Total
29521 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-3697 | 1 Uresk Links | 1 Uresk Links | 2025-04-03 | 7.5 HIGH | N/A |
| Unspecified vulnerability in the administration interface in Uresk Links 2.0 Lite allows remote attackers to bypass authentication via unspecified vectors in index.php. | |||||
| CVE-2002-1561 | 1 Microsoft | 4 Windows 2000, Windows 2000 Terminal Services, Windows Nt and 1 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| The RPC component in Windows 2000, Windows NT 4.0, and Windows XP allows remote attackers to cause a denial of service (disabled RPC service) via a malformed packet to the RPC Endpoint Mapper at TCP port 135, which triggers a null pointer dereference. | |||||
| CVE-2002-0552 | 1 Melange | 1 Melange Chat System | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple buffer overflows in Melange Chat server 2.02 allow remote or local attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) a long argument in the /yell command, (2) long lines in the /etc/melange.conf configuration file, (3) long file names, or possibly other attacks. | |||||
| CVE-2004-0496 | 5 Gentoo, Linux, Mandrakesoft and 2 more | 13 Linux, Linux Kernel, Mandrake Linux and 10 more | 2025-04-03 | 7.2 HIGH | N/A |
| Multiple unknown vulnerabilities in Linux kernel 2.6 allow local users to gain privileges or access kernel memory, a different set of vulnerabilities than those identified in CVE-2004-0495, as found by the Sparse source code checking tool. | |||||
| CVE-2003-0631 | 1 Vmware | 2 Gsx Server, Workstation | 2025-04-03 | 7.2 HIGH | N/A |
| VMware GSX Server 2.5.1 build 4968 and earlier, and Workstation 4.0 and earlier, allows local users to gain root privileges via certain enivronment variables that are used when launching a virtual machine session. | |||||
| CVE-2001-0484 | 1 Tek | 1 Phaserlink | 2025-04-03 | 6.4 MEDIUM | N/A |
| Tektronix PhaserLink 850 does not require authentication for access to configuration pages such as _ncl_subjects.shtml and _ncl_items.shtml, which allows remote attackers to modify configuration information and cause a denial of service by accessing the pages. | |||||
| CVE-2000-0659 | 1 Analogx | 1 Proxy | 2025-04-03 | 5.0 MEDIUM | N/A |
| Buffer overflow in AnalogX proxy server 4.04 and earlier allows remote attackers to cause a denial of service via a long user ID in a SOCKS4 CONNECT request. | |||||
| CVE-2004-1915 | 1 Lcdproc | 1 Lcdproc | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the parse_all_client_messages function in LCDproc 0.4.x up to 0.4.4 allows remote attackers to execute arbitrary code via a large number of arguments. | |||||
| CVE-2004-2407 | 1 Phpgroupware | 1 Phpgroupware | 2025-04-03 | 10.0 HIGH | N/A |
| Unknown vulnerability in phpGroupWare before 0.9.14.002 has unknown attack vectors and impact, related to a "security hole" in the Setup/Config functionality. | |||||
| CVE-2006-0792 | 1 V-webmail | 1 V-webmail | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in preferences.personal.php in V-webmail 1.6.2 allows remote attackers to inject arbitrary web script or HTML via the newid parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2004-2418 | 1 Whitsoft Development | 1 Slimftpd | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in SlimFTPd 3.15 and earlier allows local users to execute arbitrary code via a long command, such as (1) CWD, (2) STOR, (3) MKD, and (4) STAT. | |||||
| CVE-2000-0301 | 1 Ipswitch | 1 Imail | 2025-04-03 | 5.0 MEDIUM | N/A |
| Ipswitch IMAIL server 6.02 and earlier allows remote attackers to cause a denial of service via the AUTH CRAM-MD5 command. | |||||
| CVE-2000-0124 | 1 Surfcontrol | 1 Superscout | 2025-04-03 | 2.1 LOW | N/A |
| surfCONTROL SuperScout does not properly asign a category to web sites with a . (dot) at the end, which may allow users to bypass web access restrictions. | |||||
| CVE-1999-1009 | 1 Disney | 1 Go Express Search | 2025-04-03 | 2.6 LOW | N/A |
| The Disney Go Express Search allows remote attackers to access and modify search information for users by connecting to an HTTP server on the user's system. | |||||
| CVE-2002-0071 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the ism.dll ISAPI extension that implements HTR scripting in Internet Information Server (IIS) 4.0 and 5.0 allows attackers to cause a denial of service or execute arbitrary code via HTR requests with long variable names. | |||||
| CVE-2006-3069 | 1 Iglooweb | 1 Doublespeak | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in DoubleSpeak 0.1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via the config[private] parameter in multiple files, as demonstrated by (1) index.php, (2) faq.php, and (3) hardware.php. NOTE: this issue has been disputed by multiple third-party researchers, who state that config[private] is initialized in an include file before being used | |||||
| CVE-2003-0359 | 1 Stichting Mathematisch Centrum | 1 Nethack | 2025-04-03 | 4.6 MEDIUM | N/A |
| nethack 3.4.0 and earlier installs certain setgid binaries with insecure permissions, which allows local users to gain privileges by replacing the original binaries with malicious code. | |||||
| CVE-2005-4728 | 1 Debian | 1 Amaya | 2025-04-03 | 4.6 MEDIUM | N/A |
| Untrusted search path vulnerability (RPATH) in amaya 9.2.1 on Debian GNU/Linux allows local users to gain privileges via a malicious Mesa library in the /home/anand directory. | |||||
| CVE-2003-0291 | 1 3com | 1 3cp4144 | 2025-04-03 | 5.0 MEDIUM | N/A |
| 3com OfficeConnect Remote 812 ADSL Router 1.1.7 does not properly clear memory from DHCP responses, which allows remote attackers to identify the contents of previous HTTP requests by sniffing DHCP packets. | |||||
| CVE-2006-4849 | 1 Mobilepublisherphp | 1 Mobilepublisherphp | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in header.php in MobilePublisherPHP 1.5 RC2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the abspath parameter. | |||||