Total
29514 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-2786 | 1 Mozilla | 2 Firefox, Thunderbird | 2025-04-03 | 2.6 LOW | N/A |
| HTTP response smuggling vulnerability in Mozilla Firefox and Thunderbird before 1.5.0.4, when used with certain proxy servers, allows remote attackers to cause Firefox to interpret certain responses as if they were responses from two different sites via (1) invalid HTTP response headers with spaces between the header name and the colon, which might not be ignored in some cases, or (2) HTTP 1.1 headers through an HTTP 1.0 proxy, which are ignored by the proxy but processed by the client. | |||||
| CVE-2005-1354 | 1 Forum.pl | 1 Forum.pl | 2025-04-03 | 7.5 HIGH | N/A |
| The forum.pl script allows remote attackers to execute arbitrary commands via shell metacharacters in the argument. | |||||
| CVE-2002-0042 | 1 Sgi | 1 Irix | 2025-04-03 | 2.1 LOW | N/A |
| Vulnerability in the XFS file system for SGI IRIX before 6.5.12 allows local users to cause a denial of service (hang) by creating a file that is not properly processed by XFS. | |||||
| CVE-1999-1448 | 1 Qualcomm | 2 Eudora, Eudora Light | 2025-04-03 | 5.0 MEDIUM | N/A |
| Eudora and Eudora Light before 3.05 allows remote attackers to cause a crash and corrupt the user's mailbox via an e-mail message with certain dates, such as (1) dates before 1970, which cause a Divide By Zero error, or (2) dates that are 100 years after the current date, which causes a segmentation fault. | |||||
| CVE-2005-4827 | 2 Canon, Microsoft | 3 Network Camera Server Vb101, Ie, Internet Explorer | 2025-04-03 | 7.5 HIGH | N/A |
| Internet Explorer 6.0, and possibly other versions, allows remote attackers to bypass the same origin security policy and make requests outside of the intended domain by calling open on an XMLHttpRequest object (Microsoft.XMLHTTP) and using tab, newline, and carriage return characters within the first argument (method name), which is supported by some proxy servers that convert tabs to spaces. NOTE: this issue can be leveraged to conduct referer spoofing, HTTP Request Smuggling, and other attacks. | |||||
| CVE-1999-0765 | 1 Sgi | 1 Irix | 2025-04-03 | 10.0 HIGH | N/A |
| SGI IRIX midikeys program allows local users to modify arbitrary files via a text editor. | |||||
| CVE-2006-4303 | 1 Sun | 1 Solaris | 2025-04-03 | 2.6 LOW | N/A |
| Race condition in (1) libnsl and (2) TLI/XTI API routines in Sun Solaris 10 allows remote attackers to cause a denial of service ("tight loop" and CPU consumption for listener applications) via unknown vectors related to TCP fusion (do_tcp_fusion). | |||||
| CVE-1999-1141 | 1 Ascom | 1 Timeplex Routers | 2025-04-03 | 7.5 HIGH | N/A |
| Ascom Timeplex router allows remote attackers to obtain sensitive information or conduct unauthorized activities by entering debug mode through a sequence of CTRL-D characters. | |||||
| CVE-2006-2830 | 1 Tibco | 3 Hawk, Rendezvous, Runtime Agent | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in TIBCO Rendezvous before 7.5.1, TIBCO Runtime Agent (TRA) before 5.4, and Hawk before 4.6.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the HTTP administrative interface. | |||||
| CVE-1999-1085 | 1 Ssh | 1 Secure Shell | 2025-04-03 | 5.0 MEDIUM | N/A |
| SSH 1.2.25, 1.2.23, and other versions, when used in in CBC (Cipher Block Chaining) or CFB (Cipher Feedback 64 bits) modes, allows remote attackers to insert arbitrary data into an existing stream between an SSH client and server by using a known plaintext attack and computing a valid CRC-32 checksum for the packet, aka the "SSH insertion attack." | |||||
| CVE-2005-4764 | 1 Bea | 1 Weblogic Server | 2025-04-03 | 7.8 HIGH | N/A |
| BEA WebLogic Server and WebLogic Express 9.0, 8.1, and 7.0 lock out the admin user account after multiple incorrect password guesses, which allows remote attackers who know or guess the admin account name to cause a denial of service (blocked admin logins). | |||||
| CVE-2005-3339 | 1 Mantis | 1 Mantis | 2025-04-03 | 7.2 HIGH | N/A |
| Mantis before 0.19.3 caches the User ID longer than necessary, which has unknown impact and attack vectors. | |||||
| CVE-2005-1041 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 2.1 LOW | N/A |
| The fib_seq_start function in fib_hash.c in Linux kernel allows local users to cause a denial of service (system crash) via /proc/net/route. | |||||
| CVE-1999-0810 | 1 Samba | 1 Samba | 2025-04-03 | 10.0 HIGH | N/A |
| Denial of service in Samba NETBIOS name service daemon (nmbd). | |||||
| CVE-2000-0921 | 1 Hassan Consulting | 1 Shopping Cart | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Hassan Consulting shop.cgi shopping cart program allows remote attackers to read arbitrary files via a .. (dot dot) attack on the page parameter. | |||||
| CVE-2005-2990 | 1 Linecontrol | 1 Java Client | 2025-04-03 | 2.1 LOW | N/A |
| AuthInfo.java in LineContol Java Client (jlc) before 0.8.1 stores sensitive information such as user passwords in log files. | |||||
| CVE-2006-0774 | 1 Lawrence Osiris | 1 Db Esession | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in deleteSession() in DB_eSession library 1.0.2 and earlier, as used in multiple products, allows remote attackers to execute arbitrary SQL commands via the $_sess_id_set variable, which is usually derived from PHPSESSID. | |||||
| CVE-2000-0842 | 1 Sco | 1 Unixware | 2025-04-03 | 5.0 MEDIUM | N/A |
| The search97cgi/vtopic" in the UnixWare 7 scohelphttp webserver allows remote attackers to read arbitrary files via a .. (dot dot) attack. | |||||
| CVE-2005-1832 | 1 Mybulletinboard | 1 Mybulletinboard | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in MyBulletinBoard (MyBB) 1.00 RC4 and earlier allow remote attackers to execute arbitrary web script or HTML via the (1) forums, (2) version, or (3) limit parameter to misc.php, (4) page or (5) datecut parameter to forumdisplay.php, (6) username, (7) email, or (8) email2 parameter to member.php, (9) page or (10) usersearch parameter to memberlist.php, (11) pid or (12) tid parameter to showthread.php, or (13) tid parameter to printthread.php. | |||||
| CVE-2005-0656 | 1 Arif Supriyanto | 1 Auracms | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in auraCMS 1.5 allow remote attackers to inject arbitrary web script or HTML via the (1) hits parameter to hits.php, (2) query parameter to index.php, or (3) theCount parameter to counter.php. | |||||