Total
29562 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-1201 | 1 Timecop | 1 Wmcube Gdk | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in wmcube-gdk for WMCube/GDK 0.98 allows local users to execute arbitrary code via long lines in the object description file. | |||||
| CVE-2006-1544 | 1 Vscripts | 1 Vnews | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in news.php in vscripts (aka Kuba Kunkiewicz) VNews 1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) autorkomentarza and (2) tresckomentarza parameters. | |||||
| CVE-2003-0900 | 1 Larry Wall | 1 Perl | 2025-04-03 | 5.0 MEDIUM | N/A |
| Perl 5.8.1 on Fedora Core does not properly initialize the random number generator when forking, which makes it easier for attackers to predict random numbers. | |||||
| CVE-2000-1111 | 1 Microsoft | 1 Windows 2000 | 2025-04-03 | 5.0 MEDIUM | N/A |
| Telnet Service for Windows 2000 Professional does not properly terminate incomplete connection attempts, which allows remote attackers to cause a denial of service by connecting to the server and not providing any input. | |||||
| CVE-2000-1199 | 1 Postgresql | 1 Postgresql | 2025-04-03 | 4.6 MEDIUM | N/A |
| PostgreSQL stores usernames and passwords in plaintext in (1) pg_shadow and (2) pg_pwd, which allows attackers with sufficient privileges to gain access to databases. | |||||
| CVE-2005-4377 | 1 Nma | 1 Baseline Cms | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Page.asp in Baseline CMS 1.95 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) PageID and (2) SiteNodeID parameters. | |||||
| CVE-2006-4503 | 1 Nx5 | 1 Nx5linx | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in link.php in NX5Linx 1.0 allows remote attackers to read arbitrary files via the logo parameter. | |||||
| CVE-2006-3357 | 1 Microsoft | 1 Internet Explorer | 2025-04-03 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in HTML Help ActiveX control (hhctrl.ocx) in Microsoft Internet Explorer 6.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code by repeatedly setting the Image field of an Internet.HHCtrl.1 object to certain values, possibly related to improper escaping and long strings. | |||||
| CVE-2002-1027 | 1 Macromedia | 1 Sitespring | 2025-04-03 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerability in the default HTTP 500 error script (500error.jsp) for Macromedia Sitespring 1.2.0 (277.1) allows remote attackers to execute arbitrary web script via a link to 500error.jsp with the script in 1the et parameter. | |||||
| CVE-2005-3271 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 2.1 LOW | N/A |
| Exec in Linux kernel 2.6 does not properly clear posix-timers in multi-threaded environments, which results in a resource leak and could allow a large number of multiple local users to cause a denial of service by using more posix-timers than specified by the quota for a single user. | |||||
| CVE-2005-1546 | 1 Ht Editor | 1 Ht Editor | 2025-04-03 | 5.1 MEDIUM | N/A |
| Buffer overflow in the PE parser in HT Editor before 0.8.0 allows remote attackers to execute arbitrary code via a crafted PE file. | |||||
| CVE-1999-0530 | 2025-04-03 | 10.0 HIGH | N/A | ||
| A system is operating in "promiscuous" mode which allows it to perform packet sniffing. | |||||
| CVE-2005-4550 | 1 Oracle | 1 Application Server Discussion Forum Portlet | 2025-04-03 | 5.0 MEDIUM | N/A |
| The PORTAL schema in Oracle Application Server (OracleAS) Discussion Forum Portlet allows remote attackers to obtain the source code for arbitrary JSP and other files via a df_next_page parameter with a trailing null byte (%00). | |||||
| CVE-2003-0435 | 1 Typespeed | 1 Typespeed | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in net_swapscore for typespeed 0.4.1 and earlier allows remote attackers to execute arbitrary code. | |||||
| CVE-2006-0738 | 1 Estara | 1 Softphone | 2025-04-03 | 5.0 MEDIUM | N/A |
| Multiple format string vulnerabilities in eStara SIP softphone allow remote attackers to cause a denial of service (hang) via SIP INVITE requests with format string specifiers in the SDP session description, as demonstrated using (1) the field name, (2) the o field (owner/creator and session identifier), or (3) the m field (media name and transport address). | |||||
| CVE-2005-1577 | 1 Apg Technology | 1 Classmaster | 2025-04-03 | 7.5 HIGH | N/A |
| APG Technology ClassMaster does not properly restrict access to sensitive folders, which allows remote attackers to access folders via a network share. | |||||
| CVE-2002-1763 | 1 Sun | 1 Sunos | 2025-04-03 | 4.6 MEDIUM | N/A |
| The dtscreen Sun Solaris 8 CDE screensaver crashes when the "Shift" and "Return" keys are pressed repeatedly and quickly, which allows local users to access the current session. | |||||
| CVE-2004-2389 | 1 Jabberstudio | 1 Jabber Gadu-gadu Transport | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in Jabber Gadu-Gadu Transport (a.k.a. jabber-gg-transport) 2.0.x before 2.0.8 allows remote attackers to cause a denial of service (infinite loop) via user re-registration. | |||||
| CVE-2005-3150 | 1 Weex | 1 Weex | 2025-04-03 | 7.5 HIGH | N/A |
| Format string vulnerability in the Log_Flush function in Weex 2.6.1.5, 2.6.1, and possibly other versions allows remote FTP servers to execute arbitrary code via format strings in filenames. | |||||
| CVE-2006-4061 | 1 Thomas Pequet | 1 Phpprintanalyzer | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in index.php in Thomas Pequet phpPrintAnalyzer 1.1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the rep_par_rapport_racine parameter. NOTE: this issue has been disputed by third party researchers, stating that the rep_par_rapport_racine variable is initialized before use | |||||