Total
29809 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-1567 | 1 Directtopics | 1 Directtopics | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in topic.php in DirectTopics 2.1 and 2.2 allows remote attackers to execute arbitrary SQL commands via the topic parameter. | |||||
| CVE-1999-0432 | 1 Hp | 1 Hp-ux | 2025-04-03 | 4.6 MEDIUM | N/A |
| ftp on HP-UX 11.00 allows local users to gain privileges. | |||||
| CVE-2003-0276 | 1 Pi3 | 1 Pi3web | 2025-04-03 | 5.0 MEDIUM | N/A |
| Buffer overflow in Pi3Web 2.0.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a GET request with a large number of / characters. | |||||
| CVE-2000-1007 | 1 Symantec | 1 I-gear | 2025-04-03 | 5.0 MEDIUM | N/A |
| I-gear 3.5.7 and earlier does not properly process log entries in which a URL is longer than 255 characters, which allows an attacker to cause reporting errors. | |||||
| CVE-2006-0414 | 1 Tor | 1 Tor | 2025-04-03 | 5.0 MEDIUM | N/A |
| Tor before 0.1.1.20 allows remote attackers to identify hidden services via a malicious Tor server that attempts a large number of accesses of the hidden service, which eventually causes a circuit to be built through the malicious server. | |||||
| CVE-1999-0059 | 1 Sgi | 1 Irix | 2025-04-03 | 7.1 HIGH | 7.3 HIGH |
| IRIX fam service allows an attacker to obtain a list of all files on the server. | |||||
| CVE-2001-0425 | 1 Adcycle | 1 Adcycle | 2025-04-03 | 7.5 HIGH | N/A |
| AdLibrary.pm in AdCycle 0.78b allows remote attackers to gain privileges to AdCycle via a malformed Agent: header in the HTTP request, which is inserted into a resulting SQL query that is used to verify login information. | |||||
| CVE-2004-0176 | 1 Ethereal Group | 1 Ethereal | 2025-04-03 | 5.0 MEDIUM | N/A |
| Multiple buffer overflows in Ethereal 0.8.13 to 0.10.2 allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) NetFlow, (2) IGAP, (3) EIGRP, (4) PGM, (5) IrDA, (6) BGP, (7) ISUP, or (8) TCAP dissectors. | |||||
| CVE-2002-1168 | 1 Ibm | 1 Websphere Caching Proxy Server | 2025-04-03 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in IBM Web Traffic Express Caching Proxy Server 3.6 and 4.x before 4.0.1.26 allows remote attackers to execute script as other users via an HTTP request that contains an Location: header with a "%0a%0d" (CRLF) sequence, which echoes the Location as an HTTP header in the server response. | |||||
| CVE-1999-1203 | 1 Ascend | 1 Multilink Ppp For Isdn | 2025-04-03 | 5.0 MEDIUM | N/A |
| Multilink PPP for ISDN dialup users in Ascend before 4.6 allows remote attackers to cause a denial of service via a spoofed endpoint identifier. | |||||
| CVE-2006-0536 | 1 Neomail | 1 Neomail | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in neomail.pl in NeoMail 1.27 allows remote attackers to inject arbitrary web script or HTML via the sort parameter. NOTE: some sources say that the affected parameter is "date," but the demonstration URL shows that it is "sort". | |||||
| CVE-2006-0971 | 1 Lionel Reyero | 1 Directcontact | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Lionel Reyero DirectContact 0.3b allows remote attackers to read arbitrary files via a .. (dot dot) in the URL. | |||||
| CVE-2005-2840 | 1 Maxdev | 1 Md-pro | 2025-04-03 | 10.0 HIGH | N/A |
| Multiple unknown vulnerabilities in MAXdev MD-Pro 1.0.72 and earlier have unknown impact and unspecified attack vectors, in one or more of the (1) Download, (2) Search, (3) Web links, (4) Blocks, (5) Messages, (6) News, (7) Comments, (8) Settings, (9) Stats or (10) subjects modules. | |||||
| CVE-2002-1906 | 1 Polycom | 1 Viavideo | 2025-04-03 | 5.0 MEDIUM | N/A |
| The web server for Polycom ViaVideo 2.2 and 3.0 allows remote attackers to cause a denial of service (CPU consumption) by sending incomplete HTTP requests and leaving the connections open. | |||||
| CVE-2006-0100 | 1 Nicosw | 1 Nicoftp | 2025-04-03 | 4.6 MEDIUM | N/A |
| Buffer overflow in NicoFTP 3.0.1.19 and earlier might allow local users to execute arbitrary code via a long string in the "Name of site" field of an FTP account. NOTE: because this program executes with the privileges of the invoking user, and because remote programs do not normally have the ability to create or modify FTP accounts in this program, there may not be a typical attack vector for the issue that crosses privilege boundaries. Therefore this may not be a vulnerability. | |||||
| CVE-2002-1592 | 1 Apache | 1 Http Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| The ap_log_rerror function in Apache 2.0 through 2.035, when a CGI application encounters an error, sends error messages to the client that include the full path for the server, which allows remote attackers to obtain sensitive information. | |||||
| CVE-2000-0154 | 1 Sco | 1 Unixware | 2025-04-03 | 1.2 LOW | N/A |
| The ARCserve agent in UnixWare allows local attackers to modify arbitrary files via a symlink attack. | |||||
| CVE-2001-1179 | 1 Xfree86 Project | 1 X11r6 | 2025-04-03 | 7.2 HIGH | N/A |
| xman allows local users to gain privileges by modifying the MANPATH to point to a man page whose filename contains shell metacharacters. | |||||
| CVE-2004-1672 | 1 Icewarp | 1 Web Mail | 2025-04-03 | 7.5 HIGH | N/A |
| attachment.html in Merak Mail Server 7.4.5 with Icewarp Web Mail 5.2.7 and possibly other versions allows remote attackers to view other users' attachments by specifying the username and message ID in an HTTP request. | |||||
| CVE-2000-1222 | 1 Ibm | 1 Aix | 2025-04-03 | 7.2 HIGH | N/A |
| AIX sysback before 4.2.1.13 uses a relative path to find and execute the hostname program, which allows local users to gain privileges by modifying the path to point to a malicious hostname program. | |||||