Total
29557 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-0155 | 1 427bb | 1 Fourtwosevenbb | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in posts.php in 427BB 2.2 and 2.2.1 allows remote attackers to inject arbitrary Javascript via a new message with a url bbcode tag containing a javascript URI. | |||||
| CVE-2006-4901 | 1 Broadcom | 4 Etrust Audit Client, Etrust Audit Datatools, Etrust Audit Policy Manager and 1 more | 2025-04-03 | 6.4 MEDIUM | N/A |
| Computer Associates (CA) eTrust Security Command Center 1.0 and r8 up to SP1 CR2, and eTrust Audit 1.5 and r8, allows remote attackers to spoof alerts and conduct replay attacks by invoking eTSAPISend.exe with the desired arguments. | |||||
| CVE-2006-1839 | 1 Php Album | 1 Php Album | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in language.php in PHP Album 0.3.2.3, when register_globals is enabled, allows remote attackers to execute arbitrary code via an FTP URL in the data_dir parameter, which satisfies the file_exists function call. | |||||
| CVE-2000-0594 | 3 Caldera, Freebsd, Mandrakesoft | 6 Openlinux Desktop, Openlinux Ebuilder, Openlinux Edesktop and 3 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| BitchX IRC client does not properly cleanse an untrusted format string, which allows remote attackers to cause a denial of service via an invite to a channel whose name includes special formatting characters. | |||||
| CVE-2004-1870 | 1 Photopost | 1 Photopost Php Pro | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in PhotoPost PHP Pro 4.6.x and earlier allow remote attackers to gain users' passwords via the (1) photo parameter to addfav.php, (2) photo parameter to comments.php, (3) credit parameter to comments.php, (4) cat parameter to index.php, (5) ppuser parameter to showgallery.php, (6) cat parameter to showgallery.php, (7) cat parameter to uploadphoto.php, (8) albumid parameter to useralbums.php, or (9) albumid parameter to useralbums.php. | |||||
| CVE-2005-1216 | 1 Microsoft | 1 Isa Server | 2025-04-03 | 7.5 HIGH | N/A |
| Microsoft ISA Server 2000 allows remote attackers to connect to services utilizing the NetBIOS protocol via a NetBIOS connection with an ISA Server that uses the NetBIOS (all) predefined packet filter. | |||||
| CVE-2006-2820 | 1 Hotwebscripts | 1 Weblog Oggi | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in HotWebScripts.com Weblog Oggi 1.0 allows remote attackers to inject arbitrary web script or HTML via a comment, possibly involving a javascript URI in the SRC attribute of an IMG element. | |||||
| CVE-2005-0194 | 1 Squid | 1 Squid | 2025-04-03 | 10.0 HIGH | N/A |
| Squid 2.5, when processing the configuration file, parses empty Access Control Lists (ACLs), including proxy_auth ACLs without defined auth schemes, in a way that effectively removes arguments, which could allow remote attackers to bypass intended ACLs if the administrator ignores the parser warnings. | |||||
| CVE-2006-1381 | 1 Trend Micro | 1 Officescan | 2025-04-03 | 10.0 HIGH | N/A |
| Trend Micro OfficeScan 5.5, and probably other versions before 6.5, uses insecure DACLs for critical files, which allows local users to gain SYSTEM privileges by modifying tmlisten.exe. | |||||
| CVE-1999-0064 | 1 Ibm | 1 Aix | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in AIX lquerylv program gives root access to local users. | |||||
| CVE-2000-0083 | 1 Hp | 1 Hp-ux | 2025-04-03 | 4.6 MEDIUM | N/A |
| HP asecure creates the Audio Security File audio.sec with insecure permissions, which allows local users to cause a denial of service or gain additional privileges. | |||||
| CVE-2006-2303 | 1 Mirabilis | 1 Icq | 2025-04-03 | 6.4 MEDIUM | N/A |
| Cross-Application Scripting (XAS) vulnerability in ICQ Client 5.04 build 2321 and earlier allows remote attackers to inject arbitrary web script from one application into another via a banner, which is processed in the My Computer zone using the Internet Explorer COM object. | |||||
| CVE-2002-1280 | 1 Iss | 1 Realsecure Event Collector | 2025-04-03 | 5.0 MEDIUM | N/A |
| Memory leak in RealSecure Event Collector 6.5 allows attackers to cause a denial of service (memory consumption and crash). | |||||
| CVE-2005-1625 | 1 Adobe | 1 Acrobat Reader | 2025-04-03 | 5.0 MEDIUM | N/A |
| Stack-based buffer overflow in the UnixAppOpenFilePerform function in Adobe Reader 5.0.9 and 5.0.10 for Unix allows remote attackers to execute arbitrary code via a PDF document with a long /Filespec tag. | |||||
| CVE-2002-1689 | 1 Ibm | 1 Aix | 2025-04-03 | 10.0 HIGH | N/A |
| Unknown vulnerability in the login program on AIX before 4.0 could allow remote users to specify 100 or more environment variables when logging on, which exceeds the length of a certain string, possibly triggering a buffer overflow. | |||||
| CVE-2005-3947 | 1 Sergey Korostel | 1 Php Upload Center | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in PHP Upload Center allows remote attackers to read arbitrary files via "../" sequences in the filename parameter. | |||||
| CVE-1999-0637 | 2025-04-03 | N/A | N/A | ||
| The systat service is running. | |||||
| CVE-2006-2893 | 1 Gantty | 1 Gantty | 2025-04-03 | 5.0 MEDIUM | N/A |
| index.php in GANTTy 1.0.3 allows remote attackers to obtain the full path of the web server via an invalid lang parameter in an authenticate action. | |||||
| CVE-2006-1692 | 1 Manic Web | 1 Mwnewsletter | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in MWNewsletter 1.0.0b allow remote attackers to execute arbitrary SQL commands via the (1) user_email parameter to (a) unsubscribe.php or (b) subscribe.php; or the (2) user_name parameter to subscribe.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information, although it is likely that this was discovered during post-disclosure analysis. | |||||
| CVE-2006-0674 | 1 Ibm | 1 Aix | 2025-04-03 | 4.6 MEDIUM | N/A |
| Buffer overflow in the arp command of IBM AIX 5.3 L, 5.3, 5.2.2, 5.2 L, and 5.2 allows local users to cause a denial of service (crash) via a long iftype argument. | |||||