Vulnerabilities (CVE)

Filtered by NVD-CWE-Other
Total 29551 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-1999-0440 2 Netscape, Sun 3 Communicator, Navigator, Java 2025-04-03 7.5 HIGH N/A
The byte code verifier component of the Java Virtual Machine (JVM) allows remote execution through malicious web pages.
CVE-2002-2100 1 Microsoft 1 Outlook 2025-04-03 5.0 MEDIUM N/A
Microsoft Outlook 2002 allows remote attackers to embed bypass the file download restrictions for attachments via an HTML email message that uses an IFRAME to reference malicious content.
CVE-2005-1101 1 Ibm 1 Lotus Domino Server 2025-04-03 7.5 HIGH N/A
Multiple buffer overflows in Lotus Domino Server 6.0.5 and 6.5.4 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via large amounts of data in certain (1) time or (2) date fields.
CVE-2005-1707 1 Gentoo 1 Linux Webapp-config 2025-04-03 4.6 MEDIUM N/A
The fn_show_postinst function in Gentoo webapp-config before 1.10-r14 allows local users to overwrite arbitrary files via a symlink attack on the postinst.txt temporary file.
CVE-2000-0049 1 Nullsoft 1 Winamp 2025-04-03 7.2 HIGH N/A
Buffer overflow in Winamp client allows remote attackers to execute commands via a long entry in a .pls file.
CVE-2005-3139 1 Mozilla 1 Bugzilla 2025-04-03 5.0 MEDIUM N/A
Bugzilla 2.19.1 through 2.20rc2 and 2.21, with user matching turned on in substring mode, allows attackers to list all users whose names match an arbitrary substring, even when the usevisibilitygroups parameter is set.
CVE-2006-2497 1 Aspbb 1 Aspbb 2025-04-03 5.8 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in AspBB 0.5.2 allow remote attackers to inject arbitrary web script or HTML via the (1) action parameter to default.asp or (2) get parameter to profile.asp.
CVE-2002-1814 4 Gnome, Mandrakesoft, Redhat and 1 more 4 Bonobo, Mandrake Linux, Linux and 1 more 2025-04-03 4.6 MEDIUM N/A
Buffer overflow in efstools in Bonobo, when installed setuid, allows local users to execute arbitrary code via long command line arguments.
CVE-2005-2787 1 Alexander Palmo 1 Simple Php Blog 2025-04-03 5.0 MEDIUM N/A
comment_delete_cgi.php in Simple PHP Blog allows remote attackers to delete arbitrary files via the comment parameter.
CVE-2005-1003 1 Profitcode 1 Payprocart 2025-04-03 7.5 HIGH N/A
Directory traversal vulnerability in index.php for ProfitCode PayProCart 3.0 allows remote attackers to include arbitrary PHP files via .. (dot dot) sequences in the modID parameter.
CVE-2005-3677 1 Realnetworks 1 Realplayer 2025-04-03 7.5 HIGH N/A
Buffer overflow in RealNetworks RealPlayer 10 and 10.5 allows remote attackers to execute arbitrary code via a crafted image in a RealPlayer Skin (RJS) file. NOTE: due to the lack of details, it is unclear how this is different than CVE-2005-2629 and CVE-2005-2630, but the vendor advisory implies that it is different.
CVE-2006-4897 1 Cmtexts 1 Cmtexts 2025-04-03 5.0 MEDIUM N/A
CMtextS 1.0 and earlier stores users_logins/admin.txt under the web document root with insufficient access control, which allows remote attackers to obtain the administrator password.
CVE-2003-1521 1 Sun 1 Java Plug-in 2025-04-03 6.4 MEDIUM N/A
Sun Java Plug-In 1.4 through 1.4.2_02 allows remote attackers to repeatedly access the floppy drive via the createXmlDocument method in the org.apache.crimson.tree.XmlDocument class, which violates the Java security model.
CVE-2004-2188 1 Dmxready 1 Dmxready Site Chassis Manager 2025-04-03 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in DMXReady Site Chassis Manager allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
CVE-2002-1984 1 Microsoft 1 Internet Explorer 2025-04-03 5.0 MEDIUM N/A
Microsoft Internet Explorer 5.0.1 through 6.0 on Windows 2000 or Windows XP allows remote attackers to cause a denial of service (crash) via an OBJECT tag that contains a crafted CLASSID (CLSID) value of "CLSID:00022613-0000-0000-C000-000000000046".
CVE-2000-0162 1 Microsoft 3 Ie, Internet Explorer, Visual Studio 2025-04-03 5.1 MEDIUM N/A
The Microsoft virtual machine (VM) in Internet Explorer 4.x and 5.x allows a remote attacker to read files via a malicious Java applet that escapes the Java sandbox, aka the "VM File Reading" vulnerability.
CVE-2005-1776 1 Cnedra 1 Cnedra 2025-04-03 7.5 HIGH N/A
Buffer overflow in the READ_TCP_STRING function in game_message_functions.cpp in the network plugin for C'Nedra 0.4.0 and earlier allows remote attackers to execute arbitrary code via a long text string.
CVE-2005-4189 1 Horde 1 Kronolith H3 2025-04-03 3.5 LOW N/A
Multiple cross-site scripting (XSS) vulnerabilities in Horde Kronolith H3 before 2.0.6 allow remote authenticated users to inject arbitrary web script or HTML via (1) the Calendar name field when creating calendars, (2) event title field when deleting events, the (3) Category and (4) Location search fields, and the (5) attendees email address fields when editing event attendees, and possibly other vectors.
CVE-2005-1130 1 Desert Dog Software 1 Pinnacle Cart 2025-04-03 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in index.php in Pinnacle Cart allows remote attackers to inject arbitrary web script or HTML via the pg parameter.
CVE-2004-1316 1 Mozilla 1 Mozilla 2025-04-03 5.0 MEDIUM N/A
Heap-based buffer overflow in MSG_UnEscapeSearchUrl in nsNNTPProtocol.cpp for Mozilla 1.7.3 and earlier allows remote attackers to cause a denial of service (application crash) via an NNTP URL (news:) with a trailing '\' (backslash) character, which prevents a string from being NULL terminated.