Total
29802 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-2062 | 1 Microsoft | 1 Internet Explorer | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in ftp.htt in Internet Explorer 5.5 and 6.0, when running on Windows 2000 with "Enable folder view for FTP sites" and "Enable Web content in folders" selected, allows remote attackers to inject arbitrary web script or HTML via the hostname portion of an FTP URL. | |||||
| CVE-2006-2196 | 1 Jochen Friedrich | 1 Pinball | 2025-04-03 | 4.6 MEDIUM | N/A |
| Unspecified vulnerability in pinball 0.3.1 allows local users to gain privileges via unknown attack vectors that cause pinball to load plugins from an attacker-controlled directory while operating at raised privileges. | |||||
| CVE-2000-0782 | 1 Netwin | 1 Netauth | 2025-04-03 | 5.0 MEDIUM | N/A |
| netauth.cgi program in Netwin Netauth 4.2e and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack. | |||||
| CVE-2003-1274 | 1 Nullsoft | 1 Winamp | 2025-04-03 | 5.0 MEDIUM | N/A |
| Winamp 3.0 allows remote attackers to cause a denial of service (crash) via .b4s file with a file: argument to the Playstring parameter that contains MS-DOS device names such as aux. | |||||
| CVE-2003-0472 | 1 Sgi | 1 Irix | 2025-04-03 | 5.0 MEDIUM | N/A |
| The IPv6 capability in IRIX 6.5.19 allows remote attackers to cause a denial of service (hang) in inetd via port scanning. | |||||
| CVE-2005-3826 | 1 Ezy Helpdesk | 1 Ezyhelpdesk | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Ezyhelpdesk 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) edit_id, (2) faq_id, and (3) c_id parameters in a query string, and (4) the search engine, possibly involving the search_string parameter. | |||||
| CVE-2001-1309 | 1 Ibm | 1 Secureway Directory | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflows in IBM SecureWay 3.2.1 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite. | |||||
| CVE-2004-1537 | 1 Phpkit | 1 Phpkit | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in popup.php in PHPKIT 1.6.03 through 1.6.1 allows remote attackers to execute arbitrary web script via the img parameter. | |||||
| CVE-2003-1150 | 1 Novell | 2 Netware, Zenworks Desktops | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the portmapper service (PMAP.NLM) in Novell NetWare 6 SP3 and ZenWorks for Desktops 3.2 SP2 through 4.0.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via unknown attack vectors. | |||||
| CVE-2004-0078 | 1 Mutt | 1 Mutt | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the index menu code (menu_pad_string of menu.c) for Mutt 1.4.1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain mail messages. | |||||
| CVE-2004-1280 | 1 Junkie | 1 Junkie Ftp Client | 2025-04-03 | 10.0 HIGH | N/A |
| The gui_popup_view_fly function in gui_tview_popup.c for junkie 0.3.1 allows remote malicious FTP servers to execute arbitrary commands via shell metacharacters in a filename. | |||||
| CVE-2001-1188 | 1 Brian Dorricott | 1 Mailto | 2025-04-03 | 7.5 HIGH | N/A |
| mailto.exe in Brian Dorricott MAILTO 1.0.9 and earlier allows remote attackers to send SPAM e-mail through remote servers by modifying the sendto, email, server, subject, and resulturl hidden form fields. | |||||
| CVE-2005-2549 | 1 Gnome | 1 Evolution | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple format string vulnerabilities in Evolution 1.5 through 2.3.6.1 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) full vCard data, (2) contact data from remote LDAP servers, or (3) task list data from remote servers. | |||||
| CVE-2005-3476 | 1 Hp | 1 Openvms | 2025-04-03 | 2.1 LOW | N/A |
| Unspecified vulnerability in HP OpenVMS Integrity 8.2-1 and 8.2, and OpenVMS Alpha 7.3-2 and 8.2, allows local users to cause a denial of service. | |||||
| CVE-2005-0548 | 1 Sun | 1 Solaris Answerbook2 | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Solaris AnswerBook2 Documentation 1.4.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the Search function. | |||||
| CVE-2000-1008 | 1 Palm | 1 Palm Os | 2025-04-03 | 4.6 MEDIUM | N/A |
| PalmOS 3.5.2 and earlier uses weak encryption to store the user password, which allows attackers with physical access to the Palm device to decrypt the password and gain access to the device. | |||||
| CVE-2002-1041 | 1 Ibm | 1 Aix | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in DCE (1) SMIT panels and (2) configuration commands, possibly related to relative pathnames. | |||||
| CVE-2005-2954 | 1 Adaptive Technology Resource Centre | 1 Atutor | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in password_reminder.php in ATutor before 1.5.1 pl1 allows remote attackers to execute arbitrary SQL commands via the email field. | |||||
| CVE-2005-1095 | 1 Ocean12 Technologies | 1 Membership Manager Pro | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in main.asp for Ocean12 Membership Manager Pro 1.x allows remote attackers to inject arbitrary web script or HTML via the page parameter. | |||||
| CVE-2006-4744 | 1 Abidia | 2 Abidia Wireless, O-anywhere | 2025-04-03 | 5.0 MEDIUM | N/A |
| Abidia (1) O-Anywhere and (2) Abidia Wireless transmit authentication credentials in cleartext, which allows remote attackers to obtain sensitive information by sniffing. | |||||