Total
29549 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-2086 | 1 Squirrelmail | 1 Squirrelmail | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in magicHTML of SquirrelMail before 1.2.6 allow remote attackers to inject arbitrary web script or HTML via (1) "<<script" in unspecified input fields or (2) a javascript: URL in the src attribute of an IMG tag. | |||||
| CVE-2003-0747 | 1 Sap | 1 Internet Transaction Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| wgate.dll in SAP Internet Transaction Server (ITS) 4620.2.0.323011 allows remote attackers to obtain potentially sensitive information such as directory structure and operating system via incorrect parameters (1) ~service, (2) ~templatelanguage, (3) ~language, (4) ~theme, or (5) ~template, which leaks the information in the resulting error message. | |||||
| CVE-2006-1391 | 1 Pablo Software Solutions | 2 Baby Asp Web Server, Quick And Easy Web Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| The (a) Quick 'n Easy Web Server before 3.1.1 and (b) Baby ASP Web Server 2.7.2 allows remote attackers to obtain the source code of ASP files via (1) . (dot) and (2) space characters in the extension of a URL. | |||||
| CVE-2005-3487 | 1 Scorched 3d | 1 Scorched 3d | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple buffer overflows in Scorched 3D 39.1 (bf) and earlier allow remote attackers to execute arbitrary code via various (1) GLConsole::addLine, (2) ServerCommon::sendString, (3) ServerCommon::serverLog functions, (4) a long command that is not properly handled in ComsMessageHandler.cpp when generating an error message, (5) a long UniqueID value in Logger.cpp, and possibly other unspecified vectors. | |||||
| CVE-1999-1195 | 1 Network Associates | 1 Virusscan | 2025-04-03 | 5.1 MEDIUM | N/A |
| NAI VirusScan NT 4.0.2 does not properly modify the scan.dat virus definition file during an update via FTP, but it reports that the update was successful, which could cause a system administrator to believe that the definitions have been updated correctly. | |||||
| CVE-2006-0988 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Nt | 2025-04-03 | 7.8 HIGH | N/A |
| The default configuration of the DNS Server service on Windows Server 2003 and Windows 2000, and the Microsoft DNS Server service on Windows NT 4.0, allows recursive queries and provides additional delegation information to arbitrary IP addresses, which allows remote attackers to cause a denial of service (traffic amplification) via DNS queries with spoofed source IP addresses. | |||||
| CVE-2002-2104 | 1 Ganglia | 1 Php Rrd Web Client | 2025-04-03 | 7.5 HIGH | N/A |
| graph.php in Ganglia PHP RRD Web Client 1.0.2 allows remote attackers to execute arbitrary commands via the command parameter, which is provided to the passthru function. | |||||
| CVE-2004-2249 | 1 Goosequill | 1 Audienceconnect Secureeditor | 2025-04-03 | 7.5 HIGH | N/A |
| Unknown vulnerability in the "access code" in SecureEditor before 0.1.2 has unknown impact and attack vectors, possibly involving a bypass of IP address restrictions. | |||||
| CVE-2000-0035 | 1 Great Circle Associates | 1 Majordomo | 2025-04-03 | 4.6 MEDIUM | N/A |
| resend command in Majordomo allows local users to gain privileges via shell metacharacters. | |||||
| CVE-2006-1887 | 1 Oracle | 1 Enterpriseone | 2025-04-03 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Oracle JD Edwards EnterpriseOne Security Server 8.95.J1 has unknown impact and attack vectors, aka Vuln# JDE01. | |||||
| CVE-2003-0283 | 1 Phorum | 1 Phorum | 2025-04-03 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Phorum before 3.4.3 allows remote attackers to inject arbitrary web script and HTML tags via a message with a "<<" before a tag name in the (1) subject, (2) author's name, or (3) author's e-mail. | |||||
| CVE-1999-1194 | 1 Digital | 1 Ultrix | 2025-04-03 | 7.2 HIGH | N/A |
| chroot in Digital Ultrix 4.1 and 4.0 is insecurely installed, which allows local users to gain privileges. | |||||
| CVE-2004-1973 | 1 Digi | 1 Www Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| DiGi Web Server allows remote attackers to cause a denial of service (CPU consumption) via an HTTP GET request that contains a large number of / (slash) characters, which consumes resources when DiGi converts the slashes to \ (backslash) characters. | |||||
| CVE-2004-0806 | 1 Cdrtools | 1 Cdrecord | 2025-04-03 | 7.2 HIGH | N/A |
| cdrecord in the cdrtools package before 2.01, when installed setuid root, does not properly drop privileges before executing a program specified in the RSH environment variable, which allows local users to gain privileges. | |||||
| CVE-2000-0915 | 1 Freebsd | 1 Freebsd | 2025-04-03 | 5.0 MEDIUM | N/A |
| fingerd in FreeBSD 4.1.1 allows remote attackers to read arbitrary files by specifying the target file name instead of a regular user name. | |||||
| CVE-2002-1885 | 1 Powerphlogger | 1 Powerphlogger | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in showhits.php3 for PowerPhlogger (PPhlogger) 2.0.9 through 2.2.2 allows remote attackers to execute arbitrary PHP code via the rel_path parameter. | |||||
| CVE-2002-0168 | 1 Enlightenment | 1 Imlib | 2025-04-03 | 7.5 HIGH | N/A |
| Vulnerability in Imlib before 1.9.13 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code by manipulating arguments that are passed to malloc, which results in a heap corruption. | |||||
| CVE-2005-3493 | 1 Afsl Games | 1 Battle Carry | 2025-04-03 | 5.0 MEDIUM | N/A |
| Battle Carry .005 and earlier allows remote attackers to cause a denial of service (inaccessible port) via a large packet, which triggers a socket error and terminates the socket that is listening on the server's UDP port. | |||||
| CVE-2005-0935 | 1 Esmi | 1 Paypal Storefront | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in ESMI PayPal Storefront allow remote attackers to execute arbitrary SQL commands via the (1) idpages parameter to pages.php or the (2) id2 parameter to products1.php. | |||||
| CVE-2001-1056 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 7.5 HIGH | N/A |
| IRC DCC helper in the ip_masq_irc IP masquerading module 2.2 allows remote attackers to bypass intended firewall restrictions by causing the target system to send a "DCC SEND" request to a malicious server which listens on port 6667, which may cause the module to believe that the traffic is a valid request and allow the connection to the port specified in the DCC SEND request. | |||||