Total
29776 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-0198 | 2025-04-03 | 10.0 HIGH | N/A | ||
| finger .@host on some systems may print information on some user accounts. | |||||
| CVE-2004-2574 | 1 Phpgroupware | 1 Phpgroupware | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in phpGroupWare 0.9.14.005 and earlier allows remote attackers to inject arbitrary web script or HTML via the date parameter in a calendar.uicalendar.planner menuaction. | |||||
| CVE-2005-2634 | 1 Winftp Server | 1 Winftp Server | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the Log-SCR function in the "Log to Screen" feature in WinFtp Server 1.6.8 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long request. | |||||
| CVE-2001-1290 | 1 Active Web Suite Technologies | 1 Active Classifieds | 2025-04-03 | 5.0 MEDIUM | N/A |
| admin.cgi in Active Classifieds Free Edition 1.0, and possibly commercial versions, allows remote attackers to modify the configuration, gain privileges, and execute arbitrary Perl code via the table_width parameter. | |||||
| CVE-2001-0247 | 5 Freebsd, Mit, Netbsd and 2 more | 5 Freebsd, Kerberos 5, Netbsd and 2 more | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflows in BSD-based FTP servers allows remote attackers to execute arbitrary commands via a long pattern string containing a {} sequence, as seen in (1) g_opendir, (2) g_lstat, (3) g_stat, and (4) the glob0 buffer as used in the glob functions glob2 and glob3. | |||||
| CVE-2005-4401 | 1 Lutece | 1 Lutece | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Lutece 1.2.3 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters, possibly the query parameter. | |||||
| CVE-2006-3591 | 1 Microsoft | 1 Internet Explorer | 2025-04-03 | 5.0 MEDIUM | N/A |
| Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (application crash) by accessing the URL property of a TriEditDocument.TriEditDocument object before it has been initialized, which triggers a NULL pointer dereference. | |||||
| CVE-2001-1355 | 1 Netwin | 2 Dmail, Surgeftp | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflows in NetWin Authentication Module (NWAuth) 3.0b and earlier, as implemented in DMail, SurgeFTP, and possibly other packages, could allow attackers to execute arbitrary code via long arguments to (1) the -del command or (2) the -lookup command. | |||||
| CVE-2004-0750 | 1 Redhat | 2 Enterprise Linux, Enterprise Linux Desktop | 2025-04-03 | 7.5 HIGH | N/A |
| Unknown vulnerability in redhat-config-nfs before 1.0.13, when shares are exported to multiple hosts, can produce incorrect permissions and prevent the all_squash option from being applied. | |||||
| CVE-2004-2276 | 1 F-secure | 1 F-secure Anti-virus | 2025-04-03 | 2.1 LOW | N/A |
| F-Secure Anti-Virus 5.41 and 5.42 on Windows, Client Security 5.50 and 5.52, 4.60 for Samba Servers, and 4.52 and earlier for Linux does not properly detect certain viruses in a PKZip archive, which allows viruses such as Sober.D and Sober.G to bypass initial detection. | |||||
| CVE-2004-1488 | 1 Gnu | 1 Wget | 2025-04-03 | 5.0 MEDIUM | N/A |
| wget 1.8.x and 1.9.x does not filter or quote control characters when displaying HTTP responses to the terminal, which may allow remote malicious web servers to inject terminal escape sequences and execute arbitrary code. | |||||
| CVE-2005-0212 | 1 Amp | 1 Amp Ii 3d Game Engine | 2025-04-03 | 5.0 MEDIUM | N/A |
| The Amp II engine as used by Gore: Ultimate Soldier 1.50 and earlier allows remote attackers to cause a denial of service (infinite loop) via a zero byte UDP packet. | |||||
| CVE-2005-3672 | 1 Stonesoft | 1 Stonegate Firewall | 2025-04-03 | 5.0 MEDIUM | N/A |
| The Internet Key Exchange version 1 (IKEv1) implementation in Stonesoft StoneGate Firewall before 2.6.1 allows remote attackers to cause a denial of service via certain crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the Stonesoft advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to. | |||||
| CVE-2005-4757 | 1 Bea | 1 Weblogic Server | 2025-04-03 | 7.5 HIGH | N/A |
| BEA WebLogic Server and WebLogic Express 8.1 SP3 and earlier, and 7.0 SP5 and earlier, do not properly "constrain" a "/" (slash) servlet root URL pattern, which might allow remote attackers to bypass intended servlet protections. | |||||
| CVE-2005-4549 | 1 Oracle | 1 Application Server Discussion Forum Portlet | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Oracle Application Server (OracleAS) Discussion Forum Portlet allows remote attackers to inject arbitrary web script or HTML via the (1) RowKeyValue parameter in the PORTAL schema; and the (2) title and (3) content input fields when creating an forum article. | |||||
| CVE-2005-4293 | 1 Kryptronic | 1 Clickcartpro | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in cp-app.cgi in ClickCartPro (CCP) 5.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the affl parameter. | |||||
| CVE-1999-0474 | 1 Mirabilis | 1 Icq | 2025-04-03 | 5.0 MEDIUM | N/A |
| The ICQ Webserver allows remote attackers to use .. to access arbitrary files outside of the user's personal directory. | |||||
| CVE-2002-0498 | 1 Etnus | 1 Totalview | 2025-04-03 | 4.6 MEDIUM | N/A |
| Etnus TotalView 5.0.0-4 installs certain files with UID 5039 and GID 59, which could allow local users with that UID or GID to modify the files and gain privileges as other TotalView users. | |||||
| CVE-2002-0010 | 1 Mozilla | 1 Bugzilla | 2025-04-03 | 7.5 HIGH | N/A |
| Bugzilla before 2.14.1 allows remote attackers to inject arbitrary SQL code and create files or gain privileges via (1) the sql parameter in buglist.cgi, (2) invalid field names from the "boolean chart" query in buglist.cgi, (3) the mybugslink parameter in userprefs.cgi, (4) a malformed bug ID in the buglist parameter in long_list.cgi, and (5) the value parameter in editusers.cgi, which allows groupset privileges to be modified by attackers with blessgroupset privileges. | |||||
| CVE-2001-0220 | 2 Ja-elvis, Ko-helvis | 2 Ja-elvis, Ko-helvis | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in ja-elvis and ko-helvis ports of elvis allow local users to gain root privileges. | |||||