Total
29802 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-3339 | 1 Mantis | 1 Mantis | 2025-04-03 | 7.2 HIGH | N/A |
| Mantis before 0.19.3 caches the User ID longer than necessary, which has unknown impact and attack vectors. | |||||
| CVE-2005-1041 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 2.1 LOW | N/A |
| The fib_seq_start function in fib_hash.c in Linux kernel allows local users to cause a denial of service (system crash) via /proc/net/route. | |||||
| CVE-1999-0810 | 1 Samba | 1 Samba | 2025-04-03 | 10.0 HIGH | N/A |
| Denial of service in Samba NETBIOS name service daemon (nmbd). | |||||
| CVE-2000-0921 | 1 Hassan Consulting | 1 Shopping Cart | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Hassan Consulting shop.cgi shopping cart program allows remote attackers to read arbitrary files via a .. (dot dot) attack on the page parameter. | |||||
| CVE-2005-2990 | 1 Linecontrol | 1 Java Client | 2025-04-03 | 2.1 LOW | N/A |
| AuthInfo.java in LineContol Java Client (jlc) before 0.8.1 stores sensitive information such as user passwords in log files. | |||||
| CVE-2006-0774 | 1 Lawrence Osiris | 1 Db Esession | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in deleteSession() in DB_eSession library 1.0.2 and earlier, as used in multiple products, allows remote attackers to execute arbitrary SQL commands via the $_sess_id_set variable, which is usually derived from PHPSESSID. | |||||
| CVE-2000-0842 | 1 Sco | 1 Unixware | 2025-04-03 | 5.0 MEDIUM | N/A |
| The search97cgi/vtopic" in the UnixWare 7 scohelphttp webserver allows remote attackers to read arbitrary files via a .. (dot dot) attack. | |||||
| CVE-2005-1832 | 1 Mybulletinboard | 1 Mybulletinboard | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in MyBulletinBoard (MyBB) 1.00 RC4 and earlier allow remote attackers to execute arbitrary web script or HTML via the (1) forums, (2) version, or (3) limit parameter to misc.php, (4) page or (5) datecut parameter to forumdisplay.php, (6) username, (7) email, or (8) email2 parameter to member.php, (9) page or (10) usersearch parameter to memberlist.php, (11) pid or (12) tid parameter to showthread.php, or (13) tid parameter to printthread.php. | |||||
| CVE-2005-0656 | 1 Arif Supriyanto | 1 Auracms | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in auraCMS 1.5 allow remote attackers to inject arbitrary web script or HTML via the (1) hits parameter to hits.php, (2) query parameter to index.php, or (3) theCount parameter to counter.php. | |||||
| CVE-2006-1745 | 1 Bitweaver | 1 Bitweaver | 2025-04-03 | 2.6 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in login.php in Bitweaver 1.3 allows remote attackers to inject arbitrary web script or HTML via the error parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2005-0530 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 2.1 LOW | N/A |
| Signedness error in the copy_from_read_buf function in n_tty.c for Linux kernel 2.6.10 and 2.6.11rc1 allows local users to read kernel memory via a negative argument. | |||||
| CVE-2002-0396 | 1 Red-m | 1 1050ap Lan Acess Point | 2025-04-03 | 7.5 HIGH | N/A |
| The web management server for Red-M 1050 (Bluetooth Access Point) does not use session-based credentials to authenticate users, which allows attackers to connect to the server from the same IP address as a user who has already established a session. | |||||
| CVE-2005-4266 | 1 Alt-n | 2 Mdaemon, Worldclient | 2025-04-03 | 7.5 HIGH | N/A |
| WorldClient.dll in Alt-N MDaemon and WorldClient 8.1.3 trusts a Session parameter that contains a randomly generated session ID that is associated with a username, which allows remote attackers to perform actions as other users by guessing or sniffing the random value. | |||||
| CVE-2002-1628 | 1 Mike Spice | 1 Mikes Vote Cgi | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in vote.cgi for Mike Spice Mike's Vote CGI before 1.3 allows remote attackers to write arbitrary files via .. (dot dot) sequences in the type parameter. | |||||
| CVE-2006-3234 | 1 Looknet | 1 Fineshop | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in index.php in FineShop 3.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) produkt, (2) id_produc, and (3) id_kat parameters. | |||||
| CVE-2005-2295 | 1 Pyrosoft Inc | 1 Netpanzer | 2025-04-03 | 5.0 MEDIUM | N/A |
| NetPanzer 0.8 and earlier allows remote attackers to cause a denial of service (infinite loop) via a packet with a zero datablock size. | |||||
| CVE-2006-2479 | 1 Bitrix | 1 Bitrix Site Manager | 2025-04-03 | 5.0 MEDIUM | N/A |
| The Update functionality in Bitrix Site Manager 4.1.x does not verify the authenticity of downloaded updates, which allows remote attackers to obtain sensitive information and ultimately execute arbitrary PHP code via DNS cache poisoning that redirects the user to a malicious site. | |||||
| CVE-2002-1306 | 1 Kde | 1 Kde | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple buffer overflows in LISa on KDE 2.x for 2.1 and later, and KDE 3.x before 3.0.4, allow (1) local and possibly remote attackers to execute arbitrary code via the "lisa" daemon, and (2) remote attackers to execute arbitrary code via a certain "lan://" URL. | |||||
| CVE-2002-2243 | 1 Akfingerd | 1 Akfingerd | 2025-04-03 | 5.0 MEDIUM | N/A |
| Akfingerd 0.5 and possibly earlier versions only allows one connection at a time and does not time out connections, which allows remote attackers to cause a denial of service (refused connections) by opening a connection and not closing it. | |||||
| CVE-2000-0942 | 1 Microsoft | 1 Indexing Service | 2025-04-03 | 5.1 MEDIUM | N/A |
| The CiWebHitsFile component in Microsoft Indexing Services for Windows 2000 allows remote attackers to conduct a cross site scripting (CSS) attack via a CiRestriction parameter in a .htw request, aka the "Indexing Services Cross Site Scripting" vulnerability. | |||||