Total
29477 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-2222 | 1 Fsphpgallery | 1 Fsphpgallery | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in FsPHPGallery before 1.2 allows remote attackers to list arbitrary directories via the dir parameter. | |||||
| CVE-2004-2561 | 1 Internet Sofware Sciences | 1 Web\+center | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Internet Software Sciences Web+Center 4.0.1 allow remote attackers to execute arbitrary SQL commands via (1) the ISS_TECH_CENTER_LOGIN cookie in search.asp and (2) one or more cookies in DoCustomerOptions.asp. | |||||
| CVE-2000-0766 | 1 Vqsoft | 1 Vqserver | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in vqSoft vqServer 1.4.49 allows remote attackers to cause a denial of service or possibly gain privileges via a long HTTP GET request. | |||||
| CVE-2004-2444 | 1 Jaws | 1 Jaws | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Jaws 0.3 allows remote attackers to inject arbitrary web script or HTML via the action parameter. | |||||
| CVE-2005-1254 | 1 Ipswitch | 1 Imail | 2025-04-03 | 5.0 MEDIUM | N/A |
| Stack-based buffer overflow in the IMAP server for Ipswitch IMail 8.12 and 8.13, and other versions before IMail Server 8.2 Hotfix 2, allows remote authenticated users to cause a denial of service (crash) via a SELECT command with a large argument. | |||||
| CVE-2005-3169 | 1 Microsoft | 1 Windows 2000 | 2025-04-03 | 5.0 MEDIUM | N/A |
| Microsoft Windows 2000 before Update Rollup 1 for SP4, when the "audit directory service access" policy is enabled, does not record a 565 event message for File Delete Child operations on an Active Directory object in the security event log, which could allow attackers to conduct unauthorized activities without detection. | |||||
| CVE-2001-0114 | 1 Omnicron | 1 Omnihttpd | 2025-04-03 | 5.0 MEDIUM | N/A |
| statsconfig.pl in OmniHTTPd 2.07 allows remote attackers to overwrite arbitrary files via the cgidir parameter. | |||||
| CVE-1999-0636 | 2025-04-03 | 10.0 HIGH | N/A | ||
| The discard service is running. | |||||
| CVE-2005-1059 | 1 Linksys | 1 Wet11 | 2025-04-03 | 2.1 LOW | N/A |
| Linksys WET11 1.5.4 allows remote attackers to change the password without providing the original password via the data parameter to changepw.html. | |||||
| CVE-2005-3980 | 1 Edgewall Software | 1 Trac | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the ticket query module in Edgewall Trac 0.9 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the group parameter. | |||||
| CVE-2006-2474 | 1 Cosmoshop | 1 Cosmoshop | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in lshop.cgi in Cosmoshop 8.11.106 and earlier allows remote attackers to execute arbitrary SQL commands via the artnum parameter. | |||||
| CVE-2001-0749 | 1 Beck Ipc Gmbh | 1 Ipc At Chip Embedded-webserver | 2025-04-03 | 7.5 HIGH | N/A |
| Beck IPC GmbH IPC@CHIP Embedded-Webserver allows remote attackers to read arbitrary files via a webserver root directory set to system root. | |||||
| CVE-2006-0229 | 1 Wehnus | 1 Wehntrust | 2025-04-03 | 2.1 LOW | N/A |
| Unquoted Windows search path vulnerability in Wehntrust might allow local users to gain privileges via a malicious "program.exe" file in the C: folder, which is run when Wehntrust creates the autostart key. | |||||
| CVE-2005-2263 | 1 Mozilla | 2 Firefox, Mozilla | 2025-04-03 | 5.0 MEDIUM | N/A |
| The InstallTrigger.install method in Firefox before 1.0.5 and Mozilla before 1.7.9 allows remote attackers to execute a callback function in the context of another domain by forcing a page navigation after the install method has been called, which causes the callback to be run in the context of the new page and results in a same origin violation. | |||||
| CVE-2006-3419 | 1 Tor | 1 Tor | 2025-04-03 | 5.0 MEDIUM | N/A |
| Tor before 0.1.1.20 uses OpenSSL pseudo-random bytes (RAND_pseudo_bytes) instead of cryptographically strong RAND_bytes, and seeds the entropy value at start-up with 160-bit chunks without reseeding, which makes it easier for attackers to conduct brute force guessing attacks. | |||||
| CVE-2002-1319 | 2 Linux, Trustix | 2 Linux Kernel, Secure Linux | 2025-04-03 | 2.1 LOW | N/A |
| The Linux kernel 2.4.20 and earlier, and 2.5.x, when running on x86 systems, allows local users to cause a denial of service (hang) via the emulation mode, which does not properly clear TF and NT EFLAGs. | |||||
| CVE-2005-1714 | 1 Netwin | 1 Surgemail | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in NetWin SurgeMail 3.0c2 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | |||||
| CVE-2005-3156 | 1 Easyguppy | 1 Easyguppy | 2025-04-03 | 4.3 MEDIUM | N/A |
| Directory traversal vulnerability in printfaq.php in EasyGuppy (Guppy for Windows) 4.5.4 and 4.5.5 allows remote attackers to read arbitrary files via ".." sequences in the pg parameter, which is cleansed for XSS but not directory traversal. | |||||
| CVE-2001-0790 | 1 Specter | 1 Specter Ids | 2025-04-03 | 5.0 MEDIUM | N/A |
| Specter IDS version 4.5 and 5.0 allows a remote attacker to cause a denial of service (CPU exhaustion) via a port scan, which causes the server to consume CPU while preparing alerts. | |||||
| CVE-2003-0649 | 1 Xpcd | 1 Xpcd | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in xpcd-svga for xpcd 2.08 and earlier allows local users to execute arbitrary code via a long HOME environment variable. | |||||