Total
29516 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-1025 | 1 Unify | 1 Ewave Servletexec | 2025-04-03 | 5.0 MEDIUM | N/A |
| eWave ServletExec JSP/Java servlet engine, versions 3.0C and earlier, allows remote attackers to cause a denial of service via a URL that contains the "/servlet/" string, which invokes the ServletExec servlet and causes an exception if the servlet is already running. | |||||
| CVE-2002-1661 | 1 Leafnode | 1 Leafnode | 2025-04-03 | 5.0 MEDIUM | N/A |
| The leafnode server in leafnode 1.9.20 to 1.9.29 allows remote attackers to cause a denial of service (infinite loop) when leafnode requests a cross-posted article to one group whose name is a prefix of another group. | |||||
| CVE-2005-2314 | 1 Phpsftpd | 1 Phpsftpd | 2025-04-03 | 7.5 HIGH | N/A |
| inc.login.php in PHPsFTPd 0.2 through 0.4 allows remote attackers to obtain the administrator's username and password by setting the do_login parameter and performing an edit action using user.php, which causes the login check to be bypassed and leaks the password in the response. | |||||
| CVE-1999-0476 | 1 Sco | 1 Openserver | 2025-04-03 | 7.2 HIGH | N/A |
| A weak encryption algorithm is used for passwords in SCO TermVision, allowing them to be easily decrypted by a local user. | |||||
| CVE-2006-4135 | 1 Vincent Hor | 1 Calendarix | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in cal_config.inc.php in Calendarix 0.7.20060401 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the calpath parameter. NOTE: this issue has been disputed by a third party, who says that the affected $calpath variable is set to a constant value in the beginning of the script. CVE concurs that the initial report is invalid | |||||
| CVE-2004-1173 | 1 Microsoft | 1 Internet Explorer | 2025-04-03 | 7.5 HIGH | N/A |
| Internet Explorer 6 allows remote attackers to bypass the popup blocker via the document object model (DOM) methods in the DHTML Dynamic HTML (DHTML) Editing Component (DEC) and Javascript that calls showModalDialog. | |||||
| CVE-2005-1665 | 1 Microsoft | 1 Asp.net | 2025-04-03 | 5.0 MEDIUM | N/A |
| The __VIEWSTATE functionality in Microsoft ASP.NET 1.x, when not cryptographically signed, allows remote attackers to cause a denial of service (CPU consumption) via deeply nested markup. | |||||
| CVE-2005-1002 | 1 Logics Software | 1 Log-ft | 2025-04-03 | 5.0 MEDIUM | N/A |
| logwebftbs2000.exe in Logics Software File Transfer (LOG-FT) allows remote attackers to read arbitrary files via modified (1) VAR_FT_LANG and (2) VAR_FT_TMPL parameters. | |||||
| CVE-2005-3054 | 1 Php | 1 Php | 2025-04-03 | 2.1 LOW | N/A |
| fopen_wrappers.c in PHP 4.4.0, and possibly other versions, does not properly restrict access to other directories when the open_basedir directive includes a trailing slash, which allows PHP scripts in one directory to access files in other directories whose names are substrings of the original directory. | |||||
| CVE-2003-1144 | 1 Perception | 1 Liteserve | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in the log viewing interface in Perception LiteServe 1.25 through 2.2 allows remote attackers to execute arbitrary code via a GET request with a long file name. | |||||
| CVE-1999-0123 | 1 Slackware | 1 Slackware Linux | 2025-04-03 | 3.7 LOW | N/A |
| Race condition in Linux mailx command allows local users to read user files. | |||||
| CVE-2005-4314 | 1 Ppcal Shopping Cart | 1 Ppcal Shopping Cart | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in ppcal.cgi in PPCal Shopping Cart 3.3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) stop and (2) user parameters. | |||||
| CVE-1999-0533 | 2025-04-03 | 7.5 HIGH | N/A | ||
| A DNS server allows inverse queries. | |||||
| CVE-2006-3844 | 1 Pablo Software Solutions | 1 Quick N Easy Ftp Server | 2025-04-03 | 6.5 MEDIUM | N/A |
| Buffer overflow in Quick 'n Easy FTP Server 3.0 allows remote authenticated users to execute arbitrary commands via a long argument to the LIST command, a different issue than CVE-2006-2027. | |||||
| CVE-1999-1165 | 1 Gnu | 1 Fingerd | 2025-04-03 | 7.2 HIGH | N/A |
| GNU fingerd 1.37 does not properly drop privileges before accessing user information, which could allow local users to (1) gain root privileges via a malicious program in the .fingerrc file, or (2) read arbitrary files via symbolic links from .plan, .forward, or .project files. | |||||
| CVE-2006-2975 | 1 Pbl Guestbook | 1 Pbl Guestbook | 2025-04-03 | 2.6 LOW | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in pblguestbook.php in PBL Guestbook 1.31 allow remote attackers to inject arbitrary web script or HTML via javascript in the SRC attribute of IMG tags in the (1) name, (2) email, and (3) website parameter, which bypasses XSS protection mechanisms that check for SCRIPT tags but not IMG. NOTE: portions of this description's details are obtained from third party information. | |||||
| CVE-1999-0396 | 2 Netbsd, Openbsd | 2 Netbsd, Openbsd | 2025-04-03 | 2.6 LOW | N/A |
| A race condition between the select() and accept() calls in NetBSD TCP servers allows remote attackers to cause a denial of service. | |||||
| CVE-2003-0417 | 1 Super-m | 1 Son Hserver | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Son hServer 0.2 allows remote attackers to read arbitrary files via ".|." (modified dot-dot) sequences. | |||||
| CVE-1999-0211 | 1 Sun | 1 Sunos | 2025-04-03 | 5.0 MEDIUM | N/A |
| Extra long export lists over 256 characters in some mount daemons allows NFS directories to be mounted by anyone. | |||||
| CVE-2005-2248 | 1 Sven-ove Bjerkan | 1 Downloadprotect | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in DownloadProtect before 1.0.3 allows remote attackers to read files above the download folder. | |||||