Total
29551 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-0509 | 1 Cyberstrong | 1 Eshop | 2025-04-03 | 10.0 HIGH | N/A |
| SQL injection vulnerability in Cyberstrong eShop 4.2 and earlier allows remote attackers to steal authentication information and gain privileges via the ProductCode parameter in (1) 10expand.asp, (2) 10browse.asp, and (3) 20review.asp. | |||||
| CVE-2004-0354 | 1 Gnu | 1 Anubis | 2025-04-03 | 10.0 HIGH | N/A |
| Multiple format string vulnerabilities in GNU Anubis 3.6.0 through 3.6.2, 3.9.92 and 3.9.93 allow remote attackers to execute arbitrary code via format string specifiers in strings passed to (1) the info function in log.c, (2) the anubis_error function in errs.c, or (3) the ssl_error function in ssl.c. | |||||
| CVE-2005-2021 | 1 Cpanel | 1 Cpanel | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in cPanel 9.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the user parameter in the login page. | |||||
| CVE-1999-1269 | 1 Kde | 1 Kde Beta 3 | 2025-04-03 | 2.1 LOW | N/A |
| Screen savers in KDE beta 3 allows local users to overwrite arbitrary files via a symlink attack on the .kss.pid file. | |||||
| CVE-2001-0394 | 1 Oreilly | 1 Website Pro | 2025-04-03 | 5.0 MEDIUM | N/A |
| Remote manager service in Website Pro 3.0.37 allows remote attackers to cause a denial of service via a series of malformed HTTP requests to the /dyn directory. | |||||
| CVE-2004-1198 | 1 Microsoft | 2 Ie, Internet Explorer | 2025-04-03 | 5.0 MEDIUM | N/A |
| Microsoft Internet Explorer allows remote attackers to cause a denial of service (application crash from memory consumption), as demonstrated using Javascript code that continuously creates nested arrays and then sorts the newly created arrays. | |||||
| CVE-2002-1564 | 1 Microsoft | 1 Internet Explorer | 2025-04-03 | 5.0 MEDIUM | N/A |
| Internet Explorer 5.5 and 6.0 allows remote attackers to steal potentially sensitive information from cookies via a cookie that contains script which is executed when a page is loaded, aka the "Script within Cookies Reading Cookies" vulnerability. | |||||
| CVE-2004-2140 | 1 Yabb | 1 Yabb | 2025-04-03 | 5.0 MEDIUM | N/A |
| CRLF injection vulnerability in YaBB 1 Gold before 1.3.2 allows remote attackers to modify text file contents via the subject variable. | |||||
| CVE-2003-0962 | 4 Andrew Tridgell, Engardelinux, Redhat and 1 more | 5 Rsync, Secure Community, Secure Linux and 2 more | 2025-04-03 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in rsync before 2.5.7, when running in server mode, allows remote attackers to execute arbitrary code and possibly escape the chroot jail. | |||||
| CVE-2005-2145 | 1 Prevx | 1 Prevx Pro 2005 | 2025-04-03 | 4.6 MEDIUM | N/A |
| The kernel driver in Prevx Pro 2005 1.0 does not verify the source of certain messages, which allows local users to bypass protection by sending certain messages to the driver, as demonstrated by sending an "allow" message to bypass a warning message. | |||||
| CVE-1999-0914 | 1 Debian | 1 Debian Linux | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in the FTP client in the Debian GNU/Linux netstd package. | |||||
| CVE-2002-0949 | 1 Telindus | 1 Adsl Router | 2025-04-03 | 7.5 HIGH | N/A |
| Telindus 1100 series ADSL router allows remote attackers to gain privileges to the device via a certain packet to UDP port 9833, which generates a reply that includes the router's password and other sensitive information in cleartext. | |||||
| CVE-2001-1161 | 1 Lotus | 1 Domino R5 Server | 2025-04-03 | 7.5 HIGH | N/A |
| Cross-site scripting (CSS) vulnerability in Lotus Domino 5.0.6 allows remote attackers to execute script on other web clients via a URL that ends in Javascript, which generates an error message that does not quote the resulting script. | |||||
| CVE-2003-0071 | 1 Xfree86 Project | 1 X11r6 | 2025-04-03 | 2.1 LOW | N/A |
| The DEC UDK processing feature in the xterm terminal emulator in XFree86 4.2.99.4 and earlier allows attackers to cause a denial of service via a certain character escape sequence that causes the terminal to enter a tight loop. | |||||
| CVE-2006-3168 | 1 Comscripts | 1 Cs-forum | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in CS-Forum before 0.82 allows remote attackers to execute arbitrary SQL commands via the (1) id and (2) debut parameters in (a) read.php, and the (3) search and (4) debut parameters in (b) index.php. | |||||
| CVE-2002-1396 | 1 Php | 1 Php | 2025-04-03 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in the wordwrap function in PHP after 4.1.2 and before 4.3.0 may allow attackers to cause a denial of service or execute arbitrary code. | |||||
| CVE-2002-0569 | 1 Oracle | 1 Application Server | 2025-04-03 | 7.5 HIGH | N/A |
| Oracle 9i Application Server allows remote attackers to bypass access restrictions for configuration files via a direct request to the XSQL Servlet (XSQLServlet). | |||||
| CVE-2001-0933 | 1 Cooolsoft | 1 Powerftp | 2025-04-03 | 7.5 HIGH | N/A |
| Cooolsoft PowerFTP Server 2.03 allows remote attackers to list the contents of arbitrary drives via a ls (LIST) command that includes the drive letter as an argument, e.g. "ls C:". | |||||
| CVE-2005-4641 | 1 Eazycms | 1 Eazycms | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in home.php in eazyCMS 2.0 allows remote attackers to execute arbitrary SQL commands via the page_id parameter. | |||||
| CVE-2006-4987 | 1 Patrick Michaelis | 1 Wili-cms | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Patrick Michaelis Wili-CMS allow remote attackers to execute arbitrary PHP code via a URL in the globals[content_dir] parameter in (1) example-view/templates/article.php, (2) example-view/templates/root.php, and (3) example-view/templates/dates_list.php. | |||||