Total
29561 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-2062 | 1 Antiboard | 1 Antiboard | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in antiboard.php in AntiBoard 0.7.2 and earlier allows remote attackers to execute arbitrary SQL via the (1) thread_id, (2) parent_id, or (3) mode parameters. | |||||
| CVE-2006-2853 | 1 Abarcar | 1 Abarcar Realty Portal | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in content.php in abarcar Realty Portal 5.1.5 allows remote attackers to execute arbitrary SQL commands via the cat parameter. | |||||
| CVE-1999-0186 | 1 Sun | 1 Solaris | 2025-04-03 | 10.0 HIGH | N/A |
| In Solaris, an SNMP subagent has a default community string that allows remote attackers to execute arbitrary commands as root, or modify system parameters. | |||||
| CVE-2006-2145 | 1 Harold Bakker | 1 Hb-ns | 2025-04-03 | 6.4 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in index.php in HB-NS 1.1.6 allow remote attackers to execute arbitrary SQL commands via the (1) topic or (2) id parameter. | |||||
| CVE-2006-2522 | 1 Dayfox Designs | 1 Dayfox Blog | 2025-04-03 | 7.5 HIGH | N/A |
| Dayfox Blog 2.0 and earlier stores user credentials in edit/slog_users.txt under the web document root with insufficient access control, which allows remote attackers to gain privileges. | |||||
| CVE-2003-0133 | 1 Gnome | 1 Gtkhtml | 2025-04-03 | 5.0 MEDIUM | N/A |
| GtkHTML, as included in Evolution before 1.2.4, allows remote attackers to cause a denial of service (crash) via certain malformed messages. | |||||
| CVE-2004-0623 | 1 Gnu | 1 Gnats | 2025-04-03 | 10.0 HIGH | N/A |
| Format string vulnerability in misc.c in GNU GNATS 4.00 may allow remote attackers to execute arbitrary code via format string specifiers in a string that gets logged by syslog. | |||||
| CVE-2001-1210 | 1 Cisco | 3 Ubr920, Ubr924, Ubr925 | 2025-04-03 | 6.4 MEDIUM | N/A |
| Cisco ubr900 series routers that conform to the Data-over-Cable Service Interface Specifications (DOCSIS) standard must ship without SNMP access restrictions, which can allow remote attackers to read and write information to the MIB using arbitrary community strings. | |||||
| CVE-2006-3055 | 1 Vbzoom | 1 Vbzoom | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in VBZooM 1.02 allow remote attackers to execute arbitrary SQL commands via the (1) QuranID, (2) ShowByQuranID, or (3) Action parameters to meaning.php. | |||||
| CVE-2006-4200 | 1 Soft3304 | 1 04webserver | 2025-04-03 | 7.5 HIGH | N/A |
| Unspecified vulnerability in 04WebServer 1.83 and earlier allows remote attackers to bypass user authentication via unspecified vectors related to request processing. | |||||
| CVE-2002-0317 | 1 Gator | 1 Gator | 2025-04-03 | 7.5 HIGH | N/A |
| Gator ActiveX component (IEGator.dll) 3.0.6.1 allows remote web sites to install arbitrary software by specifying a Trojan Gator installation file (setup.ex_) in the src parameter. | |||||
| CVE-2005-4133 | 1 Sun | 1 Solaris | 2025-04-03 | 2.1 LOW | N/A |
| Sun Update Connection in Sun Solaris 10, when configured to use a web proxy, allows local users to obtain the proxy authentication password via (1) an unspecified vector and (2) proxy log files. | |||||
| CVE-2004-1833 | 1 Borland Software | 1 Interbase | 2025-04-03 | 7.5 HIGH | N/A |
| The admin.ib file in Borland Interbase 7.1 for Linux has default world writable permissions, which allows local users to gain database administrative privileges. | |||||
| CVE-2005-2669 | 2 Broadcom, Ca | 28 Advantage Data Transport, Adviseit, Brightstor Portal and 25 more | 2025-04-03 | 10.0 HIGH | N/A |
| Computer Associates (CA) Message Queuing (CAM / CAFT) 1.05, 1.07 before Build 220_13, and 1.11 before Build 29_13 allows remote attackers to execute arbitrary commands via spoofed CAFT packets. | |||||
| CVE-2001-0922 | 1 Sun | 1 Netdynamics | 2025-04-03 | 7.5 HIGH | N/A |
| ndcgi.exe in Netdynamics 4.x through 5.x, and possibly earlier versions, allows remote attackers to steal session IDs and hijack user sessions by reading the SPIDERSESSION and uniqueValue variables from the login field, then using those variables after the next user logs in. | |||||
| CVE-2006-4893 | 1 Phpbb Xs | 1 Phpbb Xs | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in bb_usage_stats/includes/bb_usage_stats.php in phpBB XS 0.58 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter, a different vector than CVE-2006-4780. | |||||
| CVE-2002-0233 | 1 Eshare Communications Inc. | 1 Eshare Expressions | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in eshare Expressions 4 Web server allows remote attackers to read arbitrary files via a .. (dot dot) in an HTTP request. | |||||
| CVE-2003-0433 | 1 Gnocatan-develop | 1 Gnocatan | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple buffer overflows in gnocatan 0.6.1 and earlier allow attackers to execute arbitrary code. | |||||
| CVE-1999-0691 | 4 Cde, Digital, Ibm and 1 more | 5 Cde, Unix, Aix and 2 more | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in the AddSuLog function of the CDE dtaction utility allows local users to gain root privileges via a long user name. | |||||
| CVE-2001-1260 | 1 Avaya | 1 Argent Office | 2025-04-03 | 10.0 HIGH | N/A |
| Avaya Argent Office uses weak encryption (trivial encoding) for passwords, which allows remote attackers to gain administrator privileges by sniffing and decrypting the sniffing the passwords during a system reboot. | |||||