Total
29548 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-0492 | 1 Snitz Communications | 1 Snitz Forums 2000 | 2025-04-03 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in search.asp for Snitz Forums 3.4.03 and earlier allows remote attackers to execute arbitrary web script via the Search parameter. | |||||
| CVE-1999-0094 | 1 Ibm | 1 Aix | 2025-04-03 | 4.6 MEDIUM | N/A |
| AIX piodmgrsu command allows local users to gain additional group privileges. | |||||
| CVE-2005-3815 | 1 Greywyvern | 1 Orca Forum | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in forum.php in Orca Forum 4.3b and earlier allows remote attackers to execute arbitrary SQL commands via the msg parameter. | |||||
| CVE-1999-1262 | 1 Netscape | 1 Communicator | 2025-04-03 | 5.1 MEDIUM | N/A |
| Java in Netscape 4.5 does not properly restrict applets from connecting to other hosts besides the one from which the applet was loaded, which violates the Java security model and could allow remote attackers to conduct unauthorized activities. | |||||
| CVE-2001-1439 | 1 Hp | 1 Hp-ux | 2025-04-03 | 2.1 LOW | N/A |
| Buffer overflow in the text editor functionality in HP-UX 10.01 through 11.04 on HP9000 Series 700 and Series 800 allows local users to cause a denial of service ("system availability") via text editors such as (1) e, (2) ex, (3) vi, (4) edit, (5) view, and (6) vedit. | |||||
| CVE-1999-0971 | 1 University Of Cambridge | 1 Exim | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in Exim allows local users to gain root privileges via a long :include: option in a .forward file. | |||||
| CVE-2001-1545 | 1 Macromedia | 1 Jrun | 2025-04-03 | 5.0 MEDIUM | N/A |
| Macromedia JRun 3.0 and 3.1 appends the jsessionid to URL requests (a.k.a. rewriting) when client browsers have cookies enabled, which allows remote attackers to obtain session IDs and hijack sessions via HTTP referrer fields or sniffing. | |||||
| CVE-2002-1379 | 1 Openldap | 1 Openldap | 2025-04-03 | 7.5 HIGH | N/A |
| OpenLDAP2 (OpenLDAP 2) 2.2.0 and earlier allows remote or local attackers to execute arbitrary code when libldap reads the .ldaprc file within applications that are running with extra privileges. | |||||
| CVE-2003-0538 | 1 Mozart | 1 Mozart | 2025-04-03 | 7.5 HIGH | N/A |
| The mailcap file for mozart 1.2.5 and earlier causes Oz applications to be passed to the Oz interpreter, which allows remote attackers to execute arbitrary Oz programs in a MIME-aware client program. | |||||
| CVE-2005-1160 | 1 Mozilla | 2 Firefox, Mozilla | 2025-04-03 | 5.1 MEDIUM | N/A |
| The privileged "chrome" UI code in Firefox before 1.0.3 and Mozilla Suite before 1.7.7 allows remote attackers to gain privileges by overriding certain properties or methods of DOM nodes, as demonstrated using multiple attacks involving the eval function or the Script object. | |||||
| CVE-2006-2318 | 1 Ideal Science | 1 Idealbb | 2025-04-03 | 7.5 HIGH | N/A |
| Incomplete blacklist vulnerability in Ideal Science Ideal BB 1.5.4a and earlier allows remote attackers to upload and execute an ASP script via a ".asa" file, which bypasses the check for the ".asp" extension but is executable on the server. | |||||
| CVE-2001-1162 | 2 Hp, Samba | 2 Cifs-9000 Server, Samba | 2025-04-03 | 10.0 HIGH | N/A |
| Directory traversal vulnerability in the %m macro in the smb.conf configuration file in Samba before 2.2.0a allows remote attackers to overwrite certain files via a .. in a NETBIOS name, which is used as the name for a .log file. | |||||
| CVE-2000-0668 | 3 Conectiva, Michael K. Johnson, Redhat | 3 Linux, Pam Console, Linux | 2025-04-03 | 5.0 MEDIUM | N/A |
| pam_console PAM module in Linux systems allows a user to access the system console and reboot the system when a display manager such as gdm or kdm has XDMCP enabled. | |||||
| CVE-2006-2020 | 1 Asteriskathome | 1 Asteriskathome | 2025-04-03 | 7.8 HIGH | N/A |
| Asterisk Recording Interface (ARI) in Asterisk@Home before 2.8 stores recordings/includes/main.conf under the web document root with insufficient access control, which allows remote attackers to obtain password information. | |||||
| CVE-1999-1433 | 1 Hp | 1 Jetadmin | 2025-04-03 | 7.2 HIGH | N/A |
| HP JetAdmin D.01.09 on Solaris allows local users to change the permissions of arbitrary files via a symlink attack on the /tmp/jetadmin.log file. | |||||
| CVE-2006-0310 | 1 Mike Helton | 1 Aoblogger | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in aoblogger 2.3 allows remote attackers to inject arbitrary Javascript via a javascript URI in the BBcode url tag. | |||||
| CVE-2006-3031 | 1 Fipsasp | 1 Fipscms | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index.asp in fipsCMS 4.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) w, (2) phcat, (3) dayid, and (4) calw parameters. | |||||
| CVE-2006-3375 | 1 Randshop | 1 Randshop | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in includes/header.inc.php in Randshop 1.1.1 allows remote attackers to execute arbitrary PHP code via the dateiPfad parameter. | |||||
| CVE-2005-2803 | 1 Hiki | 1 Hiki | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Hiki 0.8.1 to 0.8.2 allows remote attackers to inject arbitrary web script or HTML via a page name in a Login link, a different vulnerability than CVE-2005-2336. | |||||
| CVE-2002-0292 | 1 Open Source Development Network | 1 Slashcode | 2025-04-03 | 2.6 LOW | N/A |
| Cross-site scripting vulnerability in Slash before 2.2.5, as used in Slashcode and elsewhere, allows remote attackers to steal cookies and authentication information from other users via Javascript in a URL, possibly in the formkey field. | |||||