Total
29562 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-1199 | 1 Apache | 1 Http Server | 2025-04-03 | 10.0 HIGH | N/A |
| Apache WWW server 1.3.1 and earlier allows remote attackers to cause a denial of service (resource exhaustion) via a large number of MIME headers with the same name, aka the "sioux" vulnerability. | |||||
| CVE-2005-0565 | 1 Phpwebsite | 1 Phpwebsite | 2025-04-03 | 7.5 HIGH | N/A |
| The Announce module in phpWebSite 0.10.0 and earlier allows remote attackers to execute arbitrary PHP code by setting the Image field to reference a PHP file whose name contains a .gif.php extension. | |||||
| CVE-2003-1189 | 1 Nokia | 1 Ipso | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in Nokia IPSO 3.7, configured as IP Clusters, allows remote attackers to cause a denial of service via unknown attack vectors. | |||||
| CVE-2005-2593 | 1 Parlano | 1 Mindalign | 2025-04-03 | 10.0 HIGH | N/A |
| Parlano MindAlign 5.0 and later versions uses weak encryption, with unknown impact and attack vectors. | |||||
| CVE-2006-1948 | 1 Ibm | 1 Lotus Notes | 2025-04-03 | 4.0 MEDIUM | N/A |
| The "Add Sender to Address Book" operation (AddSenderToAddressBook.lss) and NameHelper.lss in IBM Lotus Notes 6.0 and 6.5 before 20060331 do not properly store information in the Personal Address Book when multiple messages are checked and a message uses AltFrom, which might allow user-assisted remote attackers to trick a user into sending e-mail to an unauthorized recipient. | |||||
| CVE-2006-3507 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | 7.2 HIGH | N/A |
| Multiple stack-based buffer overflows in the AirPort wireless driver on Apple Mac OS X 10.3.9 and 10.4.7 allow physically proximate attackers to execute arbitrary code by injecting crafted frames into a wireless network. | |||||
| CVE-2002-1023 | 1 Working Resources Inc. | 1 Badblue | 2025-04-03 | 5.0 MEDIUM | N/A |
| BadBlue server allows remote attackers to cause a denial of service (crash) via an HTTP GET request without a URI. | |||||
| CVE-2005-0452 | 1 Microsoft | 1 Asp.net | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Microsoft ASP.NET (.Net) 1.0 and 1.1 to SP1 allow remote attackers to inject arbitrary HTML or web script via Unicode representations for ASCII fullwidth characters that are converted to normal ASCII characters, including ">" and "<". | |||||
| CVE-2004-0086 | 1 Apple | 1 Mac Os X | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in the Mail application for Mac OS X 10.3.2 has unknown impact and attack vectors, a different vulnerability than CVE-2004-0085. | |||||
| CVE-2006-4910 | 1 Cisco | 2 Ids Sensor Software, Ips Sensor Software | 2025-04-03 | 5.0 MEDIUM | N/A |
| The web administration interface (mainApp) to Cisco IDS before 4.1(5c), and IPS 5.0 before 5.0(6p1) and 5.1 before 5.1(2) allows remote attackers to cause a denial of service (unresponsive device) via a crafted SSLv2 Client Hello packet. | |||||
| CVE-2005-2257 | 1 Phpslash | 1 Phpslash | 2025-04-03 | 10.0 HIGH | N/A |
| The saveProfile function in PhpSlash 0.8.0 allows remote attackers to modify arbitrary profiles and gain privileges by modifying the author_id parameter. | |||||
| CVE-2004-2108 | 1 Quadcomm | 1 Q-shop | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in QuadComm Q-Shop allow remote attackers to execute arbitrary SQL commands via certain parameters to (1) search.asp, (2) browse.asp, (3) details.asp, (4) showcat.asp, (5) users.asp, (6) addtomylist.asp, (7) modline.asp, (8) cart.asp, or (9) newuser.asp. | |||||
| CVE-2006-2499 | 1 Xfairguy | 1 Codeavalanche News | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in default.asp in CodeAvalanche News (CANews) 1.2 allows remote attackers to execute arbitrary SQL commands via the password field. | |||||
| CVE-1999-0092 | 1 Ibm | 1 Aix | 2025-04-03 | 7.2 HIGH | N/A |
| Various vulnerabilities in the AIX portmir command allows local users to obtain root access. | |||||
| CVE-2001-1422 | 1 Att | 1 Winvnc | 2025-04-03 | 7.5 HIGH | N/A |
| WinVNC 3.3.3 and earlier generates the same challenge string for multiple connections, which allows remote attackers to bypass VNC authentication by sniffing the challenge and response of other users. | |||||
| CVE-2004-0974 | 3 Mandrakesoft, Netatalk, Redhat | 4 Mandrake Linux, Mandrake Linux Corporate Server, Open Source Apple File Share Protocol Suite and 1 more | 2025-04-03 | 2.1 LOW | N/A |
| The netatalk package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files. | |||||
| CVE-2005-1829 | 1 Microsoft | 1 Internet Explorer | 2025-04-03 | 5.0 MEDIUM | N/A |
| Microsoft Internet Explorer 6 SP2 allows remote attackers to cause a denial of service (infinite loop and application crash) via two embedded files that call each other. | |||||
| CVE-2005-0341 | 1 Apple | 1 Safari | 2025-04-03 | 4.3 MEDIUM | N/A |
| Apple Safari 1.2.4 does not obey the Content-type field in the HTTP header and renders text as HTML, which allows remote attackers to inject arbitrary web script or HTML and perform cross-site scripting (XSS) attacks. | |||||
| CVE-2004-0614 | 1 Osticket | 1 Osticket Sts | 2025-04-03 | 6.4 MEDIUM | N/A |
| osTicket trusts a hidden form field in the submit form to limit the upload size of a document, which could allow remote attackers to upload a file of any size. | |||||
| CVE-2005-0175 | 1 Squid | 1 Squid | 2025-04-03 | 5.0 MEDIUM | N/A |
| Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cache via an HTTP response splitting attack. | |||||