Total
29801 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-4314 | 1 Ppcal Shopping Cart | 1 Ppcal Shopping Cart | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in ppcal.cgi in PPCal Shopping Cart 3.3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) stop and (2) user parameters. | |||||
| CVE-1999-0533 | 2025-04-03 | 7.5 HIGH | N/A | ||
| A DNS server allows inverse queries. | |||||
| CVE-2006-3844 | 1 Pablo Software Solutions | 1 Quick N Easy Ftp Server | 2025-04-03 | 6.5 MEDIUM | N/A |
| Buffer overflow in Quick 'n Easy FTP Server 3.0 allows remote authenticated users to execute arbitrary commands via a long argument to the LIST command, a different issue than CVE-2006-2027. | |||||
| CVE-1999-1165 | 1 Gnu | 1 Fingerd | 2025-04-03 | 7.2 HIGH | N/A |
| GNU fingerd 1.37 does not properly drop privileges before accessing user information, which could allow local users to (1) gain root privileges via a malicious program in the .fingerrc file, or (2) read arbitrary files via symbolic links from .plan, .forward, or .project files. | |||||
| CVE-2006-2975 | 1 Pbl Guestbook | 1 Pbl Guestbook | 2025-04-03 | 2.6 LOW | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in pblguestbook.php in PBL Guestbook 1.31 allow remote attackers to inject arbitrary web script or HTML via javascript in the SRC attribute of IMG tags in the (1) name, (2) email, and (3) website parameter, which bypasses XSS protection mechanisms that check for SCRIPT tags but not IMG. NOTE: portions of this description's details are obtained from third party information. | |||||
| CVE-1999-0396 | 2 Netbsd, Openbsd | 2 Netbsd, Openbsd | 2025-04-03 | 2.6 LOW | N/A |
| A race condition between the select() and accept() calls in NetBSD TCP servers allows remote attackers to cause a denial of service. | |||||
| CVE-2003-0417 | 1 Super-m | 1 Son Hserver | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Son hServer 0.2 allows remote attackers to read arbitrary files via ".|." (modified dot-dot) sequences. | |||||
| CVE-1999-0211 | 1 Sun | 1 Sunos | 2025-04-03 | 5.0 MEDIUM | N/A |
| Extra long export lists over 256 characters in some mount daemons allows NFS directories to be mounted by anyone. | |||||
| CVE-2005-2248 | 1 Sven-ove Bjerkan | 1 Downloadprotect | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in DownloadProtect before 1.0.3 allows remote attackers to read files above the download folder. | |||||
| CVE-2004-1158 | 3 Kde, Mandrakesoft, Redhat | 3 Konqueror, Mandrake Linux, Fedora Core | 2025-04-03 | 7.5 HIGH | N/A |
| Konqueror 3.x up to 3.2.2-6, and possibly other versions, allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window or tab whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the "window injection" vulnerability. | |||||
| CVE-2001-1554 | 1 Ibm | 1 Aix | 2025-04-03 | 5.0 MEDIUM | N/A |
| IBM AIX 430 does not properly unlock IPPMTU_LOCK, which allows remote attackers to cause a denial of service (hang) via Path Maximum Transmit Unit (PMTU) IP packets. | |||||
| CVE-2004-2449 | 1 Gamespy | 2 Roger Wilco Dedicated Server, Roger Wilco Graphical Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Roger Wilco 1.4.1.6 and earlier or Roger Wilco Base Station 0.30a and earlier allows remote attackers to cause a denial of service (application crash) via a long, malformed UDP datagram. | |||||
| CVE-2003-0993 | 1 Apache | 1 Http Server | 2025-04-03 | 7.5 HIGH | N/A |
| mod_access in Apache 1.3 before 1.3.30, when running big-endian 64-bit platforms, does not properly parse Allow/Deny rules using IP addresses without a netmask, which could allow remote attackers to bypass intended access restrictions. | |||||
| CVE-2005-3290 | 1 Accelerated Enterprise Solutions | 1 Accelerated Mortgage Manager | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Accelerated Mortgage Manager allows remote attackers to execute arbitrary SQL commands via the password field. | |||||
| CVE-2000-0042 | 1 Csm | 1 Mail Server | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in CSM mail server allows remote attackers to cause a denial of service or execute commands via a long HELO command. | |||||
| CVE-2006-0839 | 1 Sourcefire | 1 Snort | 2025-04-03 | 5.0 MEDIUM | N/A |
| The frag3 preprocessor in Sourcefire Snort 2.4.3 does not properly reassemble certain fragmented packets with IP options, which allows remote attackers to evade detection of certain attacks, possibly related to IP option lengths. | |||||
| CVE-2004-2311 | 1 Ibm | 1 Lotus Domino | 2025-04-03 | 3.6 LOW | N/A |
| Directory traversal vulnerability in webadmin.nsf in Lotus Domino R6 6.5.1 allows local users to create folders or determine the existence of files via a .. (dot dot) in the new folder dialog. | |||||
| CVE-2000-0482 | 1 Checkpoint | 1 Firewall-1 | 2025-04-03 | 5.0 MEDIUM | N/A |
| Check Point Firewall-1 allows remote attackers to cause a denial of service by sending a large number of malformed fragmented IP packets. | |||||
| CVE-2004-0293 | 1 Shopcartcgi | 1 Shopcartcgi | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in ShopCartCGI 2.3 allows remote attackers to retrieve arbitrary files via a .. (dot dot) in a HTTP request to (1) gotopage.cgi or (2) genindexpage.cgi. | |||||
| CVE-2005-4319 | 1 Limbo Cms | 1 Limbo Cms | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in index2.php in Limbo CMS 1.0.4.2 and earlier allows remote attackers to include arbitrary PHP files via ".." sequences in the option parameter. | |||||