Total
29562 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-2130 | 1 Gallery Project | 1 Gallery | 2025-04-03 | 7.5 HIGH | N/A |
| publish_xp_docs.php in Gallery 1.3.2 allows remote attackers to execute arbitrary PHP code by modifying the GALLERY_BASEDIR parameter to reference a URL on a remote web server that contains the code. | |||||
| CVE-2005-3639 | 1 Ubertec | 1 Help Center Live | 2025-04-03 | 7.5 HIGH | N/A |
| PHP file inclusion vulnerability in the osTicket module in Help Center Live before 2.0.3 allows remote attackers to access or include arbitrary files via the file parameter, possibly due to a directory traversal vulnerability. | |||||
| CVE-2004-1972 | 1 Francisco Burzi | 1 Php-nuke | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in modules.php in PHP-Nuke Video Gallery Module 0.1 Beta 5 allows remote attackers to execute arbitrary SQL code via the (1) clipid or (2) catid parameters in a viewclip, viewcat, or voteclip action. | |||||
| CVE-2002-2408 | 1 Gordano | 1 Ntmail | 2025-04-03 | 7.5 HIGH | N/A |
| Gordano Messaging Server (GMS) Mail 8 (a.k.a. NTMail) only filters email messages for the first recipient, which allows remote attackers to bypass JUCE filters by sending a message to more than one user on the GMS server. | |||||
| CVE-2000-0851 | 1 Microsoft | 1 Windows 2000 | 2025-04-03 | 4.6 MEDIUM | N/A |
| Buffer overflow in the Still Image Service in Windows 2000 allows local users to gain additional privileges via a long WM_USER message, aka the "Still Image Service Privilege Escalation" vulnerability. | |||||
| CVE-2001-0020 | 1 Cisco | 2 Arrowpoint, Content Services Switch | 2025-04-03 | 2.1 LOW | N/A |
| Directory traversal vulnerability in Arrowpoint (aka Cisco Content Services, or CSS) allows local unprivileged users to read arbitrary files via a .. (dot dot) attack. | |||||
| CVE-2001-1028 | 1 Redhat | 1 Linux | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in ultimate_source function of man 1.5 and earlier allows local users to gain privileges. | |||||
| CVE-2000-0641 | 1 Michael Lamont | 1 Savant Webserver | 2025-04-03 | 7.5 HIGH | N/A |
| Savant web server allows remote attackers to execute arbitrary commands via a long GET request. | |||||
| CVE-2006-2017 | 1 Dnsmasq | 1 Dnsmasq | 2025-04-03 | 5.0 MEDIUM | N/A |
| Dnsmasq 2.29 allows remote attackers to cause a denial of service (application crash) via a DHCP client broadcast reply request. | |||||
| CVE-2005-3402 | 1 Mozilla | 1 Thunderbird | 2025-04-03 | 2.6 LOW | N/A |
| The SMTP client in Mozilla Thunderbird 1.0.5 BETA, 1.0.7, and possibly other versions, does not notify users when it cannot establish a secure channel with the server, which allows remote attackers to obtain authentication information without detection via a man-in-the-middle (MITM) attack that bypasses TLS authentication or downgrades CRAM-MD5 authentication to plain authentication. | |||||
| CVE-2006-0304 | 1 Achal Dhir | 1 Dual Dhcp Dns Server | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in Dual DHCP DNS Server 1.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via the DHCP options field. | |||||
| CVE-2006-0111 | 1 Boxcar Media | 1 Shopping Cart | 2025-04-03 | 5.0 MEDIUM | N/A |
| Cross-site scripting vulnerability in index.php in Boxcar Media Shopping Cart allows remote attackers to inject arbitrary web script or HTML via the (1) parent or (2) pg parameter. | |||||
| CVE-2005-0627 | 1 Trolltech | 1 Qt | 2025-04-03 | 4.6 MEDIUM | N/A |
| Qt before 3.3.4 searches the BUILD_PREFIX directory, which could be world-writable, to load shared libraries regardless of the LD_LIBRARY_PATH environment variable, which allows local users to execute arbitrary programs. | |||||
| CVE-2006-0452 | 1 Redhat | 1 Fedora Core | 2025-04-03 | 5.0 MEDIUM | N/A |
| dn2ancestor in the LDAP component in Fedora Directory Server 1.0 allows remote attackers to cause a denial of service (CPU and memory consumption) via a ModDN operation with a DN that contains a large number of "," (comma) characters, which results in a large amount of recursion, as demonstrated using the ProtoVer LDAP test suite. | |||||
| CVE-1999-1010 | 1 Openbsd | 1 Openssh | 2025-04-03 | 2.1 LOW | N/A |
| An SSH 1.2.27 server allows a client to use the "none" cipher, even if it is not allowed by the server policy. | |||||
| CVE-2006-0564 | 1 Microsoft | 2 Html Help, Html Help Workshop | 2025-04-03 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in Microsoft HTML Help Workshop 4.74.8702.0, and possibly earlier versions, and as included in the Microsoft HTML Help 1.4 SDK, allows context-dependent attackers to execute arbitrary code via a .hhp file with a long Contents file field. | |||||
| CVE-1999-1520 | 1 Microsoft | 1 Site Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| A configuration problem in the Ad Server Sample directory (AdSamples) in Microsoft Site Server 3.0 allows an attacker to obtain the SITE.CSC file, which exposes sensitive SQL database information. | |||||
| CVE-2002-0243 | 1 Opera Software | 1 Opera Web Browser | 2025-04-03 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerability in Opera 6.0 and earlier allows remote attackers to execute arbitrary script via an Extended HTML Form, whose output from the remote server is not properly cleansed. | |||||
| CVE-2000-0832 | 1 Oscar Nierstrasz | 1 Htgrep | 2025-04-03 | 5.0 MEDIUM | N/A |
| Htgrep CGI program allows remote attackers to read arbitrary files by specifying the full pathname in the hdr parameter. | |||||
| CVE-2001-0738 | 2 Debian, Immunix | 2 Debian Linux, Immunix | 2025-04-03 | 5.0 MEDIUM | N/A |
| LogLine function in klogd in sysklogd 1.3 in various Linux distributions allows an attacker to cause a denial of service (hang) by causing null bytes to be placed in log messages. | |||||