Total
29560 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-0447 | 1 Xerver | 1 Xerver | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Xerver Free Web Server 2.10 and earlier allows remote attackers to list arbitrary directories via a .. (dot dot) in an HTTP GET request. | |||||
| CVE-2003-1108 | 1 Alcatel-lucent | 1 Omnipcx | 2025-04-03 | 5.0 MEDIUM | N/A |
| The Session Initiation Protocol (SIP) implementation in Alcatel OmniPCX Enterprise 5.0 Lx allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted INVITE messages, as demonstrated by the OUSPG PROTOS c07-sip test suite. | |||||
| CVE-2005-2311 | 1 Sms | 1 Sms | 2025-04-03 | 2.1 LOW | N/A |
| SMS 1.9.2m and earlier allows local users to overwrite arbitrary files via a symlink attack on the (1) request1 or (2) request2 temporary files. | |||||
| CVE-2006-4788 | 1 Telekorn | 1 Signkorn Guestbook | 2025-04-03 | 5.1 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in includes/log.inc.php in Telekorn SignKorn Guestbook (SL) 1.3 and earlier, when register_globals is enabled and _SESSION[permission] parameter is set to "yes", allows remote attackers to execute arbitrary PHP code via a URL in the dir_path parameter. | |||||
| CVE-2002-0214 | 1 Intel | 1 Intel Pro Wireless 2011b Lan Usb Device Driver | 2025-04-03 | 2.1 LOW | N/A |
| Compaq Intel PRO/Wireless 2011B LAN USB Device Driver 1.5.16.0 through 1.5.18.0 stores the 128-bit WEP (Wired Equivalent Privacy) key in plaintext in a registry key with weak permissions, which allows local users to decrypt network traffic by reading the WEP key from the registry key. | |||||
| CVE-2005-0198 | 1 University Of Washington | 1 Uw-imap | 2025-04-03 | 7.5 HIGH | N/A |
| A logic error in the CRAM-MD5 code for the University of Washington IMAP (UW-IMAP) server, when Challenge-Response Authentication Mechanism with MD5 (CRAM-MD5) is enabled, does not properly enforce all the required conditions for successful authentication, which allows remote attackers to authenticate as arbitrary users. | |||||
| CVE-2004-0115 | 1 Microsoft | 1 Virtual Pc | 2025-04-03 | 4.6 MEDIUM | N/A |
| VirtualPC_Services in Microsoft Virtual PC for Mac 6.0 through 6.1 allows local attackers to truncate and overwrite arbitrary files, and execute arbitrary code, via a symlink attack on the VPCServices_Log temporary file. | |||||
| CVE-2001-0241 | 1 Microsoft | 1 Windows 2000 | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in Internet Printing ISAPI extension in Windows 2000 allows remote attackers to gain root privileges via a long print request that is passed to the extension through IIS 5.0. | |||||
| CVE-2004-0629 | 1 Adobe | 2 Acrobat, Acrobat Reader | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the ActiveX component (pdf.ocx) for Adobe Acrobat 5.0.5 and Acrobat Reader, and possibly other versions, allows remote attackers to execute arbitrary code via a URI for a PDF file with a null terminator (%00) followed by a long string. | |||||
| CVE-1999-0022 | 6 Bsdi, Freebsd, Hp and 3 more | 7 Bsd Os, Freebsd, Hp-ux and 4 more | 2025-04-03 | 7.2 HIGH | 7.8 HIGH |
| Local user gains root privileges via buffer overflow in rdist, via expstr() function. | |||||
| CVE-2005-3577 | 1 Walla Telesite | 1 Walla Telesite | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting vulnerability (XSS) in ts.exe (aka ts.cgi) in Walla TeleSite 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the sug parameter. | |||||
| CVE-2003-0965 | 1 Gnu | 1 Mailman | 2025-04-03 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the admin CGI script for Mailman before 2.1.4 allows remote attackers to steal session cookies and conduct unauthorized activities. | |||||
| CVE-2005-3443 | 1 Oracle | 1 Database Server | 2025-04-03 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the Spatial component in Oracle Database Server from 9i up to 10.1.0.3 has unknown impact and attack vectors, aka Oracle Vuln# DB17. | |||||
| CVE-1999-0812 | 1 Samba | 1 Samba | 2025-04-03 | 7.6 HIGH | N/A |
| Race condition in Samba smbmnt allows local users to mount file systems in arbitrary locations. | |||||
| CVE-2001-0699 | 1 Sun | 1 Sunos | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in cb_reset in the System Service Processor (SSP) package of SunOS 5.8 allows a local user to execute arbitrary code via a long argument. | |||||
| CVE-2001-0569 | 1 Zope | 1 Zope | 2025-04-03 | 2.1 LOW | N/A |
| Digital Creations Zope 2.3.1 b1 and earlier contains a problem in the method return values related to the classes (1) ObjectManager, (2) PropertyManager, and (3) PropertySheet. | |||||
| CVE-2005-4065 | 1 Edgewall Software | 1 Trac | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the search module in Edgewall Trac before 0.9.2 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | |||||
| CVE-2002-1320 | 1 University Of Washington | 1 Pine | 2025-04-03 | 5.0 MEDIUM | N/A |
| Pine 4.44 and earlier allows remote attackers to cause a denial of service (core dump and failed restart) via an email message with a From header that contains a large number of quotation marks ("). | |||||
| CVE-2004-1668 | 1 Easyweb | 1 Factory Subjects Module | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in index.php in Subjects 2.0 Postnuke module allow remote attackers to execute arbitrary SQL commands via the (1) pageid, (2) subid, or (3) catid parameters. | |||||
| CVE-2003-1322 | 1 Atrium Software | 1 Mercur Mailserver | 2025-04-03 | 10.0 HIGH | N/A |
| Multiple stack-based buffer overflows in Atrium MERCUR IMAPD in MERCUR Mailserver before 4.2.15.0 allow remote attackers to execute arbitrary code via a long (1) EXAMINE, (2) DELETE, (3) SUBSCRIBE, (4) RENAME, (5) UNSUBSCRIBE, (6) LIST, (7) LSUB, (8) STATUS, (9) LOGIN, (10) CREATE, or (11) SELECT command. | |||||