Total
29548 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-1195 | 1 Vienuke | 1 Vieboard | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in getmember.asp in VieBoard 2.6 Beta 1 allows remote attackers to execute arbitrary SQL commands via the msn variable. | |||||
| CVE-2005-4043 | 1 Hobosworld | 1 Hobsr | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in view.php in Hobosworld HobSR 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) arrange and (2) p parameters. | |||||
| CVE-2001-1032 | 1 Francisco Burzi | 1 Php-nuke | 2025-04-03 | 7.5 HIGH | N/A |
| admin.php in PHP-Nuke 5.2 and earlier, except 5.0RC1, does not check login credentials for upload operations, which allows remote attackers to copy and upload arbitrary files and read the PHP-Nuke configuration file by directly calling admin.php with an upload parameter and specifying the file to copy. | |||||
| CVE-2002-0664 | 1 Granite Software | 1 Zmerge | 2025-04-03 | 7.5 HIGH | N/A |
| The default Access Control Lists (ACLs) of the administration database for ZMerge 4.x and 5.x provides arbitrary users (including anonymous users) with Manager level access, which allows the users to read or modify import/export scripts. | |||||
| CVE-2003-1135 | 1 Yahoo | 1 Messenger | 2025-04-03 | 2.6 LOW | N/A |
| Buffer overflow in Yahoo! Messenger 5.6 allows remote attackers to cause a denial of service (crash) via a file send request (sendfile) with a large number of "%" (percent) characters after the Yahoo ID. | |||||
| CVE-2002-0234 | 1 Juniper | 1 Netscreen Screenos | 2025-04-03 | 2.1 LOW | N/A |
| NetScreen ScreenOS before 2.6.1 does not support a maximum number of concurrent sessions for a system, which allows an attacker on the trusted network to cause a denial of service (resource exhaustion) via a port scan to an external network, which consumes all available connections. | |||||
| CVE-2006-1452 | 1 Apple | 1 Mac Os X | 2025-04-03 | 4.6 MEDIUM | N/A |
| Stack-based buffer overflow in Preview in Apple Mac OS 10.4 up to 10.4.6 allows local users to execute arbitrary code via a deep directory hierarchy. | |||||
| CVE-2001-0593 | 1 Anaconda Partners | 1 Clipper | 2025-04-03 | 5.0 MEDIUM | N/A |
| Anaconda Partners Clipper 3.3 and earlier allows a remote attacker to read arbitrary files via a '..' (dot dot) attack in the template parameter. | |||||
| CVE-2004-0568 | 1 Microsoft | 4 Windows 2000, Windows 2003 Server, Windows Nt and 1 more | 2025-04-03 | 10.0 HIGH | N/A |
| HyperTerminal application for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the length of a value that is saved in a session file, which allows remote attackers to execute arbitrary code via a malicious HyperTerminal session file (.ht), web site, or Telnet URL contained in an e-mail message, triggering a buffer overflow. | |||||
| CVE-2000-0282 | 1 Talentsoft | 1 Web\+ | 2025-04-03 | 5.0 MEDIUM | N/A |
| TalentSoft webpsvr daemon in the Web+ shopping cart application allows remote attackers to read arbitrary files via a .. (dot dot) attack on the webplus CGI program. | |||||
| CVE-2002-0856 | 1 Oracle | 2 Database Server, Oracle9i | 2025-04-03 | 5.0 MEDIUM | N/A |
| SQL*NET listener for Oracle Net Oracle9i 9.0.x and 9.2 allows remote attackers to cause a denial of service (crash) via certain debug requests that are not properly handled by the debugging feature. | |||||
| CVE-2002-1431 | 1 Belkin | 1 F5d5230-4 4-port Cable Dsl Gateway Router | 2025-04-03 | 7.5 HIGH | N/A |
| Belkin F5D5230-4 4-Port Cable/DSL Gateway Router 1.20.000 modifies the source IP address of internal packets to that of the router's external interface when forwarding a request from an internal host to an internal web server, which allows remote attackers to hide which host is being used to access the web server. | |||||
| CVE-2006-0956 | 1 Nufw | 1 Nufw Firewall | 2025-04-03 | 1.7 LOW | N/A |
| nuauth in NuFW before 1.0.21 does not properly handle blocking TLS sockets, which allows remote authenticated users to cause a denial of service (service hang) by flooding packets at the authentication server. | |||||
| CVE-2000-0652 | 1 Ibm | 1 Websphere Application Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| IBM WebSphere allows remote attackers to read source code for executable web files by directly calling the default InvokerServlet using a URL which contains the "/servlet/file" string. | |||||
| CVE-2004-0580 | 1 Linksys | 12 Befcmu10, Befn2ps4, Befsr11 and 9 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| DHCP on Linksys BEFSR11, BEFSR41, BEFSR81, and BEFSRU31 Cable/DSL Routers, firmware version 1.45.7, does not properly clear previously used buffer contents in a BOOTP reply packet, which allows remote attackers to obtain sensitive information. | |||||
| CVE-2000-0891 | 1 Ibm | 1 Lotus Notes | 2025-04-03 | 7.5 HIGH | N/A |
| A default ECL in Lotus Notes before 5.02 allows remote attackers to execute arbitrary commands by attaching a malicious program in an email message that is automatically executed when the user opens the email. | |||||
| CVE-2002-0409 | 1 Microsoft | 1 .net Framework | 2025-04-03 | 5.0 MEDIUM | N/A |
| orderdetails.aspx, as made available to Microsoft .NET developers as example code and demonstrated on www.ibuyspystore.com, allows remote attackers to view the orders of other users by modifying the OrderID parameter. | |||||
| CVE-2005-0125 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | 7.2 HIGH | N/A |
| The "at" commands on Mac OS X 10.3.7 and earlier do not properly drop privileges, which allows local users to (1) delete arbitrary files via atrm, (2) execute arbitrary programs via the -f argument to batch, or (3) read arbitrary files via the -f argument to batch, which generates a job file that is readable by the local user. | |||||
| CVE-2006-1508 | 1 Mh Software | 1 Connect Daily | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in MH Software Connect Daily Web Calendar Software 3.2.9 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) calendar_id, (2) style_sheet, and (3) start parameters in (a) ViewDay.html; the (4) txtSearch and (5) opgSearch parameters in (b) ViewSearch.html; the (6) calendar_id and (7) approved parameters in (c) ViewYear.html; the (8) item_type_id parameter in (d) ViewCal.html; and the (9) week parameter in (e) ViewWeek.html. | |||||
| CVE-2001-0735 | 1 Infodrom | 1 Cfingerd | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in cfingerd 1.4.3 and earlier with the ALLOW_LINE_PARSING option enabled allows local users to execute arbitrary code via a long line in the .nofinger file. | |||||