Total
29548 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-0864 | 1 Sco | 1 Unixware | 2025-04-03 | 7.2 HIGH | N/A |
| UnixWare programs that dump core allow a local user to modify files via a symlink attack on the ./core.pid file. | |||||
| CVE-2002-0349 | 1 Tiny Software | 1 Tiny Personal Firewall | 2025-04-03 | 4.6 MEDIUM | N/A |
| Tiny Personal Firewall (TPF) 2.0.15, under certain configurations, will pop up an alert to the system even when the screen is locked, which could allow an attacker with physical access to the machine to hide activities or bypass access restrictions. | |||||
| CVE-2005-2969 | 1 Openssl | 1 Openssl | 2025-04-03 | 5.0 MEDIUM | N/A |
| The SSL/TLS server implementation in OpenSSL 0.9.7 before 0.9.7h and 0.9.8 before 0.9.8a, when using the SSL_OP_MSIE_SSLV2_RSA_PADDING option, disables a verification step that is required for preventing protocol version rollback attacks, which allows remote attackers to force a client and server to use a weaker protocol than needed via a man-in-the-middle attack. | |||||
| CVE-2001-0767 | 1 Steve Poulsen | 1 Guildftpd | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in GuildFTPd 0.9.7 allows attackers to list or read arbitrary files and directories via a .. in (1) LS or (2) GET. | |||||
| CVE-2006-1395 | 1 Cholod | 1 Mysql Based Message Board | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in mb.cgi in Cholod MySQL Based Message Board allows remote attackers to execute arbitrary SQL commands via unspecified vectors in a showmessage action, possibly the username parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | |||||
| CVE-2006-4110 | 1 Apache | 1 Http Server | 2025-04-03 | 4.3 MEDIUM | N/A |
| Apache 2.2.2, when running on Windows, allows remote attackers to read source code of CGI programs via a request that contains uppercase (or alternate case) characters that bypass the case-sensitive ScriptAlias directive, but allow access to the file on case-insensitive file systems. | |||||
| CVE-1999-0169 | 1 Sun | 1 Nfs | 2025-04-03 | 10.0 HIGH | N/A |
| NFS allows attackers to read and write any file on the system by specifying a false UID. | |||||
| CVE-1999-0124 | 1 University Of Minnesota | 1 Gopherd | 2025-04-03 | 10.0 HIGH | N/A |
| Vulnerabilities in UMN gopher and gopher+ versions 1.12 and 2.0x allow an intruder to read any files that can be accessed by the gopher daemon. | |||||
| CVE-2005-0650 | 1 Projectbb | 1 Projectbb | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in ProjectBB 0.4.5.1 allow remote attackers to inject arbitrary web script or HTML via (1) the pages parameter to divers.php (incorrectly referred to as "drivers.php" by some sources), (2) in the search feature text area, (3) forum name, (4) site name or (5) the maximum avatar size in the option section, (5) new category or (6) new forum fields in the forum section. | |||||
| CVE-2005-0147 | 1 Mozilla | 2 Firefox, Mozilla | 2025-04-03 | 7.5 HIGH | N/A |
| Firefox before 1.0 and Mozilla before 1.7.5, when configured to use a proxy, respond to 407 proxy auth requests from arbitrary servers, which allows remote attackers to steal NTLM or SPNEGO credentials. | |||||
| CVE-2005-3665 | 1 Phpmyadmin | 1 Phpmyadmin | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.7.0 allow remote attackers to inject arbitrary web script or HTML via the (1) HTTP_HOST variable and (2) various scripts in the libraries directory that handle header generation. | |||||
| CVE-2005-0236 | 1 Omnigroup | 1 Omniweb | 2025-04-03 | 5.0 MEDIUM | N/A |
| The International Domain Name (IDN) support in Omniweb 5 allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks. | |||||
| CVE-2002-0520 | 1 Asp-nuke | 1 Asp-nuke | 2025-04-03 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerability in functions-inc.asp for ASP-Nuke RC1 allows remote attackers to execute script as other ASP-Nuke users by embedding it within an IMG tag. | |||||
| CVE-2005-0637 | 1 Openbsd | 1 Openbsd | 2025-04-03 | 5.0 MEDIUM | N/A |
| The copy functions in locore.s such as copyout in OpenBSD 3.5 and 3.6, and possibly other BSD based operating systems, may allow attackers to exceed certain address boundaries and modify kernel memory. | |||||
| CVE-2004-1728 | 1 British National Corpus | 1 Sara | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in British National Corpus SARA (sarad) allows remote attackers to execute arbitrary code by calling the client with a long string. | |||||
| CVE-2006-2002 | 1 Mygamingladder | 1 Mygamingladder | 2025-04-03 | 5.0 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in stats.php in MyGamingLadder 7.0 allows remote attackers to execute arbitrary PHP code via a URL in the dir[base] parameter. | |||||
| CVE-2003-0491 | 1 Mytutorials | 1 Tutorials | 2025-04-03 | 7.5 HIGH | N/A |
| The Tutorials 2.0 module in XOOPS and E-XOOPS allows remote attackers to execute arbitrary code by uploading a PHP file without a MIME image type, then directly accessing the uploaded file. | |||||
| CVE-2001-0337 | 1 Microsoft | 1 Internet Information Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| The Microsoft MS01-014 and MS01-016 patches for IIS 5.0 and earlier introduce a memory leak which allows attackers to cause a denial of service via a series of requests. | |||||
| CVE-2000-0781 | 1 Ca | 1 Arcserve Backup | 2025-04-03 | 7.2 HIGH | N/A |
| uagentsetup in ARCServeIT Client Agent 6.62 does not properly check for the existence or ownership of a temporary file which is moved to the agent.cfg configuration file, which allows local users to execute arbitrary commands by modifying the temporary file before it is moved. | |||||
| CVE-2003-1180 | 1 Advanced Poll | 1 Advanced Poll | 2025-04-03 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in Advanced Poll 2.0.2 allows remote attackers to read arbitrary files or inject arbitrary local PHP files via .. sequences in the base_path or pollvars[lang] parameters to the admin files (1) index.php, (2) admin_tpl_new.php, (3) admin_tpl_misc_new.php, (4) admin_templates_misc.php, (5) admin_templates.php, (6) admin_stats.php, (7) admin_settings.php, (8) admin_preview.php, (9) admin_password.php, (10) admin_logout.php, (11) admin_license.php, (12) admin_help.php, (13) admin_embed.php, (14) admin_edit.php, or (15) admin_comment.php. | |||||