Total
29561 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-2444 | 1 Cerulean Studios | 1 Trillian Pro | 2025-04-03 | 2.1 LOW | N/A |
| Trillian Pro 3.1 build 121, when checking Yahoo e-mail, stores the password in plaintext in a world readable file and does not delete the file after login, which allows local users to obtain sensitive information. | |||||
| CVE-2006-2814 | 1 Ishopcart | 1 Ishopcart | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple buffer overflows in the (1) vGetPost and (2) main functions in easy-scart.c through easy-scart6.c in iShopCart allow remote attackers to execute arbitrary code by sending a large amount of data containing "Submit" in an sslinvoice action, and allow remote attackers to have an unknown impact via a large amount of posted data. | |||||
| CVE-2004-1959 | 1 Protector System | 1 Protector System | 2025-04-03 | 5.0 MEDIUM | N/A |
| blocker_query.php in Protector System 1.15b1 for PHP-Nuke allows remote attackers to gain sensitive information via a string in the portNum parameter, which reveals the full path in an error message. | |||||
| CVE-2002-1195 | 1 Gabriele Bartolini | 1 Ht Check | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting vulnerability (XSS) in the PHP interface for ht://Check 1.1 allows remote web servers to insert arbitrary HTML, including script, via a web page. | |||||
| CVE-2005-1255 | 1 Ipswitch | 3 Imail, Imail Server, Ipswitch Collaboration Suite | 2025-04-03 | 10.0 HIGH | N/A |
| Multiple stack-based buffer overflows in the IMAP server in IMail 8.12 and 8.13 in Ipswitch Collaboration Suite (ICS), and other versions before IMail Server 8.2 Hotfix 2, allow remote attackers to execute arbitrary code via a LOGIN command with (1) a long username argument or (2) a long username argument that begins with a special character. | |||||
| CVE-2005-3078 | 1 Punbb | 1 Punbb | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in PunBB before 1.2.8 allows remote attackers to inject arbitrary web script or HTML via the "forgotten e-mail" feature. | |||||
| CVE-2006-2038 | 1 Amplecom | 1 Ampleshop | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in ampleShop 2.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) RecordID parameter in (a) Customeraddresses_RecordAction.cfm and (b) youraccount.cfm; (2) solus parameter in (c) detail.cfm; and (3) cat parameter in (d) category.cfm. | |||||
| CVE-2006-3492 | 1 Mico | 1 Mico | 2025-04-03 | 5.0 MEDIUM | N/A |
| The CORBA::ORBInvokeRec::set_answer_invoke function in orb.cc in MICO (Mico Is CORBA) 2.3.12 and earlier allows remote attackers to cause a denial of service (application crash) via a message with an incorrect "object key", which triggers an assert error. | |||||
| CVE-2001-1382 | 1 Openbsd | 1 Openssh | 2025-04-03 | 5.0 MEDIUM | N/A |
| The "echo simulation" traffic analysis countermeasure in OpenSSH before 2.9.9p2 sends an additional echo packet after the password and carriage return is entered, which could allow remote attackers to determine that the countermeasure is being used. | |||||
| CVE-2005-0586 | 1 Mozilla | 2 Firefox, Mozilla | 2025-04-03 | 2.6 LOW | N/A |
| Firefox before 1.0.1 and Mozilla before 1.7.6 allows remote malicious web sites to spoof the extensions of files to download via the Content-Disposition header, which could be used to trick users into downloading dangerous content. | |||||
| CVE-2002-1247 | 2 Kde, Lisa | 3 Kde, Klisa, Lisa | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in LISa allows local users to gain access to a raw socket via a long LOGNAME environment variable for the resLISa daemon. | |||||
| CVE-2004-1534 | 1 Zonelabs | 1 Zonealarm | 2025-04-03 | 5.0 MEDIUM | N/A |
| ZoneAlarm and ZoneAlarm Pro before 5.5.062, with ad-blocking enabled, allows remote web sites to cause a denial of service (application instability or system hang) via certain JavaScript. | |||||
| CVE-2001-0716 | 1 Citrix | 1 Metaframe | 2025-04-03 | 5.0 MEDIUM | N/A |
| Citrix MetaFrame 1.8 Server with Service Pack 3, and XP Server Service Pack 1 and earlier, allows remote attackers to cause a denial of service (crash) via a large number of incomplete connections to the server. | |||||
| CVE-2006-3684 | 1 Softcomplex | 1 Php Event Calendar | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in calendar.php in SoftComplex PHP Event Calendar 1.4 allows remote attackers to execute arbitrary PHP code via a URL in the path_to_calendar parameter, which overwrites the $path_to_calendar variable from an extract function call. | |||||
| CVE-2001-0943 | 1 Oracle | 1 Database Server | 2025-04-03 | 7.2 HIGH | N/A |
| dbsnmp in Oracle 8.0.5 and 8.1.5, under certain conditions, trusts the PATH environment variable to find and execute the (1) chown or (2) chgrp commands, which allows local users to execute arbitrary code by modifying the PATH to point to Trojan Horse programs. | |||||
| CVE-2004-0459 | 1 Ieee | 1 802.11 Wireless Protocol | 2025-04-03 | 5.0 MEDIUM | N/A |
| The Clear Channel Assessment (CCA) algorithm in the IEEE 802.11 wireless protocol, when using DSSS transmission encoding, allows remote attackers to cause a denial of service via a certain RF signal that causes a channel to appear busy (aka "jabber"), which prevents devices from transmitting data. | |||||
| CVE-1999-1208 | 1 Ibm | 1 Aix | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in ping in AIX 4.2 and earlier allows local users to gain root privileges via a long command line argument. | |||||
| CVE-2002-1606 | 1 Hp | 2 Hp-ux, Tru64 | 2025-04-03 | 4.6 MEDIUM | N/A |
| Multiple buffer overflows in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allow local users to gain privileges via (1) lpc, (2) lpd, (3) lpq, (4) lpr, or (5) lprm. | |||||
| CVE-2003-0697 | 1 Ibm | 1 Aix | 2025-04-03 | 7.2 HIGH | N/A |
| Format string vulnerability in lpd in the bos.rte.printers fileset for AIX 4.3 through 5.2, with debug enabled, allows local users to cause a denial of service (crash) or gain root privileges. | |||||
| CVE-2003-1089 | 1 Phpoutsourcing | 1 Zorum | 2025-04-03 | 5.0 MEDIUM | N/A |
| index.php for Zorum 3.4 allows remote attackers to determine the full path of the web root via invalid parameter names, which reveals the path in a PHP error message. | |||||