Total
29560 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-0564 | 2025-04-03 | 10.0 HIGH | N/A | ||
| An attacker can force a printer to print arbitrary documents (e.g. if the printer doesn't require a password) or to become disabled. | |||||
| CVE-2004-1418 | 1 Wirtualna Polska | 1 Wpkontakt | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in WPKontakt 3.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via an e-mail address, which is not quoted when a parsing error is generated. | |||||
| CVE-1999-0311 | 1 Hp | 1 Hp-ux | 2025-04-03 | 7.2 HIGH | N/A |
| fpkg2swpk in HP-UX allows local users to gain root access. | |||||
| CVE-2005-3702 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Safari in Mac OS X and OS X Server 10.3.9 and 10.4.3 allows remote attackers to cause files to be downloaded to locations outside the download directory via a long file name. | |||||
| CVE-2004-1774 | 1 Oracle | 2 Application Server, Oracle10g | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in the SDO_CODE_SIZE procedure of the MD2 package (MDSYS.MD2.SDO_CODE_SIZE) in Oracle 10g before 10.1.0.2 Patch 2 allows local users to execute arbitrary code via a long LAYER parameter. | |||||
| CVE-2000-1001 | 1 Element N.v | 1 Element Instantshop | 2025-04-03 | 7.5 HIGH | N/A |
| add_2_basket.asp in Element InstantShop allows remote attackers to modify price information via the "price" hidden form variable. | |||||
| CVE-2005-4023 | 1 Gallery Project | 1 Gallery | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the zipcart module in Gallery 2.0 before 2.0.2 allows remote attackers to read arbitrary files via unknown vectors. | |||||
| CVE-2005-3020 | 1 Jelsoft | 1 Vbulletin | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in vBulletin before 3.0.9 allow remote attackers to inject arbitrary web script or HTML via the (1) group parameter to css.php, (2) redirect parameter to index.php, (3) email parameter to user.php, (4) goto parameter to language.php, (5) orderby parameter to modlog.php, and the (6) hex, (7) rgb, or (8) expandset parameter to template.php. | |||||
| CVE-1999-1586 | 1 Sun | 1 Sunos | 2025-04-03 | 7.2 HIGH | N/A |
| loadmodule in SunOS 4.1.x, as used by xnews, does not properly sanitize its environment, which allows local users to gain privileges, a different vulnerability than CVE-1999-1584. | |||||
| CVE-2005-0931 | 1 Jimmy | 1 The Includer | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in The Includer 1.0 and 1.1 allows remote attackers to execute arbitrary PHP code. | |||||
| CVE-2003-0430 | 1 Ethereal Group | 1 Ethereal | 2025-04-03 | 5.0 MEDIUM | N/A |
| The SPNEGO dissector in Ethereal 0.9.12 and earlier allows remote attackers to cause a denial of service (crash) via an invalid ASN.1 value. | |||||
| CVE-2002-1923 | 1 Oracle | 1 Mysql | 2025-04-03 | 7.5 HIGH | N/A |
| The default configuration in MySQL 3.20.32 through 3.23.52, when running on Windows, does not have logging enabled, which could allow remote attackers to conduct activities without detection. | |||||
| CVE-2006-1564 | 1 Debian | 1 Debian Linux | 2025-04-03 | 4.6 MEDIUM | N/A |
| Untrusted search path vulnerability in libapache2-svn 1.3.0-4 for Subversion in Debian GNU/Linux includes RPATH values under the /tmp/svn directory for the (1) mod_authz_svn.so and (2) mod_dav_svn.so modules, which might allow local users to gain privileges by installing malicious libraries in that directory. | |||||
| CVE-1999-0201 | 1 Ftp | 1 Ftp | 2025-04-03 | 6.4 MEDIUM | N/A |
| A quote cwd command on FTP servers can reveal the full path of the home directory of the "ftp" user. | |||||
| CVE-2004-2222 | 1 Fsphpgallery | 1 Fsphpgallery | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in FsPHPGallery before 1.2 allows remote attackers to list arbitrary directories via the dir parameter. | |||||
| CVE-2004-2561 | 1 Internet Sofware Sciences | 1 Web\+center | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Internet Software Sciences Web+Center 4.0.1 allow remote attackers to execute arbitrary SQL commands via (1) the ISS_TECH_CENTER_LOGIN cookie in search.asp and (2) one or more cookies in DoCustomerOptions.asp. | |||||
| CVE-2000-0766 | 1 Vqsoft | 1 Vqserver | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in vqSoft vqServer 1.4.49 allows remote attackers to cause a denial of service or possibly gain privileges via a long HTTP GET request. | |||||
| CVE-2004-2444 | 1 Jaws | 1 Jaws | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Jaws 0.3 allows remote attackers to inject arbitrary web script or HTML via the action parameter. | |||||
| CVE-2005-1254 | 1 Ipswitch | 1 Imail | 2025-04-03 | 5.0 MEDIUM | N/A |
| Stack-based buffer overflow in the IMAP server for Ipswitch IMail 8.12 and 8.13, and other versions before IMail Server 8.2 Hotfix 2, allows remote authenticated users to cause a denial of service (crash) via a SELECT command with a large argument. | |||||
| CVE-2005-3169 | 1 Microsoft | 1 Windows 2000 | 2025-04-03 | 5.0 MEDIUM | N/A |
| Microsoft Windows 2000 before Update Rollup 1 for SP4, when the "audit directory service access" policy is enabled, does not record a 565 event message for File Delete Child operations on an Active Directory object in the security event log, which could allow attackers to conduct unauthorized activities without detection. | |||||