Total
29805 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-2003 | 1 Delegate | 1 Delegate | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the ssl_prcert function in the SSLway filter (sslway.c) for DeleGate 8.9.2 and earlier allows remote attackers to execute arbitrary code via a certificate with a long (1) subject or (2) issuer name field. | |||||
| CVE-2002-0346 | 1 Sun | 3 Cobalt Raq 2, Cobalt Raq 3i, Cobalt Raq 4 | 2025-04-03 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerability in Cobalt RAQ 4 allows remote attackers to execute arbitrary script as other Cobalt users via Javascript in a URL to (1) service.cgi or (2) alert.cgi. | |||||
| CVE-2002-2149 | 1 Lucent | 3 Access Point Service Router 1500, Access Point Service Router 300, Access Point Service Router 600 | 2025-04-03 | 5.0 MEDIUM | N/A |
| Buffer overflow in Lucent Access Point 300, 600, and 1500 Service Routers allows remote attackers to cause a denial of service (reboot) via a long HTTP request to the administrative interface. | |||||
| CVE-2002-0298 | 1 Nombas | 1 Scriptease Webserver | 2025-04-03 | 5.0 MEDIUM | N/A |
| ScriptEase MiniWeb Server 0.95 allows remote attackers to cause a denial of service (crash) via certain HTTP GET requests containing (1) a %2e%2e (encoded dot-dot), (2) several /../ (dot dot) sequences, (3) a missing URI, or (4) several ../ in a URI that does not begin with a / (slash) character. | |||||
| CVE-2004-0281 | 1 Caucho | 1 Resin | 2025-04-03 | 5.0 MEDIUM | N/A |
| Caucho Technology Resin 2.1.12 allows remote attackers to gain sensitive information and view the contents of the /WEB-INF/ directory via an HTTP request for "WEB-INF..", which is equivalent to "WEB-INF" in Windows. | |||||
| CVE-2006-4454 | 1 Hlstats | 1 Hlstats | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in hlstats.php in HLstats 1.34 allows remote attackers to inject arbitrary web script or HTML via the q parameter. | |||||
| CVE-2002-1334 | 1 Bizdesign | 1 Imagefolio | 2025-04-03 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in BizDesign ImageFolio 3.01 and earlier allows remote attackers to execute arbitrary web script as other users via (1) the direct parameter in imageFolio.cgi, or (2) nph-build.cgi. | |||||
| CVE-2004-1101 | 1 Tips | 1 Mailpost | 2025-04-03 | 5.8 MEDIUM | N/A |
| mailpost.exe in MailPost 5.1.1sv, and possibly earlier versions, allows remote attackers to cause a denial of service (server crash), leak sensitive pathname information in the resulting error message, and execute a cross-site scripting (XSS) attack via an HTTP request that contains a / (backslash) and arbitrary webscript before the requested file, which leaks the pathname and does not quote the script in the resulting Visual Basic error message. | |||||
| CVE-2000-0574 | 2 Openbsd, Washington University | 2 Ftpd, Wu-ftpd | 2025-04-03 | 5.0 MEDIUM | N/A |
| FTP servers such as OpenBSD ftpd, NetBSD ftpd, ProFTPd and Opieftpd do not properly cleanse untrusted format strings that are used in the setproctitle function (sometimes called by set_proc_title), which allows remote attackers to cause a denial of service or execute arbitrary commands. | |||||
| CVE-1999-1521 | 1 Computalynx | 1 Cmail | 2025-04-03 | 10.0 HIGH | N/A |
| Computalynx CMail 2.4 and CMail 2.3 SP2 SMTP servers are vulnerable to a buffer overflow attack in the MAIL FROM command that may allow a remote attacker to execute arbitrary code on the server. | |||||
| CVE-2005-3369 | 1 Woltlab | 1 Burning Board | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in the Info-DB module (info_db.php) in Woltlab Burning Board 2.7 and earlier allow remote attackers to execute arbitrary SQL commands and possibly upload files via the (1) fileid and (2) subkatid parameters. | |||||
| CVE-2005-1341 | 1 Apple | 3 Mac Os X, Mac Os X Server, Terminal | 2025-04-03 | 5.1 MEDIUM | N/A |
| Apple Terminal 1.4.4 allows attackers to execute arbitrary commands via terminal escape sequences. | |||||
| CVE-2005-4590 | 1 Spb | 1 Kiosk Engine | 2025-04-03 | 4.6 MEDIUM | N/A |
| Spb Kiosk Engine 1.0.0.1 allows local users to bypass restrictions on allowed applications via (1) removable media containing a program that will execute because of the autorun setting and (2) applications that are able to invoke other applications, as demonstrated by a file: URL specifying a .exe file. | |||||
| CVE-2000-0969 | 1 Valve Software | 1 Half-life Dedicated Server | 2025-04-03 | 10.0 HIGH | N/A |
| Format string vulnerability in Half Life dedicated server build 3104 and earlier allows remote attackers to execute arbitrary commands by injecting format strings into the changelevel command, via the system console or rcon. | |||||
| CVE-2000-0906 | 1 Moreover.com | 1 Cached Feed.cgi Script | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Moreover.com cached_feed.cgi script version 4.July.00 allows remote attackers to read arbitrary files via a .. (dot dot) attack on the category or format parameters. | |||||
| CVE-2000-0798 | 1 Sgi | 1 Irix | 2025-04-03 | 10.0 HIGH | N/A |
| The truncate function in IRIX 6.x does not properly check for privileges when the file is in the xfs file system, which allows local users to delete the contents of arbitrary files. | |||||
| CVE-2006-3110 | 1 Chipmailer | 1 Chipmailer | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in main.php in Chipmailer 1.09 allows remote attackers to inject arbitrary web script or HTML via the (1) name, (2) betreff, (3) mail, and (4) text parameters. | |||||
| CVE-2002-2025 | 1 Ibm | 1 Lotus Domino Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Lotus Domino server 5.0.9a and earlier allows remote attackers to cause a denial of service by exhausting the number of working threads via a large number of HTTP requests for (1) an MS-DOS device name and (2) an MS-DOS device name with a large number of characters appended to the device name. | |||||
| CVE-2005-0911 | 1 E-xoops | 1 E-xoops | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in exoops may allow remote attackers to execute arbitrary SQL commands via (1) the viewcat parameter to index.php or (2) the artid parameter in the viewarticle action for index.php. | |||||
| CVE-2000-0488 | 1 Ithouse | 1 Ithouse Mail Server | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in ITHouse mail server 1.04 allows remote attackers to execute arbitrary commands via a long RCPT TO mail command. | |||||