Total
29802 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-0855 | 1 Charles Kerr | 1 Pan | 2025-04-03 | 7.8 HIGH | N/A |
| Pan 0.13.3 and earlier allows remote attackers to cause a denial of service (crash) via a news post with a long author email address. | |||||
| CVE-2006-4745 | 1 Scarybear | 1 Pocketexpense Pro | 2025-04-03 | 3.6 LOW | N/A |
| ScaryBear PocketExpense Pro 3.9.1 uses an internally recorded key to protect a data file whose contents are stored in plaintext, which allows local users to disable authentication and access the file by modifying a certain value in the file header. | |||||
| CVE-2001-1565 | 1 Apple | 1 Mac Os X | 2025-04-03 | 2.1 LOW | N/A |
| Point to Point Protocol daemon (pppd) in MacOS x 10.0 and 10.1 through 10.1.5 provides the username and password on the command line, which allows local users to obtain authentication information via the ps command. | |||||
| CVE-2005-4555 | 1 Dev | 1 Dev Web Management System | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in add.php in DEV web management system 1.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) ENTER_ARTICLE_TITLE, (2) SPECIFY_ZONE, (3) ENTER_ARTICLE_HEADER, and (4) ENTER_ARTICLE_BODY indices in the language array parameter. | |||||
| CVE-2005-0872 | 1 Phpbb Group | 1 Phpbb | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in calendar_scheduler.php in the Topic Calendar 1.0.1 module for phpBB allows remote attackers to inject arbitrary web script or HTML via the start parameter. | |||||
| CVE-2006-2279 | 1 Arabless | 1 Saphplesson | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in SaphpLesson 3.0 allow remote attackers to execute arbitrary SQL commands via (1) the Find parameter in (a) search.php, and the (2) LID and (3) Rate parameters in (b) misc.php. | |||||
| CVE-2005-2693 | 1 Cvs | 1 Cvs | 2025-04-03 | 4.6 MEDIUM | N/A |
| cvsbug in CVS 1.12.12 and earlier creates temporary files insecurely, which allows local users to overwrite arbitrary files and execute arbitrary code via a symlink attack. | |||||
| CVE-2005-1109 | 1 Junkbuster | 1 Internet Junkbuster | 2025-04-03 | 7.5 HIGH | N/A |
| The filtering of URLs in JunkBuster before 2.0.2-r3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via heap corruption. | |||||
| CVE-2005-1942 | 1 Cisco | 1 Catalyst | 2025-04-03 | 7.5 HIGH | N/A |
| Cisco switches that support 802.1x security allow remote attackers to bypass port security and gain access to the VLAN via spoofed Cisco Discovery Protocol (CDP) messages. | |||||
| CVE-2006-1594 | 1 Claroline | 1 Claroline | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple directory traversal vulnerabilities in document/rqmkhtml.php in Claroline 1.7.4 and earlier allow remote attackers to use ".." (dot dot) sequences to (1) read arbitrary files via the file parameter in a rqEditHtml command to document/rqmkhtml.php or (2) execute arbitrary code via the includePath parameter to learnPath/include/scormExport.inc.php. | |||||
| CVE-2005-3101 | 1 Six Apart | 1 Movable Type | 2025-04-03 | 5.0 MEDIUM | N/A |
| The password reset feature in Movable Type before 3.2 generates different error messages depending on whether a user exists or not, which allows remote attackers to determine valid usernames. | |||||
| CVE-2005-1915 | 1 Log4sh | 1 Log4sh | 2025-04-03 | 2.1 LOW | N/A |
| The log4sh_readProperties function in log4sh 1.2.5 and earlier allows local users to overwrite arbitrary files via a symlink attack on predictable log4sh.$$ filenames. | |||||
| CVE-1999-1305 | 1 Sco | 5 Open Desktop, Open Desktop Lite, Openserver Enterprise System and 2 more | 2025-04-03 | 7.2 HIGH | N/A |
| Vulnerability in "at" program in SCO UNIX 4.2 and earlier allows local users to gain root access. | |||||
| CVE-1999-1100 | 1 Cisco | 1 Pix Private Link | 2025-04-03 | 7.5 HIGH | N/A |
| Cisco PIX Private Link 4.1.6 and earlier does not properly process certain commands in the configuration file, which reduces the effective key length of the DES key to 48 bits instead of 56 bits, which makes it easier for an attacker to find the proper key via a brute force attack. | |||||
| CVE-2002-0955 | 1 Yabb | 1 Yabb | 2025-04-03 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerability in YaBB.cgi for Yet Another Bulletin Board (YaBB) 1 Gold SP1 and earlier allows remote attackers to execute arbitrary script as other web site visitors via script in the num parameter, which is not filtered in the resulting error message. | |||||
| CVE-2000-0355 | 3 Bent Bagger, Redhat, Suse | 3 Pbpg, Linux, Suse Linux | 2025-04-03 | 7.5 HIGH | N/A |
| pg and pb in SuSE pbpg 1.x package allows an attacker to read arbitrary files. | |||||
| CVE-2005-1450 | 1 S9y | 1 Serendipity | 2025-04-03 | 7.5 HIGH | N/A |
| Unknown vulnerability in "the function used to validate path-names for uploading media" in Serendipity before 0.8 has unknown impact. | |||||
| CVE-1999-0992 | 1 Hp | 1 Vvos | 2025-04-03 | 10.0 HIGH | N/A |
| HP VirtualVault with the PHSS_17692 patch allows unprivileged processes to bypass access restrictions via the Trusted Gateway Proxy (TGP). | |||||
| CVE-2006-0925 | 1 Alt-n | 1 Mdaemon | 2025-04-03 | 5.0 MEDIUM | N/A |
| Format string vulnerability in the IMAP4rev1 server in Alt-N MDaemon 8.1.1 and possibly 8.1.4 allows remote attackers to cause a denial of service (CPU consumption) by creating and then listing folders whose names contain format string specifiers. | |||||
| CVE-2005-0272 | 1 Photopost | 1 Reviewpost Php Pro | 2025-04-03 | 7.5 HIGH | N/A |
| ReviewPost PHP Pro before 2.84 allows remote attackers to upload and execute arbitrary PHP files by posting a review file with multiple extensions, which bypasses the intended restrictions. | |||||