Total
29802 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-1337 | 3 Conectiva, Gnu, Ubuntu | 3 Linux, Realtime Linux Security Module, Ubuntu Linux | 2025-04-03 | 7.2 HIGH | N/A |
| The POSIX Capability Linux Security Module (LSM) for Linux kernel 2.6 does not properly handle the credentials of a process that is launched before the module is loaded, which allows local users to gain privileges. | |||||
| CVE-2005-4695 | 1 Symantec | 1 Brightmail Antispam | 2025-04-03 | 5.0 MEDIUM | N/A |
| Symantec Brightmail AntiSpam 6.0 build 1 and 2 allows remote attackers to cause a denial of service (bmserver component termination) via malformed MIME messages. | |||||
| CVE-1999-0446 | 1 Netbsd | 1 Netbsd | 2025-04-03 | 2.1 LOW | N/A |
| Local users can perform a denial of service in NetBSD 1.3.3 and earlier versions by creating an unusual symbolic link with the ln command, triggering a bug in VFS. | |||||
| CVE-2006-0561 | 1 Cisco | 1 Secure Access Control Server | 2025-04-03 | 7.2 HIGH | N/A |
| Cisco Secure Access Control Server (ACS) 3.x for Windows stores ACS administrator passwords and the master key in the registry with insecure permissions, which allows local users and remote administrators to decrypt the passwords by using Microsoft's cryptographic API functions to obtain the plaintext version of the master key. | |||||
| CVE-2005-0675 | 1 Phpoutsourcing | 1 Zorum | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php for Zorum 3.5 allows remote attackers to inject arbitrary web script or HTML via the (1) list or (2) frommethod parameters. | |||||
| CVE-2004-1794 | 1 Vcard4j | 1 Vcard4j | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the VCard4J Toolkit allows remote attackers to inject arbitrary web script or HTML via the NICKNAME tag in a vCard. | |||||
| CVE-2004-0062 | 1 Fishnet | 1 Fishcart | 2025-04-03 | 7.5 HIGH | N/A |
| Integer overflow in the rnd arithmetic rounding function for various versions of FishCart before 3.1 allows remote attackers to "cause negative totals" via an order with a large quantity. | |||||
| CVE-1999-0220 | 2025-04-03 | 10.0 HIGH | N/A | ||
| Attackers can do a denial of service of IRC by crashing the server. | |||||
| CVE-2004-0497 | 7 Conectiva, Gentoo, Linux and 4 more | 9 Linux, Linux, Linux Kernel and 6 more | 2025-04-03 | 2.1 LOW | N/A |
| Unknown vulnerability in Linux kernel 2.x may allow local users to modify the group ID of files, such as NFS exported files in kernel 2.4. | |||||
| CVE-2001-1209 | 1 Abe Timmerman | 1 Zml.cgi | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in zml.cgi allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | |||||
| CVE-2005-3813 | 1 Mailenable | 2 Mailenable Enterprise, Mailenable Professional | 2025-04-03 | 4.0 MEDIUM | N/A |
| IMAP service (meimaps.exe) of MailEnable Professional 1.7 and Enterprise 1.1 allows remote authenticated attackers to cause a denial of service (application crash) by using RENAME with a non-existent mailbox, a different vulnerability than CVE-2005-3690. | |||||
| CVE-2002-1598 | 1 Broadcom | 1 Mlink | 2025-04-03 | 4.6 MEDIUM | N/A |
| Buffer overflows in Computer Associates MLink (CA-MLink) 6.5 and earlier may allow local users to execute arbitrary code via long command line arguments to (1) mlclear or (2) mllock. | |||||
| CVE-2004-1932 | 1 Francisco Burzi | 1 Php-nuke | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in (1) auth.php and (2) admin.php in PHP-Nuke 6.x through 7.2 allows remote attackers to execute arbitrary SQL code and create an administrator account via base64-encoded SQL in the admin parameter. | |||||
| CVE-2006-4684 | 1 Zope | 1 Zope | 2025-04-03 | 5.0 MEDIUM | N/A |
| The docutils module in Zope (Zope2) 2.7.0 through 2.7.9 and 2.8.0 through 2.8.8 does not properly handle web pages with reStructuredText (reST) markup, which allows remote attackers to read arbitrary files via a csv_table directive, a different vulnerability than CVE-2006-3458. | |||||
| CVE-2005-1368 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 1.2 LOW | N/A |
| The key_user_lookup function in security/keys/key.c in Linux kernel 2.6.10 to 2.6.11.8 may allow attackers to cause a denial of service (oops) via SMP. | |||||
| CVE-2005-3316 | 1 Symantec | 2 Discovery, On Command Discovery | 2025-04-03 | 7.5 HIGH | N/A |
| The installation of ON Symantec Discovery 4.5.x and Symantec Discovery 6.0 creates the (1) DiscoveryWeb and (2) DiscoveryRO database accounts with null passwords, which could allow attackers to gain privileges or prevent Discovery from running by setting another password. | |||||
| CVE-2001-0128 | 6 Conectiva, Debian, Freebsd and 3 more | 7 Linux, Debian Linux, Freebsd and 4 more | 2025-04-03 | 7.2 HIGH | N/A |
| Zope before 2.2.4 does not properly compute local roles, which could allow users to bypass specified access restrictions and gain privileges. | |||||
| CVE-1999-0522 | 2025-04-03 | 7.2 HIGH | N/A | ||
| The permissions for a system-critical NIS+ table (e.g. passwd) are inappropriate. | |||||
| CVE-2004-1186 | 1 Gnu | 1 Enscript | 2025-04-03 | 5.0 MEDIUM | N/A |
| Multiple buffer overflows in enscript 1.6.3 allow remote attackers or local users to cause a denial of service (application crash). | |||||
| CVE-2004-0250 | 1 Photopost | 1 Photopost Php Pro | 2025-04-03 | 10.0 HIGH | N/A |
| SQL injection vulnerability in PhotoPost PHP Pro 4.6 and earlier allows remote attackers to gain privileges via (1) the product parameter in showproduct.php or (2) the cat parameter in showcat.php. | |||||