Total
29549 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-0684 | 1 Netscape | 1 Collabra Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Netscape Collabra Server 3.5.4 and earlier allows a remote attacker to cause a denial of service by sending seven or more characters to TCP port 5239. | |||||
| CVE-2006-0312 | 1 Mike Helton | 1 Aoblogger | 2025-04-03 | 5.0 MEDIUM | N/A |
| create.php in aoblogger 2.3 allows remote attackers to bypass authentication and create new blog entries by setting the uza parameter to 1. | |||||
| CVE-2006-3444 | 1 Microsoft | 1 Windows 2000 | 2025-04-03 | 7.5 HIGH | N/A |
| Unspecified vulnerability in the kernel in Microsoft Windows 2000 SP4, probably a buffer overflow, allows local users to obtain privileges via unspecified vectors involving an "unchecked buffer." | |||||
| CVE-2006-3034 | 1 Myscrapbook | 1 Myscrapbook | 2025-04-03 | 5.0 MEDIUM | N/A |
| MyScrapbook 3.1 allows remote attackers to obtain sensitive information via a direct request to files in the txt-db-api directory such as txt-db-api/sql.php, which reveals the path in an error message. | |||||
| CVE-2006-1339 | 1 Cutephp | 1 Cutenews | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in inc/functions.inc.php in CuteNews 1.4.1 and possibly other versions, when register_globals is enabled, allows remote attackers to include arbitrary files via a .. (dot dot) sequence and trailing NULL (%00) byte in the archive parameter in an HTTP POST or COOKIE request, which bypasses a sanity check that is only applied to a GET request. | |||||
| CVE-2006-3758 | 1 Mybulletinboard | 1 Mybulletinboard | 2025-04-03 | 7.5 HIGH | N/A |
| inc/init.php in Archive Mode (Light) in MyBB (aka MyBulletinBoard) 1.1.4 calls the extract function with EXTR_OVERWRITE on HTTP POST and GET variables, which allows remote attackers to overwrite arbitrary variables, as demonstrated via an SQL injection using the _SERVER[HTTP_CLIENT_IP] parameter in archive/index.php. | |||||
| CVE-2006-1131 | 1 Bitweaver | 1 Bitweaver | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in read.php in bitweaver CMS 1.2.1 allows remote attackers to inject arbitrary web script or HTML via the comment_title parameter. | |||||
| CVE-2000-0326 | 1 On Technology | 1 Meeting Maker | 2025-04-03 | 5.0 MEDIUM | N/A |
| Meeting Maker uses weak encryption (a polyalphabetic substitution cipher) for passwords, which allows remote attackers to sniff and decrypt passwords for Meeting Maker accounts. | |||||
| CVE-1999-1385 | 1 Freebsd | 1 Freebsd | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in ppp program in FreeBSD 2.1 and earlier allows local users to gain privileges via a long HOME environment variable. | |||||
| CVE-2006-4493 | 1 Xbiff2 | 1 Xbiff2 | 2025-04-03 | 2.1 LOW | N/A |
| xbiff2 1.9 creates $HOME/.xbiff2rc in a user's home directory with insecure file permissions, which allows local users to obtain sensitive information such as login credentials. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | |||||
| CVE-2006-1536 | 1 Phoetux.net | 1 Phxcontacts | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Phoetux.net PhxContacts 0.93.1 beta and earlier allow remote attackers to execute arbitrary SQL commands via the (1) motclef and (2) nbr_line_view parameters in (a) carnet.php, and the (3) id_contact parameter in (b) contact_view.php. | |||||
| CVE-2003-0877 | 1 Apple | 1 Mac Os X | 2025-04-03 | 4.6 MEDIUM | N/A |
| Mac OS X before 10.3 with core files enabled allows local users to overwrite arbitrary files and read core files via a symlink attack on core files that are created with predictable names in the /cores directory. | |||||
| CVE-2001-0062 | 1 Freebsd | 1 Freebsd | 2025-04-03 | 2.1 LOW | N/A |
| procfs in FreeBSD and possibly other operating systems allows local users to cause a denial of service by calling mmap on the process' own mem file, which causes the kernel to hang. | |||||
| CVE-2006-1190 | 1 Microsoft | 1 Internet Explorer | 2025-04-03 | 10.0 HIGH | N/A |
| Microsoft Internet Explorer 5.01 through 6 does not always return the correct IOleClientSite information when dynamically creating an embedded object, which could cause Internet Explorer to run the object in the wrong security context or zone, and allow remote attackers to execute arbitrary code. | |||||
| CVE-1999-0037 | 2 Freebsd, Redhat | 2 Freebsd, Linux | 2025-04-03 | 7.5 HIGH | N/A |
| Arbitrary command execution via metamail package using message headers, when user processes attacker's message using metamail. | |||||
| CVE-2006-1675 | 1 Phpwebgallery | 1 Phpwebgallery | 2025-04-03 | 2.6 LOW | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in PHPWebGallery 1.4.1 allow remote attackers to inject arbitrary web script or HTML via the (1) cat, (2) num, and (3) search parameters to (a) category.php, and the (4) slideshow, (5) show_metadata, and (6) start parameters to (b) picture.php, a different vulnerability than CVE-2006-1674. | |||||
| CVE-1999-0599 | 2025-04-03 | 10.0 HIGH | N/A | ||
| A network intrusion detection system (IDS) does not properly handle packets with improper sequence numbers. | |||||
| CVE-2004-2417 | 1 Smtp.proxy | 1 Smtp.proxy | 2025-04-03 | 7.5 HIGH | N/A |
| Format string vulnerability in smtp.c for smtp.proxy 1.1.3 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the (1) client hostname or (2) message-id, which are injected into a syslog message. | |||||
| CVE-2004-2321 | 1 Bea | 1 Weblogic Server | 2025-04-03 | 2.1 LOW | N/A |
| BEA WebLogic Server and Express 8.1 SP1 and earlier allows local users in the Operator role to obtain administrator passwords via MBean attributes, including (1) ServerStartMBean.Password and (2) NodeManagerMBean.CertificatePassword. | |||||
| CVE-2006-0425 | 1 Oracle | 1 Weblogic Portal | 2025-04-03 | 5.0 MEDIUM | N/A |
| BEA WebLogic Portal 8.1 through SP4 allows remote attackers to obtain the source for a deployment descriptor file via unknown vectors. | |||||