Total
29551 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0778 | 1 Microsoft | 1 Internet Information Services | 2025-04-03 | 5.0 MEDIUM | N/A |
| IIS 5.0 allows remote attackers to obtain source code for .ASP files and other scripts via an HTTP GET request with a "Translate: f" header, aka the "Specialized Header" vulnerability. | |||||
| CVE-2006-3184 | 1 Asp Stats Generator | 1 Asp Stats Generator | 2025-04-03 | 4.0 MEDIUM | N/A |
| Direct static code injection vulnerability in ASP Stats Generator before 2.1.2 allows remote authenticated attackers to execute arbitrary ASP code via the strAsgSknPageBgColour parameter to settings_skin.asp, which is stored in inc_skin_file.asp. | |||||
| CVE-2005-3460 | 1 Oracle | 2 10g Enterprise Manager Database Control, Enterprise Manager Application Server Control | 2025-04-03 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Oracle Agent in Oracle Enterprise Manager 9.0.4.1 up to 10.1.0.4 has unknown impact and attack vectors, as identified by Oracle Vuln# EM01. | |||||
| CVE-2002-1148 | 1 Apache | 1 Tomcat | 2025-04-03 | 5.0 MEDIUM | N/A |
| The default servlet (org.apache.catalina.servlets.DefaultServlet) in Tomcat 4.0.4 and 4.1.10 and earlier allows remote attackers to read source code for server files via a direct request to the servlet. | |||||
| CVE-2006-0376 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2025-04-03 | 7.5 HIGH | N/A |
| The 802.11 wireless client in certain operating systems including Windows 2000, Windows XP, and Windows Server 2003 does not warn the user when (1) it establishes an association with a station in ad hoc (aka peer-to-peer) mode or (2) a station in ad hoc mode establishes an association with it, which allows remote attackers to put unexpected wireless communication into place. | |||||
| CVE-2006-0625 | 1 Spip | 1 Spip | 2025-04-03 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in Spip_RSS.PHP in SPIP 1.8.2g and earlier allows remote attackers to read or include arbitrary files via ".." sequences in the GLOBALS[type_urls] parameter, which could then be used to execute arbitrary code via resultant direct static code injection in the file parameter to spip_acces_doc.php3. | |||||
| CVE-2000-0920 | 1 Boa | 1 Boa Webserver | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in BOA web server 0.94.8.2 and earlier allows remote attackers to read arbitrary files via a modified .. (dot dot) attack in the GET HTTP request that uses a "%2E" instead of a "." | |||||
| CVE-2003-0418 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 5.0 MEDIUM | N/A |
| The Linux 2.0 kernel IP stack does not properly calculate the size of an ICMP citation, which causes it to include portions of unauthorized memory in ICMP error responses. | |||||
| CVE-2006-2211 | 1 321soft | 1 Php-gallery | 2025-04-03 | 5.0 MEDIUM | N/A |
| Absolute path traversal vulnerability in index.php in 321soft PhP-Gallery 0.9 allows remote attackers to browse arbitrary directories via the path parameter. | |||||
| CVE-2002-2153 | 1 Oracle | 1 Application Server | 2025-04-03 | 7.5 HIGH | N/A |
| Format string vulnerability in the administrative pages of the PL/SQL module for Oracle Application Server 4.0.8 and 4.0.8 2 allows remote attackers to execute arbitrary code. | |||||
| CVE-2001-0986 | 1 Microsoft | 1 Index Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| SQLQHit.asp sample file in Microsoft Index Server 2.0 allows remote attackers to obtain sensitive information such as the physical path, file attributes, or portions of source code by directly calling sqlqhit.asp with a CiScope parameter set to (1) webinfo, (2) extended_fileinfo, (3) extended_webinfo, or (4) fileinfo. | |||||
| CVE-2005-3089 | 1 Mozilla | 1 Firefox | 2025-04-03 | 2.6 LOW | N/A |
| Firefox 1.0.6 allows attackers to cause a denial of service (crash) via a Proxy Auto-Config (PAC) script that uses an eval statement. NOTE: it is not clear whether an untrusted party has any role in triggering this issue, so it might not be a vulnerability. | |||||
| CVE-2005-0468 | 1 Ncsa | 1 Telnet | 2025-04-03 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in the env_opt_add function in telnet.c for various BSD-based Telnet clients allows remote attackers to execute arbitrary code via responses that contain a large number of characters that require escaping, which consumers more memory than allocated. | |||||
| CVE-2005-0961 | 1 Horde | 1 Application Framework | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Horde 3.0.4 before 3.0.4-RC2 allows remote attackers to inject arbitrary web script or HTML via the parent frame title. | |||||
| CVE-2005-0044 | 1 Microsoft | 7 Exchange Server, Windows 2000, Windows 2003 Server and 4 more | 2025-04-03 | 7.5 HIGH | N/A |
| The OLE component in Windows 98, 2000, XP, and Server 2003, and Exchange Server 5.0 through 2003, does not properly validate the lengths of messages for certain OLE data, which allows remote attackers to execute arbitrary code, aka the "Input Validation Vulnerability." | |||||
| CVE-2003-0978 | 1 Gnu | 1 Privacy Guard | 2025-04-03 | 7.5 HIGH | N/A |
| Format string vulnerability in gpgkeys_hkp (experimental HKP interface) for the GnuPG (gpg) client 1.2.3 and earlier, and 1.3.3 and earlier, allows remote attackers or a malicious keyserver to cause a denial of service (crash) and possibly execute arbitrary code during key retrieval. | |||||
| CVE-2005-3036 | 1 Ttxn | 1 File Transfer Anywhere | 2025-04-03 | 4.6 MEDIUM | N/A |
| File Transfer Anywhere 3.01 stores sensitive password information in plaintext in the PASS value in the "File Transfer Anywhere" registry key, which allows local users to gain privileges. | |||||
| CVE-2000-0663 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2025-04-03 | 4.6 MEDIUM | N/A |
| The registry entry for the Windows Shell executable (Explorer.exe) in Windows NT and Windows 2000 uses a relative path name, which allows local users to execute arbitrary commands by inserting a Trojan Horse named Explorer.exe into the %Systemdrive% directory, aka the "Relative Shell Path" vulnerability. | |||||
| CVE-1999-1438 | 1 Sun | 1 Sunos | 2025-04-03 | 7.2 HIGH | N/A |
| Vulnerability in /bin/mail in SunOS 4.1.1 and earlier allows local users to gain root privileges via certain command line arguments. | |||||
| CVE-2000-1227 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2025-04-03 | 5.0 MEDIUM | N/A |
| Windows NT 4.0 and Windows 2000 hosts allow remote attackers to cause a denial of service (unavailable connections) by sending multiple SMB SMBnegprots requests but not reading the response that is sent back. | |||||