Total
29551 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-2996 | 1 Symantec Veritas | 2 Storage Exec, Storagecentral | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple heap-based and stack-based buffer overflows in certain DCOM server components in VERITAS Storage Exec Storage Exec 5.3 before Hotfix 9 and StorageCentral 5.2 before Hot Fix 2 allow remote attackers to execute arbitrary code via certain ActiveX controls. | |||||
| CVE-2005-1026 | 2 Dlman Pro, Linkz Pro | 2 Dlman Pro, Linkz Pro | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in SnailSource phpBB 2.0.x mods allow remote attackers to execute arbitrary SQL commands via the (1) file_id parameter to dlman.php in DLMan Pro or (2) id parameter to links.php in Linkz Pro (aka LinksLinks Pro). | |||||
| CVE-2006-2241 | 1 Ftrainsoft | 1 Fast Click | 2025-04-03 | 6.4 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in show.php in Fast Click SQL Lite 1.1.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the path parameter. NOTE: This is a different vulnerability than CVE-2006-2175. | |||||
| CVE-2006-0616 | 1 Sun | 2 Jdk, Jre | 2025-04-03 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in Sun Java JDK and JRE 5.0 Update 4 and earlier allows remote attackers to bypass Java sandbox security and obtain privileges via unspecified vectors involving the reflection APIs, aka the "fourth issue." | |||||
| CVE-2006-2445 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 4.0 MEDIUM | N/A |
| Race condition in run_posix_cpu_timers in Linux kernel before 2.6.16.21 allows local users to cause a denial of service (BUG_ON crash) by causing one CPU to attach a timer to a process that is exiting. | |||||
| CVE-2000-0583 | 1 Inter7 | 1 Vpopmail Vchkpw | 2025-04-03 | 5.0 MEDIUM | N/A |
| vchkpw program in vpopmail before version 4.8 does not properly cleanse an untrusted format string used in a call to syslog, which allows remote attackers to cause a denial of service via a USER or PASS command that contains arbitrary formatting directives. | |||||
| CVE-2000-0459 | 1 Imp | 1 Imp | 2025-04-03 | 5.0 MEDIUM | N/A |
| IMP does not remove files properly if the MSWordView application quits, which allows local users to cause a denial of service by filling up the disk space by requesting a large number of documents and prematurely stopping the request. | |||||
| CVE-2001-0902 | 1 Microsoft | 1 Internet Information Services | 2025-04-03 | 7.5 HIGH | N/A |
| Microsoft IIS 5.0 allows remote attackers to spoof web log entries via an HTTP request that includes hex-encoded newline or form-feed characters. | |||||
| CVE-2003-1202 | 1 Omail | 1 Omail Webmail | 2025-04-03 | 10.0 HIGH | N/A |
| The checklogin function in omail.pl for omail webmail 0.98.4 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a (1) password, (2) domainname, or (3) username. | |||||
| CVE-2002-1656 | 1 Xqus | 1 X-news | 2025-04-03 | 7.5 HIGH | N/A |
| X-News (x_news) 1.1 and earlier allows attackers to authenticate as other users by obtaining the MD5 checksum of the password, e.g. via sniffing or the users.txt data file, and providing it in a cookie. | |||||
| CVE-2005-0804 | 1 Mailenable | 1 Mailenable Standard | 2025-04-03 | 5.0 MEDIUM | N/A |
| Format string vulnerability in MailEnable 1.8 allows remote attackers to cause a denial of service (application crash) via format string specifiers in the mailto field. | |||||
| CVE-2005-4072 | 1 Cfmagic | 1 Magic Forum Personal | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in CFMagic Magic Forum Personal 2.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the Words parameter in search_forums.cfm, as used in the "Search For:" field. | |||||
| CVE-2005-1599 | 1 Kryloff Technologies | 1 Subject Search Server | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Kryloff Technologies Subject Search Server (SSServer) 1.1 allows remote attackers to inject arbitrary web script or HTML via the "Search For" field. | |||||
| CVE-2002-1108 | 1 Cisco | 1 Vpn Client | 2025-04-03 | 5.0 MEDIUM | N/A |
| Cisco Virtual Private Network (VPN) Client software 2.x.x, and 3.x before 3.6(Rel), when configured with all tunnel mode, can be forced into acknowledging a TCP packet from outside the tunnel. | |||||
| CVE-2006-3314 | 1 Rahnemaco | 1 Rahnemaco | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in page.php in an unspecified RahnemaCo.com product, possibly eShop, allows remote attackers to execute arbitrary PHP code via a URL in the pageid parameter. | |||||
| CVE-2004-2471 | 1 Jamesoff | 1 Quoteengine | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the sloth TCL script in QuoteEngine before 1.2.0 allow remote attackers to execute arbitrary SQL commands via unknown vectors. | |||||
| CVE-2001-0311 | 1 Hp | 2 Hp-ux, Omniback Ii | 2025-04-03 | 4.6 MEDIUM | N/A |
| Vulnerability in OmniBackII A.03.50 in HP 11.x and earlier allows attackers to gain unauthorized access to an OmniBack client. | |||||
| CVE-1999-0402 | 1 Gnu | 1 Wget | 2025-04-03 | 5.0 MEDIUM | N/A |
| wget 1.5.3 follows symlinks to change permissions of the target file instead of the symlink itself. | |||||
| CVE-2004-1616 | 1 Links | 1 Links | 2025-04-03 | 5.0 MEDIUM | N/A |
| Links allows remote attackers to cause a denial of service (memory consumption) via a web page or HTML email that contains a table with a td element and a large rowspan value,as demonstrated by mangleme. | |||||
| CVE-2006-1670 | 1 Cisco | 5 Ons 15310-cl Series, Ons 15454 Mspp, Ons 15454 Mstp and 2 more | 2025-04-03 | 7.8 HIGH | N/A |
| Control cards for Cisco Optical Networking System (ONS) 15000 series nodes before 20060405 allow remote attackers to cause a denial of service (memory exhaustion and possibly card reset) by sending an invalid response when the final ACK is expected, aka bug ID CSCei45910. | |||||