Total
29536 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-0863 | 1 Microsoft | 5 .net Windows Server, Windows 2000, Windows 2000 Terminal Services and 2 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| Remote Data Protocol (RDP) version 5.0 in Microsoft Windows 2000 and RDP 5.1 in Windows XP does not encrypt the checksums of plaintext session data, which could allow a remote attacker to determine the contents of encrypted sessions via sniffing, aka "Weak Encryption in RDP Protocol." | |||||
| CVE-2005-0895 | 1 Netcomm | 1 Nb1300 | 2025-04-03 | 5.0 MEDIUM | N/A |
| Netcomm 1300NB DSL Modem allows remote attackers to cause a denial of service (device hang) via a large number of ping packets. | |||||
| CVE-2005-1174 | 1 Mit | 1 Kerberos 5 | 2025-04-03 | 5.0 MEDIUM | N/A |
| MIT Kerberos 5 (krb5) 1.3 through 1.4.1 Key Distribution Center (KDC) allows remote attackers to cause a denial of service (application crash) via a certain valid TCP connection that causes a free of unallocated memory. | |||||
| CVE-2003-0577 | 1 Mpg123 | 1 Mpg123 | 2025-04-03 | 7.5 HIGH | N/A |
| mpg123 0.59r allows remote attackers to cause a denial of service and possibly execute arbitrary code via an MP3 file with a zero bitrate, which creates a negative frame size. | |||||
| CVE-2006-0400 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | 7.5 HIGH | N/A |
| CoreTypes in Apple Mac OS X 10.4 up to 10.4.5 allows remote attackers to bypass the same-origin policy and execute Javascript in other domains via unknown vectors involving "crafted archives." | |||||
| CVE-2001-0026 | 1 Roaring Penguin | 1 Pppoe | 2025-04-03 | 5.0 MEDIUM | N/A |
| rp-pppoe PPPoE client allows remote attackers to cause a denial of service via the Clamp MSS option and a TCP packet with a zero-length TCP option. | |||||
| CVE-2005-2422 | 1 Beehive Forum | 1 Beehive Forum | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Beehive Forum allows remote attackers to inject arbitrary web script or HTML via the webtag parameter. | |||||
| CVE-2004-2210 | 1 Express-web | 1 Express-web Content Management System | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Express-Web Content Management System (CMS) allow remote attackers to steal cookie-based authentication information and possibly perform other exploits via the (1) n, (2) b, (3) e, or (4) a parameters to default.asp, (5) the Referer header in an HTTP request to login.asp, or (6) the email parameter to subscribe/default.asp. | |||||
| CVE-2005-1027 | 1 Francisco Burzi | 1 Php-nuke | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in PHP-Nuke 6.x through 7.6 allow remote attackers to inject arbitrary web script or HTML via the (1) username parameter in the Your_Account module, (2) avatarcategory parameter in the Your_Account module, or (3) lid parameter in the Downloads module. | |||||
| CVE-2004-0353 | 1 Gnu | 1 Anubis | 2025-04-03 | 10.0 HIGH | N/A |
| Multiple buffer overflows in auth_ident() function in auth.c for GNU Anubis 3.6.0 through 3.6.2, 3.9.92 and 3.9.93 allow remote attackers to gain privileges via a long string. | |||||
| CVE-2004-1645 | 1 Jerod Moemeka | 1 Xedus | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Xedus 1.0 allows remote attackers to execute arbitrary web script or HTML via the (1) username parameter to test.x, (2) username parameter to TestServer.x, or (3) param parameter to testgetrequest.x. | |||||
| CVE-2004-0042 | 1 Beasts | 1 Vsftpd | 2025-04-03 | 5.0 MEDIUM | N/A |
| vsftpd 1.1.3 generates different error messages depending on whether or not a valid username exists, which allows remote attackers to identify valid usernames. | |||||
| CVE-2006-3922 | 1 Portailphp | 1 Portailphp | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in mod_membre/inscription.php in PortailPHP 1.7 allows remote attackers to execute arbitrary PHP code via a URL in the chemin parameter. | |||||
| CVE-2005-2236 | 1 Ibm | 1 Aix | 2025-04-03 | 7.2 HIGH | N/A |
| Format string vulnerability in the paginit command in IBM AIX 5.3, and possibly other versions, might allow local users to execute arbitrary code via format strings in command line arguments. | |||||
| CVE-2005-0643 | 1 Mcafee | 1 Antivirus Engine | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in McAfee Scan Engine 4320 with DAT version before 4357 allows remote attackers to execute arbitrary code via crafted LHA files. | |||||
| CVE-2005-1501 | 1 Midicart Software | 1 Midicart Php Shopping Cart | 2025-04-03 | 7.5 HIGH | N/A |
| MidiCart PHP Shopping Cart allows remote attackers to obtain sensitive information via a direct request to (1) search_list.php, (2) item_list.php, or (3) item_show.php, which reveal the path in a PHP error message. | |||||
| CVE-2006-3810 | 1 Mozilla | 3 Firefox, Seamonkey, Thunderbird | 2025-04-03 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to inject arbitrary web script or HTML via the XPCNativeWrapper(window).Function construct. | |||||
| CVE-2006-3040 | 1 Amr Talkbox | 1 Amr Talkbox | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in talkbox.php in Amr Talkbox allows remote attackers to execute arbitrary PHP code via a URL in the direct parameter. NOTE: this issue has been disputed by CVE, since the $direct variable is set to a static value just before the include statement | |||||
| CVE-2001-0180 | 1 Lars Ellingsen | 1 Guestserver | 2025-04-03 | 10.0 HIGH | N/A |
| Lars Ellingsen guestserver.cgi allows remote attackers to execute arbitrary commands via shell metacharacters in the "email" parameter. | |||||
| CVE-2004-0946 | 2 Nfs, Redhat | 3 Nfs-utils, Enterprise Linux, Enterprise Linux Desktop | 2025-04-03 | 10.0 HIGH | N/A |
| rquotad in nfs-utils (rquota_server.c) before 1.0.6-r6 on 64-bit architectures does not properly perform an integer conversion, which leads to a stack-based buffer overflow and allows remote attackers to execute arbitrary code via a crafted NFS request. | |||||