Total
29549 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-2253 | 1 Netwin | 1 Surgeldap | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in user.cgi in SurgeLDAP 1.0g and earlier allows remote attackers to read arbitrary files via a .. in the page parameter of the show command. | |||||
| CVE-2005-0357 | 2 Emc, Sun | 3 Legato Networker, Solstice Backup, Storedge Enterprise Backup Software | 2025-04-03 | 7.5 HIGH | N/A |
| EMC Legato NetWorker, Sun Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 7.0 through 7.2 rely on AUTH_UNIX authentication, which relies on user ID for authentication and allows remote attackers to bypass authentication and gain privileges by spoofing a username or UID. | |||||
| CVE-2006-4087 | 1 Mojoscripts | 1 Mojogallery | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in admin.cgi in mojoscripts.com mojoGallery allows remote attackers to inject arbitrary web script or HTML via the username parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | |||||
| CVE-2001-0346 | 1 Microsoft | 1 Windows 2000 | 2025-04-03 | 5.0 MEDIUM | N/A |
| Handle leak in Microsoft Windows 2000 telnet service allows attackers to cause a denial of service by starting a large number of sessions and terminating them. | |||||
| CVE-2000-1141 | 1 Recourse Technologies | 1 Mantrap | 2025-04-03 | 2.1 LOW | N/A |
| Recourse ManTrap 1.6 modifies the kernel so that ".." does not appear in the /proc listing, which allows attackers to determine that they are in a honeypot system. | |||||
| CVE-1999-1327 | 1 Redhat | 1 Linux | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in linuxconf 1.11r11-rh2 on Red Hat Linux 5.1 allows local users to gain root privileges via a long LANG environmental variable. | |||||
| CVE-2001-0193 | 2 Debian, Suse | 2 Debian Linux, Suse Linux | 2025-04-03 | 7.2 HIGH | N/A |
| Format string vulnerability in man in some Linux distributions allows local users to gain privileges via a malformed -l parameter. | |||||
| CVE-2002-1807 | 1 Phpwebsite | 1 Phpwebsite | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in phpWebSite 0.8.3 allows remote attackers to inject arbitrary web script or HTML via Javascript in an IMG tag. | |||||
| CVE-2006-3322 | 1 Spiffyjr | 1 Phpraid | 2025-04-03 | 5.1 MEDIUM | N/A |
| SQL injection vulnerability in includes/functions_logging.php in phpRaid 3.0.5, and possibly other versions, allows remote attackers to execute arbitrary SQL commands via the log_hack function. | |||||
| CVE-2003-0924 | 1 Netpbm | 1 Netpbm | 2025-04-03 | 3.7 LOW | N/A |
| netpbm 9.25 and earlier does not properly create temporary files, which allows local users to overwrite arbitrary files. | |||||
| CVE-1999-0429 | 1 Ibm | 1 Lotus Notes | 2025-04-03 | 7.5 HIGH | N/A |
| The Lotus Notes 4.5 client may send a copy of encrypted mail in the clear across the network if the user does not set the "Encrypt Saved Mail" preference. | |||||
| CVE-2005-2918 | 1 Gtkdiskfree | 1 Gtkdiskfree | 2025-04-03 | 5.0 MEDIUM | N/A |
| The open_cmd_tube function in mount.c for gtkdiskfree 1.9.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on the gtkdiskfree temporary file. | |||||
| CVE-2004-1197 | 1 Insite | 2 Inmail, Inshop | 2025-04-03 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in inshop.pl in Insite inShop allows remote attackers to inject arbitrary web script or HTML via the screen parameter. | |||||
| CVE-2005-3082 | 1 Seo-board | 1 Seo-board | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin.php in SEO-Board 1.0.2 allows remote attackers to execute arbitrary SQL commands via the user_pass_sha1 value in a cookie. | |||||
| CVE-2001-0072 | 1 Gnu | 1 Privacy Guard | 2025-04-03 | 5.0 MEDIUM | N/A |
| gpg (aka GnuPG) 1.0.4 and other versions imports both public and private keys from public key servers without notifying the user about the private keys, which could allow an attacker to break the web of trust. | |||||
| CVE-2004-1591 | 1 Micronet | 1 Sp916bm | 2025-04-03 | 7.5 HIGH | N/A |
| The web interface for Micronet Wireless Broadband Router SP916BM running firmware before 1.9 08/04/2004 resets the password to the default password when the router is shut off, which could allow remote attackers to gain access. | |||||
| CVE-1999-0353 | 1 Hp | 1 Hp-ux | 2025-04-03 | 9.3 HIGH | N/A |
| rpc.pcnfsd in HP gives remote root access by changing the permissions on the main printer spool directory. | |||||
| CVE-2002-1392 | 1 Gert Doering | 1 Mgetty | 2025-04-03 | 2.1 LOW | N/A |
| faxspool in mgetty before 1.1.29 uses a world-writable spool directory for outgoing faxes, which allows local users to modify fax transmission privileges. | |||||
| CVE-1999-0038 | 7 Bsdi, Data General, Debian and 4 more | 8 Bsd Os, Dg Ux, Debian Linux and 5 more | 2025-04-03 | 7.2 HIGH | 8.4 HIGH |
| Buffer overflow in xlock program allows local users to execute commands as root. | |||||
| CVE-2006-1603 | 1 Phpbb Group | 1 Phpbb | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in profile.php in phpBB 2.0.19 allows remote attackers to inject arbitrary web script or HTML via the cur_password parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||