Total
29800 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-0613 | 1 Sun | 1 J2se | 2025-04-03 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in Java Web Start after 1.0.1_02, as used in J2SE 5.0 Update 5 and earlier, allows remote attackers to obtain privileges via unspecified vectors involving untrusted applications. | |||||
| CVE-2005-1074 | 1 Radscripts | 1 Radbids | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php for RadScripts RadBids Gold 2 allows remote attackers to execute arbitrary SQL commands via the mode parameter. | |||||
| CVE-2002-0632 | 1 Sgi | 1 Irix | 2025-04-03 | 5.0 MEDIUM | N/A |
| Vulnerability in SGI BDS (Bulk Data Service) BDSPro 2.4 and earlier allows clients to read arbitrary files on a BDS server. | |||||
| CVE-1999-0688 | 1 Hp | 1 Hp-ux | 2025-04-03 | 4.6 MEDIUM | N/A |
| Buffer overflows in HP Software Distributor (SD) for HPUX 10.x and 11.x. | |||||
| CVE-2001-0086 | 1 Cgi Script Center | 1 Subscribe Me Lite | 2025-04-03 | 5.0 MEDIUM | N/A |
| CGI Script Center Subscribe Me LITE 2.0 and earlier allows remote attackers to delete arbitrary mailing list users without authentication by directly calling subscribe.pl with the target address as a parameter. | |||||
| CVE-2003-1241 | 1 Levcgi.com | 1 Myguestbook | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting vulnerability (XSS) in (1) admin_index.php, (2) admin_pass.php, (3) admin_modif.php, and (4) admin_suppr.php in MyGuestbook 3.0 allows remote attackers to execute arbitrary PHP code by modifying the location parameter to reference a URL on a remote web server that contains file.php via script injected into the pseudo, email, and message parameters. | |||||
| CVE-2005-1873 | 1 Crob | 1 Crob Ftp | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple buffer overflows in Crob FTP 3.6.1, and possibly earlier versions, allow remote attackers to execute arbitrary code via (1) an FTP command with a large string followed by the RMD command with a long string or (2) a globbing ("*") character followed by a long string. | |||||
| CVE-2004-0391 | 1 Cisco | 2 Hosting Solution Engine, Wireless Lan Solution Engine | 2025-04-03 | 10.0 HIGH | N/A |
| Cisco Wireless LAN Solution Engine (WLSE) 2.0 through 2.5 and Hosting Solution Engine (HSE) 1.7 through 1.7.3 have a hardcoded username and password, which allows remote attackers to add new users, modify existing users, and change configuration. | |||||
| CVE-2002-0802 | 1 Postgresql | 1 Postgresql | 2025-04-03 | 7.5 HIGH | N/A |
| The multibyte support in PostgreSQL 6.5.x with SQL_ASCII encoding consumes an extra character when processing a character that cannot be converted, which could remove an escape character from the query and make the application subject to SQL injection attacks. | |||||
| CVE-2006-4240 | 1 Fusionphp | 1 Fusion News | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in index.php in Fusion News 3.7 allows remote attackers to execute arbitrary PHP code via a URL in the fpath parameter. | |||||
| CVE-2006-3845 | 1 Rarlab | 1 Winrar | 2025-04-03 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in lzh.fmt in WinRAR 3.00 through 3.60 beta 6 allows remote attackers to execute arbitrary code via a long filename in a LHA archive. | |||||
| CVE-2006-3989 | 1 Knusperleicht | 1 Shoutbox | 2025-04-03 | 5.1 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in index.php in Knusperleicht Shoutbox 4.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the sb_include_path parameter. | |||||
| CVE-2005-0811 | 1 Notify Technology | 1 Notifylink | 2025-04-03 | 4.6 MEDIUM | N/A |
| The web interface in NotifyLink 3.0 does not properly restrict access to functions that have been disabled in the GUI, which allows remote authenticated users to bypass intended restrictions via a direct request to certain URLs. | |||||
| CVE-2001-0690 | 4 Conectiva, Debian, Redhat and 1 more | 4 Linux, Debian Linux, Linux and 1 more | 2025-04-03 | 7.5 HIGH | N/A |
| Format string vulnerability in exim (3.22-10 in Red Hat, 3.12 in Debian and 3.16 in Conectiva) in batched SMTP mode allows a remote attacker to execute arbitrary code via format strings in SMTP mail headers. | |||||
| CVE-2005-1014 | 1 Mailenable | 2 Mailenable Enterprise, Mailenable Professional | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the IMAP service for MailEnable Enterprise 1.04 and earlier and Professional 1.54 allows remote attackers to execute arbitrary code via a long AUTHENTICATE command. | |||||
| CVE-2005-2904 | 1 Zebedee | 1 Zebedee | 2025-04-03 | 5.0 MEDIUM | N/A |
| Zebedee 2.4.1, when "allowed redirection port" is not set, allows remote attackers to cause a denial of service (application crash) via a zero in the port number of the protocol option header, which triggers an assert error in the makeConnection function in zebedee.c. | |||||
| CVE-2001-0772 | 1 Hp | 1 Hp-ux | 2025-04-03 | 4.6 MEDIUM | N/A |
| Buffer overflows and other vulnerabilities in multiple Common Desktop Environment (CDE) modules in HP-UX 10.10 through 11.11 allow attackers to cause a denial of service and possibly gain additional privileges. | |||||
| CVE-2005-3959 | 1 Freewebstat | 1 Freewebstat | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in FreeWebStat 1.0 rev37 allow remote attackers to inject arbitrary web script or HTML via the (1) site, (2) jsref, (3) jsres, and (4) jscolor parameters to pixel.php, which are not sanitized before being included in the logdb.html file, and (5) the search key to stat.php. | |||||
| CVE-2000-0985 | 1 Nevis Systems | 1 All-mail | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in All-Mail 1.1 allows remote attackers to execute arbitrary commands via a long "MAIL FROM" or "RCPT TO" command. | |||||
| CVE-2004-2056 | 1 Nucleus Group | 1 Nucleus Cms | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in action.php in Nucleus CMS 3.01 allows remote attackers to execute arbitrary SQL statements via the itemid parameter. | |||||