Total
29802 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-0009 | 1 Microsoft | 2 Windows Me, Windows Xp | 2025-04-03 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Help and Support Center for Microsoft Windows Me allows remote attackers to execute arbitrary script in the Local Computer security context via an hcp:// URL with the malicious script in the topic parameter. | |||||
| CVE-2006-3692 | 1 Silentweb | 1 Listmessenger | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in enduser/listmessenger.php in ListMessenger 0.9.3 allows remote attackers to execute arbitrary PHP code via a URL in the lm_path parameter. NOTE: the vendor has disputed this issue to SecurityTracker, stating that the $lm_path variable is set to a constant value. As of 20060726, CVE concurs with the vendor based on SecurityTracker's post-disclosure analysis | |||||
| CVE-1999-0800 | 1 Allaire | 1 Forums | 2025-04-03 | 5.0 MEDIUM | N/A |
| The GetFile.cfm file in Allaire Forums allows remote attackers to read files through a parameter to GetFile.cfm. | |||||
| CVE-2000-0374 | 1 Caldera | 1 Openlinux | 2025-04-03 | 10.0 HIGH | N/A |
| The default configuration of kdm in Caldera and Mandrake Linux, and possibly other distributions, allows XDMCP connections from any host, which allows remote attackers to obtain sensitive information or bypass additional access restrictions. | |||||
| CVE-2006-3123 | 1 Matt Blaze | 1 Cryptographic File System | 2025-04-03 | 2.1 LOW | N/A |
| Multiple integer overflows in the (1) dodecrypt and (2) doencrypt functions in cfs_fh.c in cfsd in Matt Blaze Cryptographic File System (CFS) 1.4.1 before Debian GNU/Linux package 1.4.1-17 allow local users to cause a denial of service (daemon crash) by appending data to a file that is larger than 2 Gb. | |||||
| CVE-2003-0834 | 1 Sco | 2 Open Unix, Unixware | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in CDE libDtHelp library allows local users to execute arbitrary code via (1) a modified DTHELPUSERSEARCHPATH environment variable and the Help feature, (2) DTSEARCHPATH, or (3) LOGNAME. | |||||
| CVE-2004-1517 | 1 Zonelabs | 1 Imsecure | 2025-04-03 | 7.5 HIGH | N/A |
| Zone Labs IMsecure and IMsecure Pro before 1.5 allow remote attackers to bypass Active Link Filtering via an instant message containing a URL with hex encoded file extensions. | |||||
| CVE-2002-1916 | 1 Pirch | 2 Pirch Irc, Ruspirch | 2025-04-03 | 5.0 MEDIUM | N/A |
| Pirch and RusPirch, when auto-log is enabled, allows remote attackers to cause a denial of service (crash) via a nickname containing an MS-DOS device name such as AUX, which is inserted into a filename for saving queries. | |||||
| CVE-2003-0255 | 1 Gnu | 1 Privacy Guard | 2025-04-03 | 10.0 HIGH | N/A |
| The key validation code in GnuPG before 1.2.2 does not properly determine the validity of keys with multiple user IDs and assigns the greatest validity of the most valid user ID, which prevents GnuPG from warning the encrypting user when a user ID does not have a trusted path. | |||||
| CVE-2003-0647 | 1 Cisco | 1 Ios | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the HTTP server for Cisco IOS 12.2 and earlier allows remote attackers to execute arbitrary code via an extremely long (2GB) HTTP GET request. | |||||
| CVE-2001-1365 | 1 Osi Codes Inc. | 1 Intragnat | 2025-04-03 | 7.5 HIGH | N/A |
| Vulnerability in IntraGnat before 1.4. | |||||
| CVE-2002-1125 | 1 Freebsd | 1 Freebsd | 2025-04-03 | 2.1 LOW | N/A |
| FreeBSD port programs that use libkvm for FreeBSD 4.6.2-RELEASE and earlier, including (1) asmon, (2) ascpu, (3) bubblemon, (4) wmmon, and (5) wmnet2, leave open file descriptors for /dev/mem and /dev/kmem, which allows local users to read kernel memory. | |||||
| CVE-2006-4238 | 1 Wtcom | 1 Web Torrent | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in torrents.php in WebTorrent (WTcom) 0.2.4 and earlier allows remote attackers to execute arbitrary SQL commands via the cat parameter in category mode. | |||||
| CVE-2006-0168 | 1 Myphpim | 1 Myphpim | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in MyPhPim 01.05 allows remote attackers to inject arbitrary web script or HTML via the description field on the "Create New todo" page. | |||||
| CVE-2001-1178 | 1 Xfree86 Project | 1 X11r6 | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in xman allows local users to gain privileges via a long MANPATH environment variable. | |||||
| CVE-2005-3167 | 1 Mediawiki | 1 Mediawiki | 2025-04-03 | 4.3 MEDIUM | N/A |
| Incomplete blacklist vulnerability in MediaWiki before 1.4.11 does not properly remove certain CSS inputs (HTML inline style attributes) that are processed as active content by Internet Explorer, which allows remote attackers to conduct cross-site scripting (XSS) attacks. | |||||
| CVE-2006-0169 | 1 Myphpim | 1 Myphpim | 2025-04-03 | 7.5 HIGH | N/A |
| addresses.php3 in MyPhPim 01.05 does not restrict uploaded files, which allows remote attackers to execute arbitrary PHP code via the pdbfile variable, then directly accessing those files from the uploads directory. | |||||
| CVE-2006-1704 | 1 Hubert Plisson | 1 Sire | 2025-04-03 | 5.0 MEDIUM | N/A |
| Sire 2.0 nws allows remote attackers to upload arbitrary image files without authentication via a direct request to upload.php. | |||||
| CVE-2005-0773 | 1 Symantec Veritas | 1 Backup Exec | 2025-04-03 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in VERITAS Backup Exec Remote Agent 9.0 through 10.0 for Windows, and 9.0.4019 through 9.1.307 for Netware allows remote attackers to execute arbitrary code via a CONNECT_CLIENT_AUTH request with authentication method type 3 (Windows credentials) and a long password argument. | |||||
| CVE-1999-1378 | 1 Dbmlparser.exe | 1 Dbmlparser.exe | 2025-04-03 | 5.0 MEDIUM | N/A |
| dbmlparser.exe CGI guestbook program does not perform a chroot operation properly, which allows remote attackers to read arbitrary files. | |||||