Total
29800 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-2379 | 1 Calacode | 1 At Mail Webmail System | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in @Mail 3.64 for Windows allow remote attackers to inject arbitrary web script or HTML via (1) the Displayed Name attribute in util.pl and (2) the Folder attribute in showmail.pl. | |||||
| CVE-2003-0607 | 1 Stanley T. Shebs | 1 Xconq | 2025-04-03 | 4.6 MEDIUM | N/A |
| Buffer overflow in xconq 7.4.1 allows local users to become part of the "games" group via the (1) USER or (2) DISPLAY environment variables. | |||||
| CVE-2006-0923 | 1 Myphpnuke | 1 Myphpnuke | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in MyPHPNuke (MPN) 1.88 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the letter parameter in reviews.php and (2) the dcategory parameter in download.php. | |||||
| CVE-2006-2821 | 1 Deltascripts | 1 Pro Publish | 2025-04-03 | 6.8 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in DeltaScripts Pro Publish allow remote attackers to inject arbitrary web script or HTML via the (1) artid parameter in art.php and the (2) catname parameter in cat.php. | |||||
| CVE-1999-0257 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 5.0 MEDIUM | N/A |
| Nestea variation of teardrop IP fragmentation denial of service. | |||||
| CVE-2002-0312 | 1 Essen | 1 Essentia Web Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Essentia Web Server 2.1 allows remote attackers to read arbitrary files via a .. (dot dot) in a URL. | |||||
| CVE-2001-1573 | 1 Trend Micro | 1 Interscan Viruswall | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in smtpscan.dll for Trend Micro InterScan VirusWall 3.51 for Windows NT has allows remote attackers to execute arbitrary code via a certain configuration parameter. | |||||
| CVE-2004-1160 | 1 Netscape | 1 Navigator | 2025-04-03 | 7.5 HIGH | N/A |
| Netscape 7.x to 7.2, and possibly other versions, allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the "window injection" vulnerability. | |||||
| CVE-2000-1025 | 1 Unify | 1 Ewave Servletexec | 2025-04-03 | 5.0 MEDIUM | N/A |
| eWave ServletExec JSP/Java servlet engine, versions 3.0C and earlier, allows remote attackers to cause a denial of service via a URL that contains the "/servlet/" string, which invokes the ServletExec servlet and causes an exception if the servlet is already running. | |||||
| CVE-2002-1661 | 1 Leafnode | 1 Leafnode | 2025-04-03 | 5.0 MEDIUM | N/A |
| The leafnode server in leafnode 1.9.20 to 1.9.29 allows remote attackers to cause a denial of service (infinite loop) when leafnode requests a cross-posted article to one group whose name is a prefix of another group. | |||||
| CVE-2005-2314 | 1 Phpsftpd | 1 Phpsftpd | 2025-04-03 | 7.5 HIGH | N/A |
| inc.login.php in PHPsFTPd 0.2 through 0.4 allows remote attackers to obtain the administrator's username and password by setting the do_login parameter and performing an edit action using user.php, which causes the login check to be bypassed and leaks the password in the response. | |||||
| CVE-1999-0476 | 1 Sco | 1 Openserver | 2025-04-03 | 7.2 HIGH | N/A |
| A weak encryption algorithm is used for passwords in SCO TermVision, allowing them to be easily decrypted by a local user. | |||||
| CVE-2006-4135 | 1 Vincent Hor | 1 Calendarix | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in cal_config.inc.php in Calendarix 0.7.20060401 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the calpath parameter. NOTE: this issue has been disputed by a third party, who says that the affected $calpath variable is set to a constant value in the beginning of the script. CVE concurs that the initial report is invalid | |||||
| CVE-2004-1173 | 1 Microsoft | 1 Internet Explorer | 2025-04-03 | 7.5 HIGH | N/A |
| Internet Explorer 6 allows remote attackers to bypass the popup blocker via the document object model (DOM) methods in the DHTML Dynamic HTML (DHTML) Editing Component (DEC) and Javascript that calls showModalDialog. | |||||
| CVE-2005-1665 | 1 Microsoft | 1 Asp.net | 2025-04-03 | 5.0 MEDIUM | N/A |
| The __VIEWSTATE functionality in Microsoft ASP.NET 1.x, when not cryptographically signed, allows remote attackers to cause a denial of service (CPU consumption) via deeply nested markup. | |||||
| CVE-2005-1002 | 1 Logics Software | 1 Log-ft | 2025-04-03 | 5.0 MEDIUM | N/A |
| logwebftbs2000.exe in Logics Software File Transfer (LOG-FT) allows remote attackers to read arbitrary files via modified (1) VAR_FT_LANG and (2) VAR_FT_TMPL parameters. | |||||
| CVE-2005-3054 | 1 Php | 1 Php | 2025-04-03 | 2.1 LOW | N/A |
| fopen_wrappers.c in PHP 4.4.0, and possibly other versions, does not properly restrict access to other directories when the open_basedir directive includes a trailing slash, which allows PHP scripts in one directory to access files in other directories whose names are substrings of the original directory. | |||||
| CVE-2003-1144 | 1 Perception | 1 Liteserve | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in the log viewing interface in Perception LiteServe 1.25 through 2.2 allows remote attackers to execute arbitrary code via a GET request with a long file name. | |||||
| CVE-1999-0123 | 1 Slackware | 1 Slackware Linux | 2025-04-03 | 3.7 LOW | N/A |
| Race condition in Linux mailx command allows local users to read user files. | |||||
| CVE-2005-4314 | 1 Ppcal Shopping Cart | 1 Ppcal Shopping Cart | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in ppcal.cgi in PPCal Shopping Cart 3.3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) stop and (2) user parameters. | |||||