Total
29516 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0975 | 1 Anaconda Partners | 1 Foundation Directory | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in apexec.pl in Anaconda Foundation Directory allows remote attackers to read arbitrary files via a .. (dot dot) attack. | |||||
| CVE-2000-1038 | 1 Ibm | 1 As400 Firewall | 2025-04-03 | 5.0 MEDIUM | N/A |
| The web administration interface for IBM AS/400 Firewall allows remote attackers to cause a denial of service via an empty GET request. | |||||
| CVE-2001-1377 | 11 Freeradius, Gnu, Icradius and 8 more | 11 Freeradius, Radius, Icradius and 8 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| Multiple RADIUS implementations do not properly validate the Vendor-Length of the Vendor-Specific attribute, which allows remote attackers to cause a denial of service (crash) via a Vendor-Length that is less than 2. | |||||
| CVE-2002-2023 | 1 Yamaguchi | 1 Shingo Beep2 | 2025-04-03 | 2.1 LOW | N/A |
| The get_parameter_from_freqency_source function in beep2 1.0, 1.1 and 1.2, when installed setuid root, allows local users to read arbitrary files via unknown attack vectors. | |||||
| CVE-2001-1301 | 2 Gnu, Xemacs | 2 Emacs, Xemacs | 2025-04-03 | 1.2 LOW | N/A |
| rcs2log, as used in Emacs 20.4, xemacs 21.1.10 and other versions before 21.4, and possibly other packages, allows local users to modify files of other users via a symlink attack on a temporary file. | |||||
| CVE-2005-1961 | 1 Objectweb | 1 Consortium C-jdbc | 2025-04-03 | 4.6 MEDIUM | N/A |
| Unknown vulnerability in ObjectWeb Consortium C-JDBC before 1.3.1 allows local users to bypass intended access restrictions and obtain the cache results from another user. | |||||
| CVE-2000-0290 | 1 4d | 1 Webstar Http Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Buffer overflow in Webstar HTTP server allows remote attackers to cause a denial of service via a long GET request. | |||||
| CVE-2005-3230 | 1 Panda | 1 Activescan | 2025-04-03 | 5.1 MEDIUM | N/A |
| Multiple interpretation error in unspecified versions of Panda Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper. | |||||
| CVE-2006-1568 | 1 Redcms | 1 Redcms | 2025-04-03 | 5.1 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in register.php in RedCMS 0.1 allow remote attackers to inject arbitrary web script or HTML via the (1) email, (2) location, or (3) website parameters. | |||||
| CVE-2005-3197 | 1 Webroot Software | 1 Desktop Firewall | 2025-04-03 | 7.2 HIGH | N/A |
| Stack-based buffer overflow in PWIWrapper.dll for Webroot Desktop Firewall before 1.3.0build52 allows local users to execute arbitrary code as SYSTEM by sending a crafted DeviceIoControl command, then removing an allowed program from the firewall list. | |||||
| CVE-2005-3447 | 1 Oracle | 2 Application Server, Database Server | 2025-04-03 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Single Sign-On in Oracle Database Server 10g up to 10.1.0.4.2 and Application Server 9.0.2.3 up to 9.0.4.2 has unknown impact and attack vectors, aka Oracle Vuln# DB33 and AS08. | |||||
| CVE-2005-1643 | 1 Jorg Ruppel | 1 Zoidcom | 2025-04-03 | 5.0 MEDIUM | N/A |
| The ZCom_BitStream::Deserialize function in Zoidcom 1.0 beta 4 and earlier allows remote attackers to cause a denial of service via a crafted UDP packet with a large size value, which causes a memory allocation error or an out-of-bounds read. | |||||
| CVE-2005-3545 | 1 Ibproarcade | 1 Ibproarcade | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php of the report module in ibProArcade 2.5.2 and earlier allows remote attackers to execute arbitrary SQL commands via the user parameter. | |||||
| CVE-2002-0980 | 1 Microsoft | 1 Internet Explorer | 2025-04-03 | 7.5 HIGH | N/A |
| The Web Folder component for Internet Explorer 5.5 and 6.0 writes an error message to a known location in the temporary folder, which allows remote attackers to execute arbitrary code by injecting it into the error message, then referring to the error message file via a mhtml: URL. | |||||
| CVE-2002-1089 | 1 Oracle | 2 Application Server, Reports | 2025-04-03 | 5.0 MEDIUM | N/A |
| rwcgi60 CGI program in Oracle Reports Server, by design, provides sensitive information such as the full pathname, which could enable remote attackers to use the information in additional attacks. | |||||
| CVE-2002-0453 | 1 Oblix | 1 Netpoint | 2025-04-03 | 7.5 HIGH | N/A |
| The account lockout capability in Oblix NetPoint 5.2 and earlier only locks out users once for the specified lockout period, which makes it easier for remote attackers to conduct brute force password guessing by waiting until the lockout period ends, then guessing passwords without being locked out again. | |||||
| CVE-2004-1620 | 1 S9y | 1 Serendipity | 2025-04-03 | 5.0 MEDIUM | N/A |
| CRLF injection vulnerability in Serendipity before 0.7rc1 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the url parameter in (1) index.php and (2) exit.php, or (3) the HTTP Referer field in comment.php. | |||||
| CVE-2003-0287 | 1 Six Apart | 1 Movable Type | 2025-04-03 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Movable Type before 2.6, and possibly other versions including 2.63, allows remote attackers to insert arbitrary web script or HTML via the Name textbox, possibly when the "Allow HTML in comments?" option is enabled. | |||||
| CVE-2001-0953 | 1 Nara Vision | 1 Kebi Community | 2025-04-03 | 10.0 HIGH | N/A |
| Kebi WebMail allows remote attackers to access the administrator menu and gain privileges via the /a/ hidden directory, which is installed under the web document root. | |||||
| CVE-2005-1817 | 1 Invision Power Services | 1 Invision Board | 2025-04-03 | 5.0 MEDIUM | N/A |
| Invision Power Board (IPB) 1.0 through 1.3 allows remote attackers to edit arbitrary forum posts via a direct request to index.php with modified parameters. | |||||