Total
29520 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-3394 | 1 Oaboard | 1 Oaboard | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in forum.php in oaboard forum 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) channel parameter in the topics module and (2) topic parameter in the posting module. | |||||
| CVE-2004-1855 | 1 Mythic Entertainment | 1 Dark Age Of Camelot | 2025-04-03 | 5.0 MEDIUM | N/A |
| Dark Age of Camelot before 1.68 live patch does not sign the RSA public key, which could allow remote malicious servers to gain sensitive information via a man-in-the-middle attack. | |||||
| CVE-2001-0966 | 1 Nudester.org | 1 Nudester | 2025-04-03 | 10.0 HIGH | N/A |
| Directory traversal vulnerability in Nudester 1.10 and earlier allows remote attackers to read or write arbitrary files via a .. (dot dot) in the CD (CWD) command. | |||||
| CVE-2006-3427 | 1 Microsoft | 1 Internet Explorer | 2025-04-03 | 5.0 MEDIUM | N/A |
| Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (crash) by declaring the sourceURL attribute on an uninitialized DirectAnimation.StructuredGraphicsControl ActiveX Object, which triggers a null dereference. | |||||
| CVE-2006-3584 | 1 Jetbox | 1 Jetbox Cms | 2025-04-03 | 7.5 HIGH | N/A |
| Dynamic variable evaluation vulnerability in index.php in Jetbox CMS 2.1 SR1 allows remote attackers to overwrite configuration variables via URL parameters, which are evaluated as PHP variable variables. | |||||
| CVE-2005-2438 | 1 Usebb | 1 Usebb | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in UseBB 0.5.1 and earlier allows remote attackers to inject arbitrary Javascript via the BBCode color value. | |||||
| CVE-2002-1042 | 2 Netscape, Sun | 4 Enterprise Server, Iplanet Web Server, One Application Server and 1 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in search engine for iPlanet web server 6.0 SP2 and 4.1 SP9, and Netscape Enterprise Server 3.6, when running on Windows platforms, allows remote attackers to read arbitrary files via ..\ (dot-dot backslash) sequences in the NS-query-pat parameter. | |||||
| CVE-2000-0714 | 1 University Of Massachusetts | 1 Scheme | 2025-04-03 | 7.2 HIGH | N/A |
| umb-scheme 3.2-11 for Red Hat Linux is installed with world-writeable files. | |||||
| CVE-2005-2813 | 1 Flatnuke | 1 Flatnuke | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in FlatNuke 2.5.6 and possibly earlier allows remote attackers to read arbitrary files via ".." sequences and "%00" (trailing null byte) characters in the id parameter to the read mod in index.php. | |||||
| CVE-2001-0423 | 1 Sun | 1 Solaris | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in ipcs in Solaris 7 x86 allows local users to execute arbitrary code via a long TZ (timezone) environmental variable, a different vulnerability than CAN-2002-0093. | |||||
| CVE-2006-2876 | 1 Deltascripts | 1 Php Pro Publish | 2025-04-03 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in cat.php in PHP Pro Publish 2.0 allows remote attackers to inject arbitrary web script or HTML via the catname parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-1999-0613 | 2025-04-03 | N/A | N/A | ||
| The rpc.sprayd service is running. | |||||
| CVE-2000-1153 | 1 Kenny Carruthers | 1 Postmaster | 2025-04-03 | 5.0 MEDIUM | N/A |
| PostMaster 1.0 in BeOS r5 pro and earlier allows remote attackers to conduct a denial of service via a message that contains a long URL. | |||||
| CVE-2001-0842 | 1 Leoboard | 1 Lb5000 | 2025-04-03 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in Search.cgi in Leoboard LB5000 LB5000II 1029 and earlier allows remote attackers to overwrite files and gain privileges via .. (dot dot) sequences in the amembernamecookie cookie. | |||||
| CVE-2002-1939 | 1 Flashfxp | 1 Flashfxp | 2025-04-03 | 2.1 LOW | N/A |
| FlashFXP 1.4 prints FTP passwords in plaintext when there are transfers in the queue, which allows attackers to obtain FTP passwords of other users by editing the queue properties. | |||||
| CVE-2000-0522 | 1 Rsa | 1 Ace Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| RSA ACE/Server allows remote attackers to cause a denial of service by flooding the server's authentication request port with UDP packets, which causes the server to crash. | |||||
| CVE-2006-1657 | 1 Chucky A. Ivey | 1 N.t. | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Chucky A. Ivey N.T. 1.1.0 allows remote attackers to inject arbitrary web script or HTML via the username parameter, which is not filtered when the administrator views the "Login Log" page. | |||||
| CVE-2005-4241 | 1 Vcd-db | 1 Vcd-db | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the category page in VCD-db 0.98 and earlier allows remote attackers to inject arbitrary web script or HTML via the batch parameter. | |||||
| CVE-2002-1749 | 1 Microsoft | 1 Windows 2000 | 2025-04-03 | 7.2 HIGH | N/A |
| Windows 2000 Terminal Services, when using the disconnect feature of the client, does not properly lock itself if it is left idle until the screen saver activates and the user disconnects, which could allow attackers to gain administrator privileges. | |||||
| CVE-1999-1507 | 1 Sun | 1 Sunos | 2025-04-03 | 7.2 HIGH | N/A |
| Sun SunOS 4.1 through 4.1.3 allows local attackers to gain root access via insecure permissions on files and directories such as crash. | |||||