Total
29557 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-4146 | 1 Lyris Technologies Inc | 1 Listmanager | 2025-04-03 | 5.0 MEDIUM | N/A |
| Lyris ListManager before 8.9b allows remote attackers to obtain sensitive information via a request to the TCLHTTPd status module, which provides sensitive server configuration information. | |||||
| CVE-2006-2343 | 1 Adventnet | 1 Manageengine Opmanager | 2025-04-03 | 5.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Search.do in ManageEngine OpManager 6.0 allows remote attackers to inject arbitrary web script or HTML via the searchTerm parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | |||||
| CVE-2005-3763 | 1 Exponent | 1 Exponent | 2025-04-03 | 5.0 MEDIUM | N/A |
| Exponent CMS 0.96.3 and later versions includes the full installation path in the base parameter to thumb.php, which allows remote attackers to obtain sensitive information. NOTE: this might be resultant from an absolute path traversal vulnerability. | |||||
| CVE-2006-3113 | 1 Mozilla | 3 Firefox, Seamonkey, Thunderbird | 2025-04-03 | 7.5 HIGH | N/A |
| Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via simultaneous XPCOM events, which causes a timer object to be deleted in a way that triggers memory corruption. | |||||
| CVE-1999-0487 | 1 Microsoft | 1 Internet Explorer | 2025-04-03 | 2.6 LOW | N/A |
| The DHTML Edit ActiveX control in Internet Explorer allows remote attackers to read arbitrary files. | |||||
| CVE-1999-0518 | 1 Microsoft | 1 Windows 95 | 2025-04-03 | 7.5 HIGH | N/A |
| A NETBIOS/SMB share password is guessable. | |||||
| CVE-2001-1500 | 1 Proftpd Project | 1 Proftpd | 2025-04-03 | 7.5 HIGH | N/A |
| ProFTPD 1.2.2rc2, and possibly other versions, does not properly verify reverse-resolved hostnames by performing forward resolution, which allows remote attackers to bypass ACLs or cause an incorrect client hostname to be logged. | |||||
| CVE-2005-1610 | 1 Tru-zone | 1 Nukeet | 2025-04-03 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in security.php for Tru-Zone NukeET 3.0 and 3.1 allows remote attackers to inject arbitrary web script or HTML via a base64 encoded Codigo parameter. | |||||
| CVE-2006-4993 | 1 Allmyguests Project | 1 Allmyguests | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in AllMyGuests 0.4.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the _AMGconfig[cfg_serverpath] parameter in (1) modules/AllMyGuests/signin.php (aka the Nuke module) and (2) AllMyGuests/signin.php (aka the standalone). | |||||
| CVE-2006-3762 | 1 Touch Control | 1 Activex Control | 2025-04-03 | 7.5 HIGH | N/A |
| The Touch Control ActiveX control 2.0.0.55 allows remote attackers to read and possibly execute arbitrary files via a "file///" URI in the sPath parameter to the Execute function. | |||||
| CVE-2002-1087 | 1 Visualshapers | 1 Ezcontents | 2025-04-03 | 5.0 MEDIUM | N/A |
| The scripts (1) createdir.php, (2) removedir.php and (3) uploadfile.php for ezContents 1.41 and earlier do not check credentials, which allows remote attackers to create or delete directories and upload files via a direct HTTP POST request. | |||||
| CVE-2001-0579 | 1 Sco | 1 Openserver | 2025-04-03 | 7.5 HIGH | N/A |
| lpadmin in SCO OpenServer 5.0.6 can allow a local attacker to gain additional privileges via a buffer overflow attack in the first argument to the command. | |||||
| CVE-2002-1140 | 1 Microsoft | 1 Services | 2025-04-03 | 5.0 MEDIUM | N/A |
| The Sun Microsystems RPC library Services for Unix 3.0 Interix SD, as implemented on Microsoft Windows NT4, 2000, and XP, allows remote attackers to cause a denial of service (service hang) via malformed packet fragments, aka "Improper parameter size check leading to denial of service." | |||||
| CVE-2002-1612 | 1 Hp | 2 Hp-ux, Tru64 | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in mailcv in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to gain privileges. | |||||
| CVE-2006-1641 | 1 Czaries Network | 1 Czarnews | 2025-04-03 | 5.1 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in CzarNews 1.14 allow remote attackers to execute arbitrary SQL commands via the (1) usern or (2) passw parameters to (a) cn_auth.php, (3) s parameter to (b) news.php, or (4) a parameter to (c) dpost.php. | |||||
| CVE-2003-0248 | 1 Redhat | 1 Linux | 2025-04-03 | 10.0 HIGH | N/A |
| The mxcsr code in Linux kernel 2.4 allows attackers to modify CPU state registers via a malformed address. | |||||
| CVE-2005-4021 | 1 Gallery Project | 1 Gallery | 2025-04-03 | 5.0 MEDIUM | N/A |
| The installer for Gallery 2.0 before 2.0.2 stores the install log under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information. | |||||
| CVE-2004-2274 | 1 W3c | 1 Jigsaw | 2025-04-03 | 6.4 MEDIUM | N/A |
| Unknown vulnerability in Jigsaw before 2.2.4 has unknown impact and attack vectors, possibly related to the parsing of the URI. | |||||
| CVE-2002-1659 | 1 Iatek | 1 Portalapp | 2025-04-03 | 10.0 HIGH | N/A |
| user_profile.asp in PortalApp 2.2 allows local users to gain privileges by modifying the user_id variable. | |||||
| CVE-2004-0764 | 1 Mozilla | 3 Firefox, Mozilla, Thunderbird | 2025-04-03 | 10.0 HIGH | N/A |
| Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote web sites to hijack the user interface via the "chrome" flag and XML User Interface Language (XUL) files. | |||||