Total
29573 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-0813 | 1 Infodrom | 1 Cfingerd | 2025-04-03 | 7.2 HIGH | N/A |
| Cfingerd with ALLOW_EXECUTION enabled does not properly drop privileges when it executes a program on behalf of the user, allowing local users to gain root privileges. | |||||
| CVE-2000-1063 | 1 Hp | 1 Jetdirect | 2025-04-03 | 5.0 MEDIUM | N/A |
| Buffer overflow in the Telnet service in HP JetDirect printer card Firmware x.08.20 and earlier allows remote attackers to cause a denial of service. | |||||
| CVE-2004-0374 | 1 Interchange Development Group | 1 Interchange | 2025-04-03 | 6.4 MEDIUM | N/A |
| Interchange before 5.0.1 allows remote attackers to "expose the content of arbitrary variables" and read or modify sensitive SQL information via an HTTP request ending with the "__SQLUSER__" string. | |||||
| CVE-2006-4473 | 1 Joomla | 1 Joomla | 2025-04-03 | 5.1 MEDIUM | N/A |
| Unspecified vulnerability in com_content in Joomla! before 1.0.11, when $mosConfig_hideEmail is set, allows attackers to perform the emailform and emailsend tasks. | |||||
| CVE-2001-0890 | 1 Sane | 1 Sane | 2025-04-03 | 2.1 LOW | N/A |
| Certain backend drivers in the SANE library 1.0.3 and earlier, as used in frontend software such as XSane, allows local users to modify files via a symlink attack on temporary files. | |||||
| CVE-2002-1364 | 1 Ehud Gavron | 1 Tracesroute | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in the get_origin function in traceroute-nanog allows attackers to execute arbitrary code via long WHOIS responses. | |||||
| CVE-2005-1457 | 1 Ethereal Group | 1 Ethereal | 2025-04-03 | 5.0 MEDIUM | N/A |
| Multiple unknown vulnerabilities in the (1) AIM, (2) LDAP, (3) FibreChannel, (4) GSM_MAP, (5) SRVLOC, and (6) NTLMSSP dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (crash). | |||||
| CVE-2002-1353 | 1 Intranet-server | 1 Localweb2000 | 2025-04-03 | 5.0 MEDIUM | N/A |
| LocalWEB2000 HTTP server 2.1.0 stores passwords in plain text under the web document root in users.lst, which allows remote attackers to obtain the passwords via a direct request to users.lst. | |||||
| CVE-2005-3115 | 1 Mpeg-tools | 1 Mpeg-tools | 2025-04-03 | 2.1 LOW | N/A |
| mpeg-tools before 1.5b-r2 creates multiple temporary files insecurely, which allows local users to overwrite arbitrary files via (1) ts.stat, (2) ts.mpg, (3) foobar, (4) blockbar, or (5) foobar[NNN]. | |||||
| CVE-2005-3985 | 1 Astaro | 1 Security Linux | 2025-04-03 | 7.8 HIGH | N/A |
| The Internet Key Exchange version 1 (IKEv1) implementation in Astaro Security Linux before 6.102 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to. | |||||
| CVE-2001-0360 | 1 Ikonboard.com | 1 Ikonboard | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in help.cgi in Ikonboard 2.1.7b and earlier allows a remote attacker to read arbitrary files via a .. (dot dot) attack in the helpon parameter. | |||||
| CVE-2005-4390 | 1 Contentserv | 1 Contentserv | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in ContentServ 3.1 and earlier allows remote attackers to execute arbitrary SQL commands via the StoryID parameter. | |||||
| CVE-2004-0679 | 1 Unreal | 1 Unrealircd | 2025-04-03 | 5.0 MEDIUM | N/A |
| The IP cloaking feature (cloak.c) in UnrealIRCd 3.2, and possibly other versions, uses a weak hashing scheme to hide IP addresses, which could allow remote attackers to use brute force methods to gain other user's IP addresses. | |||||
| CVE-2001-0317 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 3.7 LOW | N/A |
| Race condition in ptrace in Linux kernel 2.4 and 2.2 allows local users to gain privileges by using ptrace to track and modify a running setuid process. | |||||
| CVE-1999-0232 | 1 Ncsa Httpd Project | 1 Ncsa Httpd | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in NCSA WebServer (version 1.5c) gives remote access. | |||||
| CVE-2005-4769 | 1 Belchior Foundry | 1 Vcard Pro | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in addrbook.php in Belchior Foundry vCard PRO 3.1 allows remote attackers to execute arbitrary SQL commands via the addr_id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2005-4571 | 1 Myezshop | 1 Myezshop Shopping Cart | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in myEZshop Shopping Cart allows remote attackers to inject arbitrary web script or HTML via the Keyword parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2006-0733 | 1 Wordpress | 1 Wordpress | 2025-04-03 | 2.6 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in WordPress 2.0.0 allows remote attackers to inject arbitrary web script or HTML via scriptable attributes such as (1) onfocus and (2) onblur in the "author's website" field. NOTE: followup comments to the researcher's web log suggest that this issue is only exploitable by the same user who injects the XSS, so this might not be a vulnerability | |||||
| CVE-2005-3472 | 1 Sun | 1 Java System Communications Express | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Sun Java System Communications Express 2005Q1 and 2004Q2 allows local and remote attackers to read sensitive information from configuration files. | |||||
| CVE-2003-0390 | 1 James Theiler | 1 Opt | 2025-04-03 | 4.6 MEDIUM | N/A |
| Multiple buffer overflows in Options Parsing Tool (OPT) shared library 3.18 and earlier, when used in setuid programs, may allow local users to execute arbitrary code via long command line options that are fed into macros such as opt_warn_2, as used in functions such as opt_atoi. | |||||