Total
29798 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-1094 | 1 Cisco | 2 Vpn 3000 Concentrator Series Software, Vpn 3002 Hardware Client | 2025-04-03 | 5.0 MEDIUM | N/A |
| Information leaks in Cisco VPN 3000 Concentrator 2.x.x and 3.x.x before 3.5.4 allow remote attackers to obtain potentially sensitive information via the (1) SSH banner, (2) FTP banner, or (3) an incorrect HTTP request. | |||||
| CVE-2005-1990 | 1 Microsoft | 2 Ie, Internet Explorer | 2025-04-03 | 5.1 MEDIUM | N/A |
| Internet Explorer 5.0, 5.5, and 6.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a web page with embedded CLSIDs that reference certain COM objects that are not ActiveX controls, including (1) devenum.dll, (2) diactfrm.dll, (3) wmm2filt.dll, (4) fsusd.dll, (5) dmdskmgr.dll, (6) browsewm.dll, (7) browseui.dll, (8) shell32.dll, (9) mshtml.dll, (10) inetcfg.dll, (11) infosoft.dll, (12) query.dll, (13) syncui.dll, (14) clbcatex.dll, (15) clbcatq.dll, (16) comsvcs.dll, and (17) msconf.dll, which causes memory corruption, aka "COM Object Instantiation Memory Corruption Vulnerability," a different vulnerability than CVE-2005-2087. | |||||
| CVE-2005-2892 | 1 Pblang | 1 Pblang | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in setcookie.php in PBLang 4.65, and possibly earlier versions, allows remote attackers to read arbitrary files via ".." sequences and "%00" (trailing null byte) in the u parameter. | |||||
| CVE-2006-0828 | 1 Xerox | 6 Workcentre 232, Workcentre 238, Workcentre 245 and 3 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in ESS/ Network Controller and MicroServer Web Server in Xerox WorkCentre Pro and Xerox WorkCentre running software 13.027.24.015 and 14.027.24.015 allows remote attackers to "reduce effectiveness of security features" via unknown attack vectors. | |||||
| CVE-2006-4657 | 1 Panda | 1 Panda Platinum Internet Security | 2025-04-03 | 7.2 HIGH | N/A |
| Panda Platinum Internet Security 2006 10.02.01 and 2007 11.00.00 stores service executables under the product's installation directory with weak permissions, which allows local users to obtain LocalSystem privileges by modifying (1) WebProxy.exe or (2) PAVSRV51.EXE. | |||||
| CVE-1999-1024 | 1 Lbl | 1 Tcpdump | 2025-04-03 | 7.5 HIGH | N/A |
| ip_print procedure in Tcpdump 3.4a allows remote attackers to cause a denial of service via a packet with a zero length header, which causes an infinite loop and core dump when tcpdump prints the packet. | |||||
| CVE-2006-3691 | 1 Vbzoom | 1 Vbzoom | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in VBZooM 1.11 and earlier allow remote attackers to execute arbitrary SQL commands via the UserID parameter to (1) ignore-pm.php, (2) sendmail.php, (3) reply.php or (4) sub-join.php. | |||||
| CVE-2005-1785 | 1 Zongg | 1 Zongg | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in ad/login.asp in ZonGG 1.2 allows remote attackers to execute arbitrary SQL commands via the password parameter. | |||||
| CVE-2006-2367 | 1 Clansys | 1 Clansys | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Clansys (aka Clanpage System) 1.0 and 1.1 allows remote attackers to inject arbitrary web script or HTML via the func parameter in a search function. | |||||
| CVE-2000-0269 | 1 Gnu | 1 Emacs | 2025-04-03 | 2.1 LOW | N/A |
| Emacs 20 does not properly set permissions for a slave PTY device when starting a new subprocess, which allows local users to read or modify communications between Emacs and the subprocess. | |||||
| CVE-2000-1151 | 1 Abisoft | 1 Baxter | 2025-04-03 | 5.0 MEDIUM | N/A |
| Baxter IRC client in BeOS r5 pro and earlier allows remote attackers to conduct a denial of service via a message that contains a long URL. | |||||
| CVE-2002-0710 | 1 Rod Clark | 1 Sendform.cgi | 2025-04-03 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in sendform.cgi 1.44 and earlier allows remote attackers to read arbitrary files by specifying the desired files in the BlurbFilePath parameter. | |||||
| CVE-2000-1207 | 1 Redhat | 1 Linux | 2025-04-03 | 7.2 HIGH | N/A |
| userhelper in the usermode package on Red Hat Linux executes non-setuid programs as root, which does not activate the security measures in glibc and allows the programs to be exploited via format string vulnerabilities in glibc via the LANG or LC_ALL environment variables (CVE-2000-0844). | |||||
| CVE-2004-1996 | 1 Simple Machines | 1 Smf | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Simple Machines Forum (SMF) 1.0 allows remote attackers to inject arbitrary web script via the size tag. | |||||
| CVE-2004-1171 | 3 Kde, Mandrakesoft, Redhat | 3 Kde, Mandrake Linux, Fedora Core | 2025-04-03 | 2.1 LOW | N/A |
| KDE 3.2.x and 3.3.0 through 3.3.2, when saving credentials that are (1) manually entered by the user or (2) created by the SMB protocol handler, stores those credentials for plaintext in the user's .desktop file, which may be created with world-readable permissions, which could allow local users to obtain usernames and passwords for remote resources such as SMB shares. | |||||
| CVE-2000-0531 | 2 Caldera, Redhat | 3 Openlinux, Openlinux Eserver, Linux | 2025-04-03 | 2.1 LOW | N/A |
| Linux gpm program allows local users to cause a denial of service by flooding the /dev/gpmctl device with STREAM sockets. | |||||
| CVE-2000-0040 | 1 Glftpd | 1 Glftpd | 2025-04-03 | 10.0 HIGH | N/A |
| glFtpD allows local users to gain privileges via metacharacters in the SITE ZIPCHK command. | |||||
| CVE-2004-2335 | 1 Macromedia | 2 Contribute, Studio | 2025-04-03 | 7.2 HIGH | N/A |
| The Macromedia installers and e-licensing client on Mac OS X, as used for Macromedia Contribute 2, Director, Dreamweaver, Fireworks, Flash, and Studio, install the AuthenticationService setuid and writable by other users, which allows local users to gain privileges by modifying the program. | |||||
| CVE-2005-2848 | 1 Barracuda Networks | 1 Barracuda Spam Firewall | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in img.pl in Barracuda Spam Firewall running firmware 3.1.16 and 3.1.17 allows remote attackers to read arbitrary files via a .. (dot dot) in the f parameter. | |||||
| CVE-2003-0725 | 1 Realnetworks | 2 Helix Universal Server, Realserver | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the RTSP protocol parser for the View Source plug-in (vsrcplin.so or vsrcplin3260.dll) for RealNetworks Helix Universal Server 9 and RealSystem Server 8, 7 and RealServer G2 allows remote attackers to execute arbitrary code. | |||||