Total
29514 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0150 | 2 Checkpoint, Cisco | 2 Firewall-1, Pix Firewall Software | 2025-04-03 | 7.5 HIGH | N/A |
| Check Point Firewall-1 allows remote attackers to bypass port access restrictions on an FTP server by forcing it to send malicious packets that Firewall-1 misinterprets as a valid 227 response to a client's PASV attempt. | |||||
| CVE-2006-3559 | 1 Arif Supriyanto | 1 Auracms | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Arif Supriyanto auraCMS 1.62 allow remote attackers to execute arbitrary SQL commands and delete all shoutbox messages via the (1) name and (2) pesan parameters. | |||||
| CVE-2003-0602 | 1 Mozilla | 1 Bugzilla | 2025-04-03 | 6.8 MEDIUM | N/A |
| Multiple cross-site scripting vulnerabilities (XSS) in Bugzilla 2.16.x before 2.16.3 and 2.17.x before 2.17.4 allow remote attackers to insert arbitrary HTML or web script via (1) multiple default German and Russian HTML templates or (2) ALT and NAME attributes in AREA tags as used by the GraphViz graph generation feature for local dependency graphs. | |||||
| CVE-2006-0546 | 1 Egeinternet | 1 Egeinternet | 2025-04-03 | 7.5 HIGH | N/A |
| Unspecified vulnerability in index.php in a certain application available from /v1/tr/portfoy.php on www.egeinternet.com allows remote attackers to execute arbitrary code via "evilcode" in the key parameter, possibly a PHP remote file include vulnerability in which the attack vector is a URL in the key parameter. NOTE: it is not clear whether this vulnerability is associated with an online service or application service provider. If so, then it should not be included in CVE. | |||||
| CVE-2005-4330 | 1 Ihtml Merchant | 1 Ihtml Merchant Mall | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in browse.ihtml in iHTML Merchant Mall allows remote attackers to execute arbitrary SQL commands via the (1) id, (2) store, and (3) step parameters. | |||||
| CVE-2002-0911 | 1 Caldera | 1 Volution Manager | 2025-04-03 | 7.2 HIGH | N/A |
| Caldera Volution Manager 1.1 stores the Directory Administrator password in cleartext in the slapd.conf file, which could allow local users to gain privileges. | |||||
| CVE-2006-1537 | 1 Webcalendar | 1 Webcalendar | 2025-04-03 | 5.0 MEDIUM | N/A |
| Craig Knudsen WebCalendar 1.1.0-CVS allows remote attackers to obtain sensitive information via a direct request to (1) includes/index.php, (2) tests/add_duration_test.php, (3) tests/all_tests.php, (4) groups.php, (5) nonusers.php, (6) includes/settings.php, (7) includes/init.php, (8) includes/settings.php.orig, (9) includes/js/admin.php, (10) includes/js/edit_entry.php, (11) includes/js/edit_layer.php, (12) includes/js/export_import.php, (13) includes/js/popups.php, (14) includes/js/pref.php, or (15) includes/menu/index.php, which reveal the path in various error messages. | |||||
| CVE-2003-1072 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 2.1 LOW | N/A |
| Memory leak in lofiadm in Solaris 8 allows local users to cause a denial of service (kernel memory consumption). | |||||
| CVE-2004-1026 | 3 Enlightenment, Gentoo, Redhat | 3 Imlib, Linux, Linux | 2025-04-03 | 10.0 HIGH | N/A |
| Multiple integer overflows in the image handler for imlib 1.9.14 and earlier, which is used by gkrellm and several window managers, allow remote attackers to cause a denial of service (application crash) and execute arbitrary code via certain image files. | |||||
| CVE-2002-0972 | 1 Postgresql | 1 Postgresql | 2025-04-03 | 4.6 MEDIUM | N/A |
| Buffer overflows in PostgreSQL 7.2 allow attackers to cause a denial of service and possibly execute arbitrary code via long arguments to the functions (1) lpad or (2) rpad. | |||||
| CVE-2001-0391 | 1 Imatix | 1 Xitami | 2025-04-03 | 5.0 MEDIUM | N/A |
| Xitami 2.5d4 and earlier allows remote attackers to crash the server via an HTTP request to the /aux directory. | |||||
| CVE-2005-0342 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | 2.1 LOW | N/A |
| The Finder in Mac OS X and earlier allows local users to overwrite arbitrary files and gain privileges by creating a hard link from the .DS_Store file to an arbitrary file. | |||||
| CVE-2001-0508 | 1 Microsoft | 1 Internet Information Services | 2025-04-03 | 5.0 MEDIUM | N/A |
| Vulnerability in IIS 5.0 allows remote attackers to cause a denial of service (restart) via a long, invalid WebDAV request. | |||||
| CVE-2005-2157 | 1 Nabocorp | 1 Nabopoll | 2025-04-03 | 5.0 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in survey.inc.php for nabopoll 1.2 allows remote attackers to execute arbitrary PHP code via the path parameter. | |||||
| CVE-1999-0550 | 2025-04-03 | 7.5 HIGH | N/A | ||
| A router's routing tables can be obtained from arbitrary hosts. | |||||
| CVE-2005-2403 | 1 Realchat | 1 Realchat | 2025-04-03 | 5.0 MEDIUM | N/A |
| The login protocol in RealChat 3.5.1b does not use authentication, which allows remote attackers to log on as other users by sniffing the beginning of a chat session and replaying it via a modified username. | |||||
| CVE-2006-4883 | 1 Idevspot | 1 Bizdirectory | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in IDevSpot BizDirectory allow remote attackers to inject arbitrary web script or HTML via (1) the stylesheet parameter in Feed.php or (2) the message parameter in status.php. | |||||
| CVE-2002-0417 | 1 Endymion | 1 Mailman Webmail | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Endymion MailMan before 3.1 allows remote attackers to read arbitrary files via a .. (dot dot) and a null character in the ALTERNATE_TEMPLATES parameter for various mmstdo*.cgi programs. | |||||
| CVE-1999-1439 | 1 Gcc | 1 Gcc | 2025-04-03 | 2.1 LOW | N/A |
| gcc 2.7.2 allows local users to overwrite arbitrary files via a symlink attack on temporary .i, .s, or .o files. | |||||
| CVE-2000-0169 | 1 Oracle | 1 Application Server | 2025-04-03 | 7.5 HIGH | N/A |
| Batch files in the Oracle web listener ows-bin directory allow remote attackers to execute commands via a malformed URL that includes '?&'. | |||||