Total
29562 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0318 | 1 Atrium Software | 1 Mercur Mailserver | 2025-04-03 | 7.5 HIGH | N/A |
| Atrium Mercur Mail Server 3.2 allows local attackers to read other user's email and create arbitrary files via a dot dot (..) attack. | |||||
| CVE-2004-1194 | 1 Lucasarts | 1 Star Wars Battlefront | 2025-04-03 | 5.0 MEDIUM | N/A |
| Buffer overflow in Star Wars Battlefront 1.11 and earlier allows remote attackers to cause a denial of service (application crash) via a long nickname. | |||||
| CVE-2005-0963 | 1 Toshiba | 1 Acpi Flash Bios | 2025-04-03 | 2.1 LOW | N/A |
| An error in the Toshiba ACPI BIOS 1.6 causes the BIOS to only examine the first slot in the Master Boot Record (MBR) table for an active partition, which prevents the system from booting even though the MBR is not malformed. NOTE: it has been debated as to whether or not this issue poses a security vulnerability, since administrative privileges would be required, and other DoS attacks are possible with such privileges. | |||||
| CVE-2002-1671 | 1 Microsoft | 1 Internet Explorer | 2025-04-03 | 5.0 MEDIUM | N/A |
| Microsoft Internet Explorer 5.0, 5.01, and 5.5 allows remote attackers to monitor the contents of the clipboard via the getData method of the clipboardData object. | |||||
| CVE-2006-3346 | 1 Carlos Sanchez Valle | 1 Mynewsgroups | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in tree.php in MyNewsGroups 0.6 allows remote attackers to execute arbitrary SQL commands via the grp_id parameter. | |||||
| CVE-2006-3289 | 1 Cisco | 1 Wireless Control System | 2025-04-03 | 2.6 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in the login page of the HTTP interface for the Cisco Wireless Control System (WCS) for Linux and Windows before 3.2(51) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving a "malicious URL". | |||||
| CVE-2006-1200 | 1 Daverave | 1 Link Bank | 2025-04-03 | 7.5 HIGH | N/A |
| Direct static code injection vulnerability in add_link.txt in daverave Link Bank allows remote attackers to execute arbitrary PHP code via the url_name parameter, which is not sanitized before being stored in links.txt, which is later used in an include statement. | |||||
| CVE-2001-1441 | 1 Ibm | 1 Visualage For Java | 2025-04-03 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in VisualAge for Java 3.5 Professional allows remote attackers to execute JavaScript on other clients via the URL, which injects the script in the resulting error message. | |||||
| CVE-2003-0914 | 9 Compaq, Freebsd, Hp and 6 more | 10 Tru64, Freebsd, Hp-ux and 7 more | 2025-04-03 | 4.3 MEDIUM | N/A |
| ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value. | |||||
| CVE-2001-1409 | 1 Xfree86 Project | 1 Xfree86 X Server | 2025-04-03 | 3.6 LOW | N/A |
| dexconf in XFree86 Xserver 4.1.0-2 creates the /dev/dri directory with insecure permissions (666), which allows local users to replace or create files in the root file system. | |||||
| CVE-2001-0345 | 1 Microsoft | 1 Windows 2000 | 2025-04-03 | 5.0 MEDIUM | N/A |
| Microsoft Windows 2000 telnet service allows attackers to prevent idle Telnet sessions from timing out, causing a denial of service by creating a large number of idle sessions. | |||||
| CVE-1999-1318 | 1 Sun | 1 Sunos | 2025-04-03 | 7.2 HIGH | N/A |
| /usr/5bin/su in SunOS 4.1.3 and earlier uses a search path that includes the current working directory (.), which allows local users to gain privileges via Trojan horse programs. | |||||
| CVE-2000-0719 | 1 Varicad | 1 Varicad | 2025-04-03 | 6.2 MEDIUM | N/A |
| VariCAD 7.0 is installed with world-writeable files, which allows local users to replace the VariCAD programs with a Trojan horse program. | |||||
| CVE-1999-0681 | 1 Microsoft | 2 Frontpage, Personal Web Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Buffer overflow in Microsoft FrontPage Server Extensions (PWS) 3.0.2.926 on Windows 95, and possibly other versions, allows remote attackers to cause a denial of service via a long URL. | |||||
| CVE-2006-3002 | 1 Easy Ad-manager | 1 Easy Ad-manager | 2025-04-03 | 5.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in details.php in Easy Ad-Manager allows remote attackers to inject arbitrary web script or HTML via the mbid parameter, which is reflected in an error message. NOTE: on 20060829, the vendor notified CVE that this issue has been fixed. | |||||
| CVE-1999-0355 | 1 Broadcom | 1 Controlit | 2025-04-03 | 5.0 MEDIUM | N/A |
| Local or remote users can force ControlIT 4.5 to reboot or force a user to log out, resulting in a denial of service. | |||||
| CVE-1999-1502 | 1 Id Software | 1 Quake | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflows in Quake 1.9 client allows remote malicious servers to execute arbitrary commands via long (1) precache paths, (2) server name, (3) server address, or (4) argument to the map console command. | |||||
| CVE-2005-0899 | 1 Ibm | 1 Os 400 | 2025-04-03 | 2.1 LOW | N/A |
| AS/400 running OS400 5.2 installs and enables LDAP by default, which allows remote authenticated users to obtain OS/400 user profiles by performing a search. | |||||
| CVE-2006-1922 | 1 Sweetphp | 1 Totalcalendar | 2025-04-03 | 6.4 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in (1) about.php or (2) auth.php in TotalCalendar allows remote attackers to execute arbitrary PHP code via a URL in the inc_dir parameter. | |||||
| CVE-2005-3342 | 1 Norman Ramsey | 1 Noweb | 2025-04-03 | 1.2 LOW | N/A |
| noweb 2.10c and earlier allows local users to overwrite arbitrary files via symlink attacks on temporary files in (1) lib/toascii.nw and (2) shell/roff.mm. | |||||