Total
29869 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-1214 | 1 Microsoft | 7 Windows 2000, Windows 2000 Terminal Services, Windows 2003 Server and 4 more | 2025-04-03 | 5.1 MEDIUM | N/A |
|
Microsoft Agent allows remote attackers to spoof trusted Internet content and execute arbitrary code by disguising security prompts on a malicious Web page.
|
|||||
| CVE-2004-0252 | 1 Typsoft | 1 Typsoft Ftp Server | 2025-04-03 | 5.0 MEDIUM | N/A |
|
TYPSoft FTP Server 1.10 allows remote attackers to cause a denial of service (CPU consumption) via an empty USER name.
|
|||||
| CVE-2006-3939 | 1 Scriptscenter | 1 Ezupload Pro | 2025-04-03 | 7.5 HIGH | N/A |
|
ScriptsCenter ezUpload Pro 2.2.0 allows remote attackers to perform administrative activities without authentication in (1) filter.php, which permits changing the Extensions Mode file type; (2) access.php, which permits changing the Protection Method; (3) edituser.php, which permits adding upload capabilities to user accounts; (4) settings.php, which permits changing the admin information; and (5) index.php, which permits uploading of arbitrary files.
|
|||||
| CVE-2002-1775 | 1 Symantec | 1 Norton Antivirus | 2025-04-03 | 7.5 HIGH | N/A |
|
NOTE: this issue has been disputed by the vendor. Symantec Norton AntiVirus (NAV) 2002 allows remote attackers to bypass the initial virus scan and cause NAV to prematurely stop scanning by using a non-RFC compliant MIME header. NOTE: the vendor has disputed this issue, acknowledging that the initial scan is bypassed, but the AutoProtect feature would detect the virus before it is executed
|
|||||
| CVE-2002-2187 | 1 Macromedia | 1 Jrun | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Unknown "file disclosure" vulnerability in Macromedia JRun 3.0, 3.1, and 4.0, related to a log file or jrun.ini, with unknown impact.
|
|||||
| CVE-2002-0305 | 1 Zero One Tech | 1 P100s | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Zero One Tech (ZOT) P100s print server does not properly disable the SNMP service or change the default password, which could leave the server open to attack without the administrator's knowledge.
|
|||||
| CVE-1999-1492 | 1 Sgi | 1 Irix | 2025-04-03 | 7.2 HIGH | N/A |
|
Vulnerability in (1) diskperf and (2) diskalign in IRIX 6.4 allows local attacker to create arbitrary root owned files, leading to root privileges.
|
|||||
| CVE-2005-4529 | 1 Chatspot | 1 Chatspot | 2025-04-03 | 7.5 HIGH | N/A |
|
The Chatspot 2.0.0a7 module for phpBB might allow remote attackers to impersonate other users via unknown vectors.
|
|||||
| CVE-2000-1170 | 1 Pelesoft | 1 Netsnap | 2025-04-03 | 7.5 HIGH | N/A |
|
Buffer overflow in Netsnap webcam HTTP server before 1.2.9 allows remote attackers to execute arbitrary commands via a long GET request.
|
|||||
| CVE-2001-0186 | 1 Free Java Web Server | 1 Free Java Web Server | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Directory traversal vulnerability in Free Java Web Server 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) attack.
|
|||||
| CVE-2006-2922 | 1 Miraks | 1 Miraksgalerie | 2025-04-03 | 5.1 MEDIUM | N/A |
|
Multiple PHP remote file inclusion vulnerabilities in MiraksGalerie 2.62 allow remote attackers to execute arbitrary PHP code via a URL in the (1) g_pcltar_lib_dir parameter in (a) pcltar.lib.php when register_globals is enabled, and (2) listconfigfile[] parameter in (b) galsecurity.lib.php and (c) galimage.lib.php.
|
|||||
| CVE-2004-1900 | 1 Pan Vision | 1 I.g.i-2 Covert Strike | 2025-04-03 | 7.5 HIGH | N/A |
|
Format string vulnerability in the logging function in IGI 2 Covert Strike server 1.3 and earlier allows remote attackers to execute arbitrary code via format string specifiers in RCON commands.
|
|||||
| CVE-2003-0365 | 1 Icq Inc | 1 Icqlite | 2025-04-03 | 4.6 MEDIUM | N/A |
|
ICQLite 2003a creates the ICQ Lite directory with an ACE for "Full Control" privileges for Interactive Users, which allows local users to gain privileges as other users by replacing the executables with malicious programs.
|
|||||
| CVE-1999-0378 | 1 Trend Micro | 1 Interscan Viruswall | 2025-04-03 | 5.0 MEDIUM | N/A |
|
InterScan VirusWall for Solaris doesn't scan files for viruses when a single HTTP request includes two GET commands.
|
|||||
| CVE-2002-1010 | 1 Lotus | 1 Domino R4 | 2025-04-03 | 7.5 HIGH | N/A |
|
Lotus Domino R4 allows remote attackers to bypass access restrictions for files in the web root via an HTTP request appended with a "?" character, which is treated as a wildcard character and bypasses the web handlers.
|
|||||
| CVE-2005-3533 | 1 Osh | 1 Osh | 2025-04-03 | 7.2 HIGH | N/A |
|
Buffer overflow in OSH before 1.7-15 allows local users to execute arbitrary code via a long current working directory and filename.
|
|||||
| CVE-2001-0767 | 1 Steve Poulsen | 1 Guildftpd | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Directory traversal vulnerability in GuildFTPd 0.9.7 allows attackers to list or read arbitrary files and directories via a .. in (1) LS or (2) GET.
|
|||||
| CVE-2005-2866 | 1 Mercora | 1 Imradio | 2025-04-03 | 4.6 MEDIUM | N/A |
|
Mercora IMRadio 4.0.0.0 stores usernames and passwords in plaintext in the MercoraClient\Profiles registry key, which allows local users to gain privileges.
|
|||||
| CVE-2002-1285 | 1 Suse | 1 Suse Linux | 2025-04-03 | 7.2 HIGH | N/A |
|
runlpr in the LPRng package allows the local lp user to gain root privileges via certain command line arguments.
|
|||||
| CVE-2005-3196 | 1 Planet Technology Corp | 1 Fgsw2402rs | 2025-04-03 | 4.6 MEDIUM | N/A |
|
Planet Technology Corp FGSW2402RS switch with firmware 1.2 has a default password, which allows attackers with physical access to the device's serial port to gain privileges.
|
|||||
| CVE-2000-0484 | 1 Max Feoktistov | 1 Small Http Server | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Small HTTP Server ver 3.06 contains a memory corruption bug causing a memory overflow. The overflowed buffer crashes into a Structured Exception Handler resulting in a Denial of Service.
|
|||||
| CVE-2000-0286 | 1 Redhat | 1 Linux | 2025-04-03 | 2.1 LOW | N/A |
|
X fontserver xfs allows local users to cause a denial of service via malformed input to the server.
|
|||||
| CVE-2001-0671 | 1 Ibm | 1 Aix | 2025-04-03 | 10.0 HIGH | N/A |
|
Buffer overflows in (1) send_status, (2) kill_print, and (3) chk_fhost in lpd in AIX 4.3 and 5.1 allow remote attackers to gain root privileges.
|
|||||
| CVE-2006-3410 | 1 Tor | 1 Tor | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Tor before 0.1.1.20 creates "internal circuits" primarily consisting of nodes with "useful exit nodes," which allows remote attackers to conduct unspecified statistical attacks.
|
|||||
| CVE-2001-0826 | 1 Aclogic | 1 Cesarftp | 2025-04-03 | 7.5 HIGH | N/A |
|
Buffer overflows in CesarFTPD 0.98b allows remote attackers to execute arbitrary commands via long arguments to (1) HELP, (2) USER, (3) PASS, (4) PORT, (5) DELE, (6) REST, (7) RMD, or (8) MKD.
|
|||||
| CVE-2002-1989 | 1 Caucho Technology | 1 Resin | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Resin 2.1.1 allows remote attackers to cause a denial of service (thread and connection consumption) via multiple URL requests containing the DOS 'CON' device name and a registered file extension such as .jsp or .xtp.
|
|||||
| CVE-2001-1179 | 1 Xfree86 Project | 1 X11r6 | 2025-04-03 | 7.2 HIGH | N/A |
|
xman allows local users to gain privileges by modifying the MANPATH to point to a man page whose filename contains shell metacharacters.
|
|||||
| CVE-2004-2076 | 1 Jelsoft | 1 Vbulletin | 2025-04-03 | 4.3 MEDIUM | N/A |
|
Cross-site scripting (XSS) vulnerability in search.php for Jelsoft vBulletin 3.0.0 RC4 allows remote attackers to inject arbitrary web script or HTML via the query parameter.
|
|||||
| CVE-2006-4061 | 1 Thomas Pequet | 1 Phpprintanalyzer | 2025-04-03 | 7.5 HIGH | N/A |
|
PHP remote file inclusion vulnerability in index.php in Thomas Pequet phpPrintAnalyzer 1.1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the rep_par_rapport_racine parameter. NOTE: this issue has been disputed by third party researchers, stating that the rep_par_rapport_racine variable is initialized before use
|
|||||
| CVE-2006-3057 | 1 Gnome | 1 Dhcdbd | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in NetworkManager daemon for DHCP (dhcdbd) allows remote attackers to cause a denial of service (crash) via certain invalid DHCP responses that trigger memory corruption.
|
|||||
| CVE-2002-1412 | 1 Gallery Project | 1 Gallery | 2025-04-03 | 7.5 HIGH | N/A |
|
Gallery photo album package before 1.3.1 allows local and possibly remote attackers to execute arbitrary code via a modified GALLERY_BASEDIR variable that points to a directory or URL that contains a Trojan horse init.php script.
|
|||||
| CVE-2001-0402 | 3 Darren Reed, Freebsd, Openbsd | 3 Ipfilter, Freebsd, Openbsd | 2025-04-03 | 7.5 HIGH | N/A |
|
IPFilter 3.4.16 and earlier does not include sufficient session information in its cache, which allows remote attackers to bypass access restrictions by sending fragmented packets to a restricted port after sending unfragmented packets to an unrestricted port.
|
|||||
| CVE-2001-0092 | 1 Microsoft | 1 Internet Explorer | 2025-04-03 | 2.6 LOW | N/A |
|
A function in Internet Explorer 5.0 through 5.5 does not properly verify the domain of a frame within a browser window, which allows a remote attacker to read client files, aka a new variant of the "Frame Domain Verification" vulnerability.
|
|||||
| CVE-2000-0523 | 1 Etype | 1 Eserv | 2025-04-03 | 10.0 HIGH | N/A |
|
Buffer overflow in the logging feature of EServ 2.9.2 and earlier allows an attacker to execute arbitrary commands via a long MKD command.
|
|||||
| CVE-2004-0824 | 1 Apple | 1 Mac Os X | 2025-04-03 | 2.1 LOW | N/A |
|
PPPDialer for Mac OS X 10.2.8 through 10.3.5 allows local users to overwrite system files via a symlink attack on PPPDialer log files.
|
|||||
| CVE-2005-3444 | 1 Oracle | 1 Database Server | 2025-04-03 | 10.0 HIGH | N/A |
|
Multiple unspecified vulnerabilities in the Programmatic Interface in Oracle Database Server from 8i up to 9.2.0.5 have unknown impact and attack vectors, aka Oracle Vuln# DB26.
|
|||||
| CVE-2005-2564 | 1 Gravity Board X Development Team | 1 Gravity Board X | 2025-04-03 | 7.5 HIGH | N/A |
|
Direct static code injection vulnerability in editcss.php in Gravity Board X (GBX) 1.1 allows remote attackers to execute arbitrary PHP code, HTML, and script via the csscontent parameter, which is directly inserted into the gbxfinal.css file.
|
|||||
| CVE-2002-0433 | 1 Pi3 | 1 Pi3web | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Pi3Web 2.0.0 allows remote attackers to view restricted files via an HTTP request containing a "*" (wildcard or asterisk) character.
|
|||||
| CVE-2000-0541 | 1 Panda | 1 Panda Antivirus | 2025-04-03 | 7.2 HIGH | N/A |
|
The Panda Antivirus console on port 2001 allows local users to execute arbitrary commands without authentication via the CMD command.
|
|||||
| CVE-2006-3274 | 1 Webmin | 1 Webmin | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Directory traversal vulnerability in Webmin before 1.280, when run on Windows, allows remote attackers to read arbitrary files via \ (backslash) characters in the URL to certain directories under the web root, such as the image directory.
|
|||||