Total
29869 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-0773 | 1 Hitachi | 1 Business Logic | 2025-04-03 | 4.3 MEDIUM | N/A |
|
Cross-site scripting (XSS) vulnerability in Hitachi Business Logic - Container 02-03 through 03-00-/B on Windows, and 03-00 through 03-00-/B on Linux, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors in the extended receiving box function.
|
|||||
| CVE-2005-0955 | 1 Interakt | 1 Mx Shop | 2025-04-03 | 7.5 HIGH | N/A |
|
SQL injection vulnerability in InterAKT MX Shop 1.1.1 allows remote attackers to execute arbitrary SQL commands via the id_ctg parameter.
|
|||||
| CVE-2001-0688 | 1 Transsoft | 1 Broker Ftp Server | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Broker FTP Server 5.9.5.0 allows a remote attacker to cause a denial of service by repeatedly issuing an invalid CD or CWD ("CD . .") command.
|
|||||
| CVE-2000-0297 | 1 Allaire | 1 Forums | 2025-04-03 | 6.4 MEDIUM | N/A |
|
Allaire Forums 2.0.5 allows remote attackers to bypass access restrictions to secure conferences via the rightAccessAllForums or rightModerateAllForums variables.
|
|||||
| CVE-2006-3238 | 1 Vbzoom | 1 Vbzoom | 2025-04-03 | 7.5 HIGH | N/A |
|
Multiple SQL injection vulnerabilities in VBZooM 1.00 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) MemberID parameter to rank.php, and the (2) QuranID parameter to lng.php.
|
|||||
| CVE-1999-1219 | 1 Sgi | 1 Irix | 2025-04-03 | 7.2 HIGH | N/A |
|
Vulnerability in sgihelp in the SGI help system and print manager in IRIX 5.2 and earlier allows local users to gain root privileges, possibly through the clogin command.
|
|||||
| CVE-1999-0004 | 3 Hp, Sco, University Of Washington | 3 Dtmail, Unixware, Pine | 2025-04-03 | 5.0 MEDIUM | N/A |
|
MIME buffer overflow in email clients, e.g. Solaris mailtool and Outlook.
|
|||||
| CVE-2002-1962 | 1 Finjan Software | 1 Surfingate | 2025-04-03 | 7.5 HIGH | N/A |
|
Finjan Software SurfinGate 6.0 and 6.0 1 allows remote attackers to bypass URL access restrictions via a URL with an IP address instead of a hostname.
|
|||||
| CVE-2004-0134 | 1 Sgi | 1 Irix | 2025-04-03 | 7.2 HIGH | N/A |
|
cpr (libcpr) in SGI IRIX before 6.5.25 allows local users to gain privileges by loading a user provided library while restarting the checkpointed process.
|
|||||
| CVE-2006-4494 | 1 Microsoft | 1 Visual Studio | 2025-04-03 | 7.5 HIGH | N/A |
|
Microsoft Visual Studio 6.0 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code by instantiating certain Visual Studio 6.0 ActiveX COM Objects in Internet Explorer, including (1) tcprops.dll, (2) fp30wec.dll, (3) mdt2db.dll, (4) mdt2qd.dll, and (5) vi30aut.dll.
|
|||||
| CVE-2000-1053 | 1 Macromedia | 1 Jrun | 2025-04-03 | 10.0 HIGH | N/A |
|
Allaire JRun 2.3.3 server allows remote attackers to compile and execute JSP code by inserting it via a cross-site scripting (CSS) attack and directly calling the com.livesoftware.jrun.plugins.JSP JSP servlet.
|
|||||
| CVE-1999-1292 | 1 Kolban | 1 Webcam32 | 2025-04-03 | 7.5 HIGH | N/A |
|
Buffer overflow in web administration feature of Kolban Webcam32 4.8.3 and earlier allows remote attackers to execute arbitrary commands via a long URL.
|
|||||
| CVE-2006-4796 | 1 Snitz Communications | 1 Snitz Forums 2000 | 2025-04-03 | 4.3 MEDIUM | N/A |
|
Cross-site scripting (XSS) vulnerability in forum.asp in Snitz Forums 2000 3.4.06 allows remote attackers to inject arbitrary web script or HTML via the sortorder parameter (strtopicsortord variable).
|
|||||
| CVE-2000-0172 | 2 Matt Kimball And Roger Wolff, Turbolinux | 2 Mtr, Turbolinux | 2025-04-03 | 7.2 HIGH | N/A |
|
The mtr program only uses a seteuid call when attempting to drop privileges, which could allow local users to gain root privileges.
|
|||||
| CVE-1999-1300 | 1 Cray | 1 Unicos | 2025-04-03 | 3.6 LOW | N/A |
|
Vulnerability in accton in Cray UNICOS 6.1 and 6.0 allows local users to read arbitrary files and modify system accounting configuration.
|
|||||
| CVE-2000-0223 | 1 Sam Hawker | 1 Wmcdplay | 2025-04-03 | 7.2 HIGH | N/A |
|
Buffer overflow in the wmcdplay CD player program for the WindowMaker desktop allows local users to gain root privileges via a long parameter.
|
|||||
| CVE-2006-3485 | 1 Astrodog Press | 1 Some Chess | 2025-04-03 | 7.5 HIGH | N/A |
|
Multiple SQL injection vulnerabilities in AstroDog Press Some Chess 1.5-RC2 and earlier allow remote attackers to execute arbitrary SQL commands via unspecified vectors, possibly including the gameID parameter in board.php.
|
|||||
| CVE-2006-2689 | 1 Eva-web | 1 Eva-web | 2025-04-03 | 6.8 MEDIUM | N/A |
|
Multiple cross-site scripting (XSS) vulnerabilities in EVA-Web 2.1.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) debut_image parameter in (a) article-album.php3, (2) date parameter in (b) rubrique.php3, and the (3) perso and (4) aide parameters to (c) an unknown script, probably index.php.
|
|||||
| CVE-2005-4782 | 1 Netbsd | 1 Netbsd | 2025-04-03 | 4.9 MEDIUM | N/A |
|
NetBSD 2.0 before 2.0.4, 2.1 before 2.1.1, and 3, when the kernel is compiled with "options DIAGNOSTIC," allows local users to cause a denial of service (kernel assertion panic) via a negative linger time in the SO_LINGER socket option.
|
|||||
| CVE-2006-1556 | 1 Al-caricatier | 1 Al-caricatier | 2025-04-03 | 6.8 MEDIUM | N/A |
|
Multiple cross-site scripting (XSS) vulnerabilities in view_caricatier.php in AL-Caricatier 2.5 allow remote attackers to inject arbitrary web script or HTML via the (1) CatName, (2) CaricatierID, or (3) CatID parameter.
|
|||||
| CVE-2005-2903 | 1 Eset Software | 1 Nod32 Antivirus | 2025-04-03 | 7.5 HIGH | N/A |
|
Heap-based buffer overflow in NOD32 2.5 with nod32.002 1.033 build 1127, with active scanning enabled, allows remote attackers to execute arbitrary code via an ARJ archive containing a file with a long filename.
|
|||||
| CVE-2004-2127 | 1 Leif M. Wright | 1 Web Blog | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Directory traversal vulnerability in Web Blog 1.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the file variable.
|
|||||
| CVE-2004-1289 | 1 Pcal | 1 Pcal | 2025-04-03 | 10.0 HIGH | N/A |
|
Multiple buffer overflows in (1) the getline function in pcalutil.c and (2) the get_holiday function in readfile.c for pcal 4.7.1 allow remote attackers to execute arbitrary code via a crafted calendar file.
|
|||||
| CVE-2006-3245 | 1 Mvnforum | 1 Mvnforum | 2025-04-03 | 2.6 LOW | N/A |
|
Multiple cross-site scripting (XSS) vulnerabilities in activatemember in mvnForum 1.0 GA and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) member and (2) activatecode parameters.
|
|||||
| CVE-2005-3830 | 1 Activecampaign | 1 Supporttrio | 2025-04-03 | 5.0 MEDIUM | N/A |
|
index.php in ActiveCampaign SupportTrio 1.4 and earlier allows remote attackers to read or include arbitrary files via the page parameter, possibly due to a directory traversal vulnerability.
|
|||||
| CVE-2005-2021 | 1 Cpanel | 1 Cpanel | 2025-04-03 | 4.3 MEDIUM | N/A |
|
Cross-site scripting (XSS) vulnerability in cPanel 9.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the user parameter in the login page.
|
|||||
| CVE-2004-0158 | 1 Lgames | 1 Lbreakout2 | 2025-04-03 | 4.6 MEDIUM | N/A |
|
Buffer overflow in lbreakout2 allows local users to gain 'games' group privileges via a large HOME environment variable to (1) editor.c, (2) theme.c, (3) manager.c, (4) config.c, (5) game.c, (6) levels.c, or (7) main.c.
|
|||||
| CVE-2005-3807 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 4.9 MEDIUM | N/A |
|
Memory leak in the VFS file lease handling in locks.c in Linux kernels 2.6.10 to 2.6.15 allows local users to cause a denial of service (memory exhaustion) via certain Samba activities that cause an fasync entry to be re-allocated by the fcntl_setlease function after the fasync queue has already been cleaned by the locks_delete_lock function.
|
|||||
| CVE-2003-1089 | 1 Phpoutsourcing | 1 Zorum | 2025-04-03 | 5.0 MEDIUM | N/A |
|
index.php for Zorum 3.4 allows remote attackers to determine the full path of the web root via invalid parameter names, which reveals the path in a PHP error message.
|
|||||
| CVE-1999-0247 | 1 Isc | 1 Inn | 2025-04-03 | 7.5 HIGH | N/A |
|
Buffer overflow in nnrpd program in INN up to version 1.6 allows remote users to execute arbitrary commands.
|
|||||
| CVE-2001-1046 | 1 Qualcomm | 1 Qpopper | 2025-04-03 | 10.0 HIGH | N/A |
|
Buffer overflow in qpopper (aka qpop or popper) 4.0 through 4.0.2 allows remote attackers to gain privileges via a long username.
|
|||||
| CVE-1999-0720 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 4.6 MEDIUM | N/A |
|
The pt_chown command in Linux allows local users to modify TTY terminal devices that belong to other users.
|
|||||
| CVE-2005-1230 | 1 Magnus Lundvall | 1 Yawcam | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Directory traversal vulnerability in Yawcam 0.2.5 allows remote attackers to read arbitrary files via "..\" (dot dot backslash) sequences in a GET request.
|
|||||
| CVE-2005-2782 | 1 Autolinks | 1 Autolinks | 2025-04-03 | 7.5 HIGH | N/A |
|
PHP remote file inclusion vulnerability in al_initialize.php for AutoLinks Pro 2.1 allows remote attackers to execute arbitrary PHP code via an "ftp://" URL in the alpath parameter, which bypasses the incomplete blacklist that only checks for "http" and "https" URLs.
|
|||||
| CVE-2003-1178 | 1 Advanced Poll | 1 Advanced Poll | 2025-04-03 | 7.5 HIGH | N/A |
|
Eval injection vulnerability in comments.php in Advanced Poll 2.0.2 allows remote attackers to execute arbitrary PHP code via the (1) id, (2) template_set, or (3) action parameter.
|
|||||
| CVE-2001-1547 | 1 Microsoft | 1 Outlook Express | 2025-04-03 | 7.5 HIGH | N/A |
|
Outlook Express 6.0, with "Do not allow attachments to be saved or opened that could potentially be a virus" enabled, does not block email attachments from forwarded messages, which could allow remote attackers to execute arbitrary code.
|
|||||
| CVE-2003-0511 | 1 Cisco | 1 Ios | 2025-04-03 | 5.0 MEDIUM | N/A |
|
The web server for Cisco Aironet AP1x00 Series Wireless devices running certain versions of IOS 12.2 allow remote attackers to cause a denial of service (reload) via a malformed URL.
|
|||||
| CVE-2005-1779 | 1 Maxwebportal | 1 Maxwebportal | 2025-04-03 | 7.5 HIGH | N/A |
|
SQL injection vulnerability in password.asp in MaxWebPortal 1.35, 1.36, 2.0, and 20050418 Next allows remote attackers to execute arbitrary SQL commands via the memKey parameter.
|
|||||
| CVE-2002-1166 | 1 John Franks | 1 Wn Server | 2025-04-03 | 7.5 HIGH | N/A |
|
Buffer overflow in John Franks WN Server 1.18.2 through 2.0.0 allows remote attackers to execute arbitrary code via a long GET request.
|
|||||
| CVE-2000-0248 | 1 Redhat | 1 Linux | 2025-04-03 | 10.0 HIGH | N/A |
|
The web GUI for the Linux Virtual Server (LVS) software in the Red Hat Linux Piranha package has a backdoor password that allows remote attackers to execute arbitrary commands.
|
|||||