Total
29521 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-1257 | 1 Microsoft | 8 Windows 2000, Windows 2000 Terminal Services, Windows 95 and 5 more | 2025-04-03 | 10.0 HIGH | N/A |
| Microsoft Virtual Machine (VM) up to and including build 5.0.3805 allows remote attackers to execute arbitrary code by including a Java applet that invokes COM (Component Object Model) objects in a web site or an HTML mail. | |||||
| CVE-2006-4832 | 1 Verso Netperformer | 1 Frame Relay Access Device Act | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the telnet service in Verso NetPerformer FRAD ACT SDM-95xx 7.xx (R1) and earlier, SDM-93xx 10.x.x (R2) and earlier, and SDM-92xx 9.x.x (R1) and earlier allows remote attackers to cause a denial of service (reboot) and possibly execute arbitrary code via a long username. | |||||
| CVE-2002-1840 | 1 Irssi | 1 Irssi | 2025-04-03 | 10.0 HIGH | N/A |
| irssi IRC client 0.8.4, when downloaded after 14-March-2002, could contain a backdoor in the configuration file, which allows remote attackers to access the system. | |||||
| CVE-2001-0548 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 4.6 MEDIUM | N/A |
| Buffer overflow in dtmail in Solaris 2.6 and 7 allows local users to gain privileges via the MAIL environment variable. | |||||
| CVE-2006-4078 | 1 Deluxebb | 1 Deluxebb | 2025-04-03 | 7.5 HIGH | N/A |
| pm.php (aka the PM system) in DeluxeBB 1.08, and possibly earlier, allows remote attackers to bypass authentication by providing an arbitrary username in the membercookie cookie parameter. | |||||
| CVE-1999-1173 | 1 Corel | 1 Wordperfect | 2025-04-03 | 2.1 LOW | N/A |
| Corel Word Perfect 8 for Linux creates a temporary working directory with world-writable permissions, which allows local users to (1) modify Word Perfect behavior by modifying files in the working directory, or (2) modify files of other users via a symlink attack. | |||||
| CVE-2005-1882 | 1 Yapig | 1 Yapig | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in last_gallery.php in YaPiG 0.93u and 0.94u allows remote attackers to execute arbitrary PHP code via the YAPIG_PATH parameter. | |||||
| CVE-2005-4038 | 1 Web4future | 1 Portal Solutions | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in comentarii.php in Web4Future Portal Solutions News Portal allows remote attackers to execute arbitrary SQL commands via the idp parameter. | |||||
| CVE-2003-0557 | 1 Lagarde | 1 Storefront | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in login.asp for StoreFront 6.0, and possibly earlier versions, allows remote attackers to obtain sensitive user information via SQL statements in the password field. | |||||
| CVE-2001-0140 | 3 Immunix, Mandrakesoft, Redhat | 3 Immunix, Mandrake Linux, Linux | 2025-04-03 | 1.2 LOW | N/A |
| arpwatch 2.1a4 allows local users to overwrite arbitrary files via a symlink attack in some configurations. | |||||
| CVE-2006-4032 | 1 Cisco | 1 Callmanager Express | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Cisco IOS CallManager Express (CME) allows remote attackers to gain sensitive information (user names) from the Session Initiation Protocol (SIP) user directory via certain SIP messages, aka bug CSCse92417. | |||||
| CVE-2002-0577 | 1 Hp | 1 Hp-ux | 2025-04-03 | 2.1 LOW | N/A |
| Vulnerability in passwd for HP-UX 11.00 and 11.11 allows local users to corrupt the password file and cause a denial of service. | |||||
| CVE-2004-2005 | 1 Qualcomm | 1 Eudora | 2025-04-03 | 5.1 MEDIUM | N/A |
| Buffer overflow in Eudora for Windows 5.2.1, 6.0.3, and 6.1 allows remote attackers to execute arbitrary code via an e-mail with (1) a link to a long URL to the C drive or (2) a long attachment name. | |||||
| CVE-2002-1848 | 1 Tightvnc | 1 Tightvnc | 2025-04-03 | 2.1 LOW | N/A |
| TightVNC before 1.2.4 running on Windows stores unencrypted passwords in the password text control of the WinVNC Properties dialog, which could allow local users to access passwords. | |||||
| CVE-2005-1202 | 1 Egroupware | 1 Egroupware | 2025-04-03 | 6.8 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in eGroupware before 1.0.0.007 allow remote attackers to inject arbitrary web script or HTML via the (1) ab_id, (2) page, (3) type, or (4) lang parameter to index.php or (5) category_id parameter. | |||||
| CVE-2002-1352 | 1 Per Magne Knutsen | 1 Cartman | 2025-04-03 | 5.0 MEDIUM | N/A |
| Per Magne Knutsen's CartMan shopping cart (cartman.php) 1.04 and earlier allows remote attackers to modify product prices by changing the price parameter. | |||||
| CVE-2005-0684 | 1 Mysql | 1 Maxdb | 2025-04-03 | 10.0 HIGH | N/A |
| Multiple buffer overflows in the web tool for MySQL MaxDB before 7.5.00.26 allows remote attackers to execute arbitrary code via (1) an HTTP GET request with a long file parameter after a percent ("%") sign or (2) a long Lock-Token string to the WebDAV functionality, which is not properly handled by the getLockTokenHeader function in WDVHandler_CommonUtils.c. | |||||
| CVE-2002-0451 | 1 Phpprojekt | 1 Phpprojekt | 2025-04-03 | 7.5 HIGH | N/A |
| filemanager_forms.php in PHProjekt 3.1 and 3.1a allows remote attackers to execute arbitrary PHP code by specifying the URL to the code in the lib_path parameter. | |||||
| CVE-2006-3457 | 1 Symantec | 2 On-demand Agent, On-demand Protection | 2025-04-03 | 2.1 LOW | N/A |
| Symantec On-Demand Agent (SODA) before 2.5 MR2 Build 2157, and the Virtual Desktop module in Symantec On-Demand Protection (SODP) before 2.6 Build 2233, do not properly encrypt files that are subject to policy-based automatic encryption, which might allow local users to read sensitive data via an unspecified decryption method. | |||||
| CVE-2005-2850 | 1 Whitsoft Development | 1 Slimftpd | 2025-04-03 | 5.0 MEDIUM | N/A |
| SlimFTPd 3.17 allows remote attackers to cause a denial of service (crash) via certain (1) USER and (2) PASS commands, possibly due to a buffer overflow or off-by-one error. | |||||