Total
29562 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0037 | 1 Great Circle Associates | 1 Majordomo | 2025-04-03 | 4.6 MEDIUM | N/A |
| Majordomo wrapper allows local users to gain privileges by specifying an alternate configuration file. | |||||
| CVE-2005-4480 | 1 Plexcor | 1 Plexcor Cms | 2025-04-03 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Plexcor CMS 4.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters. | |||||
| CVE-2003-1153 | 1 Bytehoard | 1 Bytehoard | 2025-04-03 | 5.0 MEDIUM | N/A |
| byteHoard 0.7 and 0.71 allows remote attackers to list arbitrary files and directories via a direct request to files.inc.php. | |||||
| CVE-2005-4271 | 1 Ibm | 1 Aix | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in the malloc debug system in IBM AIX 5.3 allows local users to execute arbitrary code. | |||||
| CVE-2006-4650 | 1 Cisco | 1 Ios | 2025-04-03 | 2.6 LOW | N/A |
| Cisco IOS 12.0, 12.1, and 12.2, when GRE IP tunneling is used and the RFC2784 compliance fixes are missing, does not verify the offset field of a GRE packet during decapsulation, which leads to an integer overflow that references data from incorrect memory locations, which allows remote attackers to inject crafted packets into the routing queue, possibly bypassing intended router ACLs. | |||||
| CVE-2000-0597 | 1 Microsoft | 2 Excel, Powerpoint | 2025-04-03 | 7.5 HIGH | N/A |
| Microsoft Office 2000 (Excel and PowerPoint) and PowerPoint 97 are marked as safe for scripting, which allows remote attackers to force Internet Explorer or some email clients to save files to arbitrary locations via the Visual Basic for Applications (VBA) SaveAs function, aka the "Office HTML Script" vulnerability. | |||||
| CVE-2006-1852 | 1 Scriptsfrenzy | 1 Article Publisher Pro | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in category.php in Article Publisher Pro 1.0.1 and earlier allows remote attackers to execute arbitrary SQL commands via the cname parameter. | |||||
| CVE-2004-1614 | 1 Mozilla | 1 Mozilla | 2025-04-03 | 5.0 MEDIUM | N/A |
| Mozilla allows remote attackers to cause a denial of service (application crash from invalid memory access) via an "unusual combination of visual elements," including several large MARQUEE tags with large height parameters, as demonstrated by mangleme. | |||||
| CVE-2001-1518 | 1 Microsoft | 1 Windows 2000 | 2025-04-03 | 2.1 LOW | N/A |
| RunAs (runas.exe) in Windows 2000 only creates one session instance at a time, which allows local users to cause a denial of service (RunAs hang) by creating a named pipe session with the authentication server without any request for service. NOTE: the vendor disputes this vulnerability, however the vendor also presents a scenario in which other users could be affected if running on a Terminal Server. Therefore this is a vulnerability. | |||||
| CVE-2005-4153 | 1 Gnu | 1 Mailman | 2025-04-03 | 7.8 HIGH | N/A |
| Mailman 2.1.4 through 2.1.6 allows remote attackers to cause a denial of service via a message that causes the server to "fail with an Overflow on bad date data in a processed message," a different vulnerability than CVE-2005-3573. | |||||
| CVE-2004-1342 | 1 Cvs | 1 Cvs | 2025-04-03 | 7.5 HIGH | N/A |
| CVS 1.12 and earlier on Debian GNU/Linux, when using the repouid patch, allows remote attackers to bypass authentication via the pserver access method. | |||||
| CVE-2003-0155 | 1 Mozilla | 1 Bonsai | 2025-04-03 | 5.0 MEDIUM | N/A |
| bonsai Mozilla CVS query tool allows remote attackers to gain access to the parameters page without authentication. | |||||
| CVE-2006-4570 | 1 Mozilla | 2 Seamonkey, Thunderbird | 2025-04-03 | 2.6 LOW | N/A |
| Mozilla Thunderbird before 1.5.0.7 and SeaMonkey before 1.0.5, with "Load Images" enabled, allows remote user-assisted attackers to bypass settings that disable JavaScript via a remote XBL file in a message that is loaded when the user views, forwards, or replies to the original message. | |||||
| CVE-2002-0526 | 1 Inn | 1 Inn | 2025-04-03 | 7.2 HIGH | N/A |
| Vulnerability in (1) inews or (2) rnews for INN 2.2.3 and earlier, related to insecure open() calls. | |||||
| CVE-2006-4859 | 1 Limbo Cms | 1 Limbo Cms | 2025-04-03 | 7.5 HIGH | N/A |
| Unrestricted file upload vulnerability in contact.html.php in the Contact (com_contact) component in Limbo (aka Lite Mambo) CMS 1.0.4.2L and earlier allows remote attackers to upload PHP code to the images/contact folder via a filename with a double extension in the contact_attach parameter in a contact option in index.php, which bypasses an insufficiently restrictive regular expression. | |||||
| CVE-2006-2846 | 1 Visiongate | 1 Visiongate Portal System | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Print.PHP in VisionGate Portal System allows remote attackers to inject arbitrary web script or HTML via unspecified parameters. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-1999-0939 | 1 Debian | 1 Debian Linux | 2025-04-03 | 5.0 MEDIUM | N/A |
| Denial of service in Debian IRC Epic/epic4 client via a long string. | |||||
| CVE-2005-0294 | 1 Minis | 1 Minis | 2025-04-03 | 5.0 MEDIUM | N/A |
| minis.php in Minis 0.2.1 allows remote attackers to cause a denial of service (infinite loop) via an HTTP request for a file that the web server does not have permission to read, as demonstrated using the month parameter. | |||||
| CVE-2005-0782 | 1 Php Arena | 1 Pafiledb | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in (1) viewall.php and (2) category.php for paFileDB 3.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the start parameter to pafiledb.php. | |||||
| CVE-2006-4442 | 1 Clemens Wacha | 1 Php Iaddressbook | 2025-04-03 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in PHP iAddressBook before 0.95 allows remote attackers to inject arbitrary web script or HTML via the cat_name parameter, related to adding a category. (categories field). NOTE: some details are obtained from third party information. | |||||