple Mac OS X 10.3.9 allows local users to gain privileges by granting themselves certain rights that should be restricted to administrators.
CVE-2006-0008 1 Microsoft 3 Office, Windows 2003 Server, Windows Xp 2025-04-03 7.2 HIGH N/A
The ShellAbout API call in Korean Input Method Editor (IME) in Korean versions of Microsoft Windows XP SP1 and SP2, Windows Server 2003 up to SP1, and Office 2003, allows local users to gain privileges by launching the "shell about dialog box" and clicking the "End-User License Agreement" link, which executes Notepad with the privileges of the program that displays the about box.
CVE-2004-2692 1 Kyberdigi Labs 1 Php-exec-dir 2025-04-03 9.3 HIGH N/A
The exec_dir PHP patch (php-exec-dir) 4.3.2 through 4.3.7 with safe mode disabled allows remote attackers to bypass restrictions and execute arbitrary commands via a backtick operator, which is not handled using the php_escape_shell_cmd function.
CVE-2006-2918 1 Lanap Botdetect 1 Captcha Asp.net 2025-04-03 5.0 MEDIUM N/A
The Lanap BotDetect APS.NET CAPTCHA component before 1.5.4.0 stores the UUID and hash for a CAPTCHA in the ViewState of a page, which makes it easier for remote attackers to conduct automated attacks by "replaying the ViewState for a known number."