Total
29802 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-1010 | 1 Openbsd | 1 Openssh | 2025-04-03 | 2.1 LOW | N/A |
| An SSH 1.2.27 server allows a client to use the "none" cipher, even if it is not allowed by the server policy. | |||||
| CVE-2006-0564 | 1 Microsoft | 2 Html Help, Html Help Workshop | 2025-04-03 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in Microsoft HTML Help Workshop 4.74.8702.0, and possibly earlier versions, and as included in the Microsoft HTML Help 1.4 SDK, allows context-dependent attackers to execute arbitrary code via a .hhp file with a long Contents file field. | |||||
| CVE-1999-1520 | 1 Microsoft | 1 Site Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| A configuration problem in the Ad Server Sample directory (AdSamples) in Microsoft Site Server 3.0 allows an attacker to obtain the SITE.CSC file, which exposes sensitive SQL database information. | |||||
| CVE-2002-0243 | 1 Opera Software | 1 Opera Web Browser | 2025-04-03 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerability in Opera 6.0 and earlier allows remote attackers to execute arbitrary script via an Extended HTML Form, whose output from the remote server is not properly cleansed. | |||||
| CVE-2000-0832 | 1 Oscar Nierstrasz | 1 Htgrep | 2025-04-03 | 5.0 MEDIUM | N/A |
| Htgrep CGI program allows remote attackers to read arbitrary files by specifying the full pathname in the hdr parameter. | |||||
| CVE-2001-0738 | 2 Debian, Immunix | 2 Debian Linux, Immunix | 2025-04-03 | 5.0 MEDIUM | N/A |
| LogLine function in klogd in sysklogd 1.3 in various Linux distributions allows an attacker to cause a denial of service (hang) by causing null bytes to be placed in log messages. | |||||
| CVE-2002-0900 | 1 Mit | 1 Pgp Public Key Server | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in pks PGP public key web server before 0.9.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long search argument to the lookup capability. | |||||
| CVE-2005-0022 | 1 University Of Cambridge | 1 Exim | 2025-04-03 | 4.6 MEDIUM | N/A |
| Buffer overflow in the spa_base64_to_bits function in Exim before 4.43, as originally obtained from Samba code, and as called by the auth_spa_client function, may allow attackers to execute arbitrary code during SPA authentication. | |||||
| CVE-2006-1766 | 1 Papoo | 1 Papoo | 2025-04-03 | 6.4 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in Papoo 2.1.5, and 3 beta1 and earlier, allow remote attackers to execute arbitrary SQL commands via the (1) getlang and (2) reporeid parameter in (a) index.php, (3) menuid parameter in (b) plugin.php and (c) forumthread.php, and (4) msgid parameter in forumthread.php. | |||||
| CVE-2005-1960 | 1 C.j. Steele | 1 Tattle | 2025-04-03 | 7.5 HIGH | N/A |
| The getemails function in C.J. Steele Tattle allows remote attackers to execute arbitrary commands via shell metacharacters in certain log entries, as demonstrated using shell metacharacters in an FTP username. | |||||
| CVE-1999-1301 | 1 Freebsd | 1 Freebsd | 2025-04-03 | 7.5 HIGH | N/A |
| A design flaw in the Z-Modem protocol allows the remote sender of a file to execute arbitrary programs on the client, as implemented in rz in the rzsz module of FreeBSD before 2.1.5, and possibly other programs. | |||||
| CVE-1999-1273 | 1 National Science Foundation | 1 Squid Web Proxy | 2025-04-03 | 7.5 HIGH | N/A |
| Squid Internet Object Cache 1.1.20 allows users to bypass access control lists (ACLs) by encoding the URL with hexadecimal escape sequences. | |||||
| CVE-1999-0832 | 2 Debian, Redhat | 2 Debian Linux, Linux | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in NFS server on Linux allows attackers to execute commands via a long pathname. | |||||
| CVE-2006-0227 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 2.6 LOW | N/A |
| Multiple unspecified vulnerabilities in lpsched in Sun Solaris 8, 9, and 10 allow local users to delete arbitrary files or disable the LP print service via unknown attack vectors. | |||||
| CVE-2002-0215 | 1 Steve Kneizys | 1 Agora.cgi | 2025-04-03 | 5.0 MEDIUM | N/A |
| Agora.cgi 3.2r through 4.0 while in debug mode allows remote attackers to determine the full pathname of the agora.cgi file by requesting a non-existent .html file, which leaks the pathname in an error message. | |||||
| CVE-2004-0385 | 1 Oracle | 2 Application Server Web Cache, E-business Suite | 2025-04-03 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in Oracle 9i Application Server Web Cache 9.0.4.0.0, 9.0.3.1.0, 9.0.2.3.0, and 9.0.0.4.0 allows remote attackers to execute arbitrary code via a long HTTP request method header to the Web Cache listener. NOTE: due to the vagueness of the Oracle advisory, it is not clear whether there are additional issues besides this overflow, although the advisory alludes to multiple "vulnerabilities." | |||||
| CVE-2005-0545 | 1 Microsoft | 2 Windows 2000, Windows Xp | 2025-04-03 | 7.2 HIGH | N/A |
| Microsoft Windows XP Pro SP2 and Windows 2000 Server SP4 running Active Directory allow local users to bypass group policies that restrict access to hidden drives by using the browse feature in Office 10 applications such as Word or Excel, or using a flash drive. NOTE: this issue has been disputed in a followup post. | |||||
| CVE-2002-0337 | 1 Realnetworks | 1 Realplayer | 2025-04-03 | 5.4 MEDIUM | N/A |
| RealPlayer 8 allows remote attackers to cause a denial of service (CPU utilization) via malformed .mp3 files. | |||||
| CVE-2002-0882 | 1 Cisco | 2 Skinny Client Control Protocol Software, Voip Phone Cp-7940 | 2025-04-03 | 6.4 MEDIUM | N/A |
| The web server for Cisco IP Phone (VoIP) models 7910, 7940, and 7960 allows remote attackers to cause a denial of service (reset) and possibly read sensitive memory via a large integer value in (1) the stream ID of the StreamingStatistics script, or (2) the port ID of the PortInformation script. | |||||
| CVE-2002-1254 | 1 Microsoft | 2 Ie, Internet Explorer | 2025-04-03 | 7.5 HIGH | N/A |
| Internet Explorer 5.5 and 6.0 allows remote attackers to bypass the cross-domain security model and access information on the local system or in other domains, and possibly execute code, via cached methods and objects, aka "Cross Domain Verification via Cached Methods." | |||||