Total
29568 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-0616 | 1 Bt | 1 Voyager 2000 Wireless Adsl Router | 2025-04-03 | 5.0 MEDIUM | N/A |
| The BT Voyager 2000 Wireless ADSL Router has a default public SNMP community name, which allows remote attackers to obtain sensitive information such as the password, which is stored in plaintext. | |||||
| CVE-2001-0993 | 1 Netbsd | 1 Netbsd | 2025-04-03 | 2.1 LOW | N/A |
| sendmsg function in NetBSD 1.3 through 1.5 allows local users to cause a denial of service (kernel trap or panic) via a msghdr structure with a large msg_controllen length. | |||||
| CVE-2004-1128 | 1 Youngzsoft | 1 Cmailserver | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in CMailCOM.dll in CMailServer 5.2 allows remote attackers to execute arbitrary code via an attachment with a long filename. | |||||
| CVE-2002-0688 | 1 Zope | 1 Zope | 2025-04-03 | 7.5 HIGH | N/A |
| ZCatalog plug-in index support capability for Zope 2.4.0 through 2.5.1 allows anonymous users and untrusted code to bypass access restrictions and call arbitrary methods of catalog indexes. | |||||
| CVE-2001-0859 | 1 Redhat | 1 Linux | 2025-04-03 | 5.0 MEDIUM | N/A |
| 2.4.3-12 kernel in Red Hat Linux 7.1 Korean installation program sets the setting default umask for init to 000, which installs files with world-writeable permissions. | |||||
| CVE-2001-1366 | 1 Netscript Project | 1 Netscript | 2025-04-03 | 5.0 MEDIUM | N/A |
| netscript before 1.6.3 parses dynamic variables, which could allow remote attackers to alter program behavior or obtain sensitive information. | |||||
| CVE-2004-0684 | 1 Ibm | 2 Websphere Caching Proxy Server, Websphere Edge Server Caching Proxy | 2025-04-03 | 5.0 MEDIUM | N/A |
| WebSphere Edge Component Caching Proxy in WebSphere Edge Server 5.02, with the JunctionRewrite directive enabled, allows remote attackers to cause a denial of service via an HTTP GET request without any parameters. | |||||
| CVE-2006-4213 | 1 David Kent Norman | 1 Thatware | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in config.php in David Kent Norman Thatware 0.4.6 and possibly earlier allows remote attackers to execute arbitrary PHP code via a URL in the root_path parameter. | |||||
| CVE-2000-0625 | 1 Netzero | 1 Zeroport | 2025-04-03 | 4.6 MEDIUM | N/A |
| NetZero 3.0 and earlier uses weak encryption for storing a user's login information, which allows a local user to decrypt the password. | |||||
| CVE-2005-4297 | 1 Bbboard | 1 Bbboard | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in bbBoard 2.56 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters, possibly via the "keys" parameter. | |||||
| CVE-1999-1020 | 1 Novell | 1 Netware | 2025-04-03 | 7.5 HIGH | N/A |
| The installation of Novell Netware NDS 5.99 provides an unauthenticated client with Read access for the tree, which allows remote attackers to access sensitive information such as users, groups, and readable objects via CX.EXE and NLIST.EXE. | |||||
| CVE-2000-0803 | 1 Gnu | 1 Groff | 2025-04-03 | 10.0 HIGH | N/A |
| GNU Groff uses the current working directory to find a device description file, which allows a local user to gain additional privileges by including a malicious postpro directive in the description file, which is executed when another user runs groff. | |||||
| CVE-2003-1095 | 1 Bea | 1 Weblogic Server | 2025-04-03 | 4.6 MEDIUM | N/A |
| BEA WebLogic Server and Express 7.0 and 7.0.0.1, when using "memory" session persistence for web applications, does not clear authentication information when a web application is redeployed, which could allow users of that application to gain access without having to re-authenticate. | |||||
| CVE-2000-1167 | 1 Freebsd | 1 Freebsd | 2025-04-03 | 7.5 HIGH | N/A |
| ppp utility in FreeBSD 4.1.1 and earlier does not properly restrict access as specified by the "nat deny_incoming" command, which allows remote attackers to connect to the target system. | |||||
| CVE-2006-0731 | 1 Sap | 1 Business Connector | 2025-04-03 | 4.0 MEDIUM | N/A |
| WmRoot/adapter-index.dsp in SAP Business Connector Core Fix 7 and earlier allows remote attackers to conduct spoofing (phishing) attacks via an absolute URL in the url parameter, which loads the URL inside a frame. | |||||
| CVE-2000-0945 | 1 Cisco | 1 Catalyst 3500 Xl | 2025-04-03 | 10.0 HIGH | N/A |
| The web configuration interface for Catalyst 3500 XL switches allows remote attackers to execute arbitrary commands without authentication when the enable password is not set, via a URL containing the /exec/ directory. | |||||
| CVE-2005-0598 | 1 Cisco | 10 Application And Content Networking Software, Content Delivery Manager, Content Distribution Manager 4630 and 7 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| The RealServer RealSubscriber on Cisco devices running Application and Content Networking System (ACNS) 5.1 allow remote attackers to cause a denial of service (CPU consumption) via malformed packets. | |||||
| CVE-2005-0786 | 1 Simpgb | 1 Simpgb | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in gb_new.inc in SimpGB allows remote attackers to execute arbitrary SQL commands via the quote parameter to guestbook.php. | |||||
| CVE-2002-0794 | 1 Freebsd | 1 Freebsd | 2025-04-03 | 5.0 MEDIUM | N/A |
| The accept_filter mechanism in FreeBSD 4 through 4.5 does not properly remove entries from the incomplete listen queue when adding a syncache, which allows remote attackers to cause a denial of service (network service availability) via a large number of connection attempts, which fills the queue. | |||||
| CVE-2003-0207 | 1 Gs-common | 1 Gs-common | 2025-04-03 | 2.1 LOW | N/A |
| ps2epsi creates insecure temporary files when calling ghostscript, which allows local attackers to overwrite arbitrary files. | |||||