Total
29802 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-1162 | 1 Aladdin Enterprises | 1 Ghostscript | 2025-04-03 | 3.7 LOW | N/A |
| ghostscript before 5.10-16 allows local users to overwrite files of other users via a symlink attack. | |||||
| CVE-1999-1190 | 1 Admiral Systems | 1 Emailclub | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in POP3 server of Admiral Systems EmailClub 1.05 allows remote attackers to execute arbitrary commands via a long "From" header in an e-mail message. | |||||
| CVE-2005-4141 | 1 Aspmforum | 1 Aspmforum | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in ASPMForum allow remote attackers to execute arbitrary SQL commands via the (1) harf parameter in kullanicilistesi.asp and (2) baslik parameter in forum.asp. | |||||
| CVE-2005-0792 | 1 Zpanel | 1 Zpanel | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in ZPanel 2.0 allows remote attackers to execute arbitrary SQL commands via the (1) uname parameter to index.php or (2) page parameter to zpanel.php. | |||||
| CVE-2002-1350 | 1 Lbl | 1 Tcpdump | 2025-04-03 | 7.5 HIGH | N/A |
| The BGP decoding routines in tcpdump 3.6.x before 3.7 do not properly copy data, which allows remote attackers to cause a denial of service (application crash). | |||||
| CVE-2005-3320 | 1 Siteturn | 1 Domain Manager Pro | 2025-04-03 | 2.6 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in SiteTurn Domain Manager Pro allows remote attackers to inject arbitrary web script or HTML via the err parameter in the panel script. | |||||
| CVE-2004-1808 | 1 Metamail Corporation | 1 Metamail | 2025-04-03 | 2.1 LOW | N/A |
| Extcompose in metamail does not verify the output file before writing to it, which allows local users to overwrite arbitrary files via a symlink attack. | |||||
| CVE-2005-3243 | 1 Ethereal Group | 1 Ethereal | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple buffer overflows in Ethereal 0.10.12 and earlier might allow remote attackers to execute arbitrary code via unknown vectors in the (1) SLIMP3 and (2) AgentX dissector. | |||||
| CVE-2002-1778 | 1 Symantec | 1 Norton Personal Firewall | 2025-04-03 | 7.5 HIGH | N/A |
| Symantec Norton Personal Firewall 2002 allows remote attackers to bypass the portscan protection by using a (1) SYN/FIN, (2) SYN/FIN/URG, (3) SYN/FIN/PUSH, or (4) SYN/FIN/URG/PUSH scan. | |||||
| CVE-2004-1081 | 1 Apple | 4 Darwin Streaming Server, Mac Os X, Mac Os X Server and 1 more | 2025-04-03 | 2.1 LOW | N/A |
| The Application Framework (AppKit) for Apple Mac OS X 10.2.8 and 10.3.6 does not properly restrict access to a secure text input field, which allows local users to read keyboard input from other applications within the same window session. | |||||
| CVE-2006-0780 | 1 Perlblog | 1 Perlblog | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in weblog.pl in PerlBlog 1.09b and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) name and (2) email parameters. | |||||
| CVE-2006-3270 | 1 Thorcms | 1 Thorcms | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in cms_admin.php in THoRCMS 1.3.1 allows remote attackers to execute arbitrary SQL commands via multiple unspecified parameters, such as the add_link_mid parameter. NOTE: the provenance of this information is unknown; portions of the details are obtained from third party information. | |||||
| CVE-1999-1528 | 1 Prosoft Engineering | 1 Netware Client | 2025-04-03 | 4.6 MEDIUM | N/A |
| ProSoft Netware Client 5.12 on Macintosh MacOS 9 does not automatically log a user out of the NDS tree when the user logs off the system, which allows other users of the same system access to the unprotected NDS session. | |||||
| CVE-2005-3456 | 1 Oracle | 1 E-business Suite | 2025-04-03 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5 up to 11.5.9 have unknown impact and attack vectors, as identified by Oracle Vuln# (1) APPS04 in Application Object Library, and (2) APPS17, (3) APPS18, and (4) APPS21 in Workflow Cartridge. | |||||
| CVE-2002-0050 | 1 Microsoft | 1 Commerce Server | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in AuthFilter ISAPI filter on Microsoft Commerce Server 2000 allows remote attackers to execute arbitrary code via long authentication data. | |||||
| CVE-2005-3957 | 1 Dotclear | 1 Dotclear | 2025-04-03 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the Trackback functionality in DotClear 1.2.1 has unknown impact and attack vectors. | |||||
| CVE-2006-1164 | 1 Nodez | 1 Nodez | 2025-04-03 | 7.5 HIGH | N/A |
| Nodez 4.6.1.1 and earlier stores sensitive data in the list.gtdat file under the web document root with insufficient access control, which allows remote attackers to obtain usernames and password hashes by directly accessing list.gtdat. | |||||
| CVE-1999-0528 | 2025-04-03 | 7.5 HIGH | N/A | ||
| A router or firewall forwards external packets that claim to come from inside the network that the router/firewall is in front of. | |||||
| CVE-2001-0820 | 1 Gaztek | 1 Ghttp | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflows in GazTek ghttpd 1.4 allows a remote attacker to execute arbitrary code via long arguments that are passed to (1) the Log function in util.c, or (2) serveconnection in protocol.c. | |||||
| CVE-2003-0357 | 1 Ethereal Group | 1 Ethereal | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple integer overflow vulnerabilities in Ethereal 0.9.11 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) Mount and (2) PPP dissectors. | |||||