Total
29802 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-3906 | 1 Cisco | 21 Adaptive Security Appliance Software, Ios, Pix Asa Ids and 18 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| Internet Key Exchange (IKE) version 1 protocol, as implemented on Cisco IOS, VPN 3000 Concentrators, and PIX firewalls, allows remote attackers to cause a denial of service (resource exhaustion) via a flood of IKE Phase-1 packets that exceed the session expiration rate. NOTE: it has been argued that this is due to a design weakness of the IKE version 1 protocol, in which case other vendors and implementations would also be affected. | |||||
| CVE-2006-0979 | 1 Nidelven It | 1 Issue Dealer | 2025-04-03 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the local weblog publisher in Nidelven IT Issue Dealer before 0.9.96 has unknown impact and attack vectors. | |||||
| CVE-2006-2398 | 1 Gphotos | 1 Gphotos | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in GPhotos 1.5 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the rep parameter. | |||||
| CVE-2005-0234 | 1 Apple | 1 Safari | 2025-04-03 | 5.0 MEDIUM | N/A |
| The International Domain Name (IDN) support in Safari 1.2.5 allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks. | |||||
| CVE-2005-3515 | 1 Chipmunk Scripts | 1 Chipmunk Topsites | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in recommend.php in Chipmunk Topsites script allows remote attackers to inject arbitrary web script or HTML via the ID parameter. | |||||
| CVE-2003-0934 | 1 Symbol Technologies | 1 Pdt | 2025-04-03 | 4.6 MEDIUM | N/A |
| Symbol Access Portable Data Terminal (PDT) 8100 does not hide the default WEP keys if they are not changed, which could allow attackers to retrieve the keys and gain access to the wireless network. | |||||
| CVE-2005-2267 | 1 Mozilla | 1 Firefox | 2025-04-03 | 7.5 HIGH | N/A |
| Firefox before 1.0.5 allows remote attackers to steal information and possibly execute arbitrary code by using standalone applications such as Flash and QuickTime to open a javascript: URL, which is run in the context of the previous page, and may lead to code execution if the standalone application loads a privileged chrome: URL. | |||||
| CVE-2005-1562 | 1 Maxwebportal | 1 Maxwebportal | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in MaxWebPortal 1.3.5 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) fpassword parameter to inc_functions.asp, (2) txtAddress, (3) message, or (4) subject parameter to post_info.asp, (5) andor parameter to search.asp, (6) verkey parameter to pop_profile.asp, or (7) Remove or (8) Delete parameter to pm_delete2.asp. | |||||
| CVE-2005-2183 | 1 Phpxmail | 1 Phpxmail | 2025-04-03 | 7.5 HIGH | N/A |
| class.xmail.php in PhpXmail 0.7 through 1.1 does not properly handle large passwords, which prevents an error message from being returned and allows remote attackers to bypass authentication and gain unauthorized access. | |||||
| CVE-2001-0347 | 1 Microsoft | 1 Windows 2000 | 2025-04-03 | 7.5 HIGH | N/A |
| Information disclosure vulnerability in Microsoft Windows 2000 telnet service allows remote attackers to determine the existence of user accounts such as Guest, or log in to the server without specifying the domain name, via a malformed userid. | |||||
| CVE-2006-1836 | 1 Symantec | 6 Liveupdate, Norton Antivirus, Norton Internet Security and 3 more | 2025-04-03 | 6.8 MEDIUM | N/A |
| Untrusted search path vulnerability in unspecified components in Symantec LiveUpdate for Macintosh 3.0.0 through 3.5.0 do not set the execution path, which allows local users to gain privileges via a Trojan horse program. | |||||
| CVE-2005-3697 | 1 Uresk Links | 1 Uresk Links | 2025-04-03 | 7.5 HIGH | N/A |
| Unspecified vulnerability in the administration interface in Uresk Links 2.0 Lite allows remote attackers to bypass authentication via unspecified vectors in index.php. | |||||
| CVE-2002-1561 | 1 Microsoft | 4 Windows 2000, Windows 2000 Terminal Services, Windows Nt and 1 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| The RPC component in Windows 2000, Windows NT 4.0, and Windows XP allows remote attackers to cause a denial of service (disabled RPC service) via a malformed packet to the RPC Endpoint Mapper at TCP port 135, which triggers a null pointer dereference. | |||||
| CVE-2002-0552 | 1 Melange | 1 Melange Chat System | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple buffer overflows in Melange Chat server 2.02 allow remote or local attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) a long argument in the /yell command, (2) long lines in the /etc/melange.conf configuration file, (3) long file names, or possibly other attacks. | |||||
| CVE-2004-0496 | 5 Gentoo, Linux, Mandrakesoft and 2 more | 13 Linux, Linux Kernel, Mandrake Linux and 10 more | 2025-04-03 | 7.2 HIGH | N/A |
| Multiple unknown vulnerabilities in Linux kernel 2.6 allow local users to gain privileges or access kernel memory, a different set of vulnerabilities than those identified in CVE-2004-0495, as found by the Sparse source code checking tool. | |||||
| CVE-2003-0631 | 1 Vmware | 2 Gsx Server, Workstation | 2025-04-03 | 7.2 HIGH | N/A |
| VMware GSX Server 2.5.1 build 4968 and earlier, and Workstation 4.0 and earlier, allows local users to gain root privileges via certain enivronment variables that are used when launching a virtual machine session. | |||||
| CVE-2001-0484 | 1 Tek | 1 Phaserlink | 2025-04-03 | 6.4 MEDIUM | N/A |
| Tektronix PhaserLink 850 does not require authentication for access to configuration pages such as _ncl_subjects.shtml and _ncl_items.shtml, which allows remote attackers to modify configuration information and cause a denial of service by accessing the pages. | |||||
| CVE-2000-0659 | 1 Analogx | 1 Proxy | 2025-04-03 | 5.0 MEDIUM | N/A |
| Buffer overflow in AnalogX proxy server 4.04 and earlier allows remote attackers to cause a denial of service via a long user ID in a SOCKS4 CONNECT request. | |||||
| CVE-2004-1915 | 1 Lcdproc | 1 Lcdproc | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the parse_all_client_messages function in LCDproc 0.4.x up to 0.4.4 allows remote attackers to execute arbitrary code via a large number of arguments. | |||||
| CVE-2004-2407 | 1 Phpgroupware | 1 Phpgroupware | 2025-04-03 | 10.0 HIGH | N/A |
| Unknown vulnerability in phpGroupWare before 0.9.14.002 has unknown attack vectors and impact, related to a "security hole" in the Setup/Config functionality. | |||||