Total
29520 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-0832 | 1 Microsoft | 1 Internet Explorer | 2025-04-03 | 7.5 HIGH | N/A |
| Internet Explorer 5, 5.6, and 6 allows remote attackers to bypass cookie privacy settings and store information across browser sessions via the userData (storeuserData) feature. | |||||
| CVE-2005-1951 | 1 Oscommerce | 1 Oscommerce | 2025-04-03 | 5.0 MEDIUM | N/A |
| Multiple HTTP Response Splitting vulnerabilities in osCommerce 2.2 Milestone 2 and earlier allow remote attackers to spoof web content and poison web caches via hex-encoded CRLF ("%0d%0a") sequences in the (1) products_id or (2) pid parameter to index.php or (3) goto parameter to banner.php. | |||||
| CVE-2003-1134 | 1 Sun | 1 Java | 2025-04-03 | 2.1 LOW | N/A |
| Sun Java 1.3.1, 1.4.1, and 1.4.2 allows local users to cause a denial of service (JVM crash), possibly by calling the ClassDepth function with a null parameter, which causes a crash instead of generating a null pointer exception. | |||||
| CVE-1999-1067 | 1 Sgi | 1 Irix | 2025-04-03 | 5.0 MEDIUM | N/A |
| SGI MachineInfo CGI program, installed by default on some web servers, prints potentially sensitive system status information, which could be used by remote attackers for information gathering activities. | |||||
| CVE-2001-1251 | 2 Max Feoktistov, Vwebserver | 2 Small Http Server, Vwebserver | 2025-04-03 | 5.0 MEDIUM | N/A |
| SmallHTTP 1.204 through 3.00 beta 8 allows remote attackers to cause a denial of service via multiple long URL requests. | |||||
| CVE-2004-0085 | 1 Apple | 1 Mac Os X | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in the Mail application for Mac OS X 10.1.5 and 10.2.8 with unknown impact, a different vulnerability than CVE-2004-0086. | |||||
| CVE-2005-1359 | 1 Text.cgi | 1 Text.cgi | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in text.cgi script allows remote attackers to inject arbitrary web script or HTML via the argument. | |||||
| CVE-2003-1177 | 1 Atrium Software | 1 Mercur Mailserver | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the base64 decoder in MERCUR Mailserver 4.2 before SP3a allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long (1) AUTH command to the POP3 server or (2) AUTHENTICATE command to the IMAP server. | |||||
| CVE-2006-2734 | 1 Mini-nuke | 1 Mini-nuke | 2025-04-03 | 5.0 MEDIUM | N/A |
| enter.asp in Mini-Nuke 2.3 and earlier makes it easier for remote attackers to conduct password guessing attacks by setting the guvenlik parameter to the same value as the hidden gguvenlik parameter, which bypasses a verification step because the gguvenlik parameter is assumed to be immutable by the attacker. | |||||
| CVE-2005-3158 | 1 Php Fusion | 1 Php Fusion | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in messages.php in PHP-Fusion 6.00.106 and 6.00.107 allows remote attackers to execute arbitrary SQL commands via the (1) pm_email_notify and (2) pm_save_sent parameters, a different vulnerability than CVE-2005-3157 and CVE-2005-3159. | |||||
| CVE-2002-0745 | 1 Ibm | 1 Aix | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in uucp in AIX 4.3.3. | |||||
| CVE-1999-1431 | 1 Microsoft | 1 Zero Administration Kit | 2025-04-03 | 4.6 MEDIUM | N/A |
| ZAK in Appstation mode allows users to bypass the "Run only allowed apps" policy by starting Explorer from Office 97 applications (such as Word), installing software into the TEMP directory, and changing the name to that for an allowed application, such as Winword.exe. | |||||
| CVE-2006-0139 | 1 Pd9 Software | 1 Megabbs | 2025-04-03 | 5.0 MEDIUM | N/A |
| The send-private-message functionality (send-private-message.asp) in PD9 Software MegaBBS 2.1 allows remote attackers to read private messages of other users via a modified replyid parameter. | |||||
| CVE-2001-0101 | 1 Fetchmail | 1 Fetchmail | 2025-04-03 | 10.0 HIGH | N/A |
| Vulnerability in fetchmail 5.5.0-2 and earlier in the AUTHENTICATE GSSAPI command. | |||||
| CVE-2006-1450 | 1 Apple | 1 Mac Os X | 2025-04-03 | 7.5 HIGH | N/A |
| Mail in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to execute arbitrary code via an enriched text e-mail message with "invalid color information" that causes Mail to allocate and initialize arbitrary classes. | |||||
| CVE-2002-1182 | 1 Microsoft | 1 Internet Information Services | 2025-04-03 | 5.0 MEDIUM | N/A |
| IIS 5.0 and 5.1 allows remote attackers to cause a denial of service (crash) via malformed WebDAV requests that cause a large amount of memory to be assigned. | |||||
| CVE-1999-1167 | 1 Third Voice | 1 Third Voice Web | 2025-04-03 | 6.4 MEDIUM | N/A |
| Cross-site scripting vulnerability in Third Voice Web annotation utility allows remote users to read sensitive data and generate fake web pages for other Third Voice users by injecting malicious Javascript into an annotation. | |||||
| CVE-2002-1389 | 1 Typespeed | 1 Typespeed | 2025-04-03 | 4.6 MEDIUM | N/A |
| Buffer overflow in typespeed 0.4.2 and earlier allows local users to gain privileges via long input. | |||||
| CVE-2005-4272 | 1 Ibm | 1 Aix | 2025-04-03 | 10.0 HIGH | N/A |
| Multiple buffer overflows in IBM AIX 5.1, 5.2, and 5.3 allow remote attackers to execute arbitrary code via (1) muxatmd and (2) slocal. | |||||
| CVE-2004-1949 | 1 Postnuke Software Foundation | 1 Postnuke | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in PostNuke 7.2.6 and earlier allows remote attackers to execute arbitrary SQL via (1) the sif parameter to index.php in the Comments module or (2) timezoneoffset parameter to changeinfo.php in the Your_Account module. | |||||