Total
29834 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-0938 | 1 Sap | 1 Sap Db | 2025-04-03 | 7.2 HIGH | N/A |
| vos24u.c in SAP database server (SAP DB) 7.4.03.27 and earlier allows local users to gain SYSTEM privileges via a malicious "NETAPI32.DLL" in the current working directory, which is found and loaded by SAP DB before the real DLL, as demonstrated using the SQLAT stored procedure. | |||||
| CVE-2006-1234 | 1 Dsportal | 1 Dscounter | 2025-04-03 | 5.1 MEDIUM | N/A |
| SQL injection vulnerability in index.php in DSCounter 1.2, with magic_quotes_gpc disabled, allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For field (HTTP_X_FORWARDED_FOR environment variable) in an HTTP header. | |||||
| CVE-2000-1021 | 1 Alt-n | 1 Mdaemon | 2025-04-03 | 7.5 HIGH | N/A |
| Heap overflow in WebConfig in Mdaemon 3.1.1 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long URL. | |||||
| CVE-2002-0335 | 1 Galacticomm Technologies | 2 Worldgroup, Worldgroup Lite Personal Server | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in Galacticomm Worldgroup web server 3.20 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long HTTP GET request. | |||||
| CVE-2005-0301 | 1 Comersus Open Technologies | 1 Comersus Backoffice Lite | 2025-04-03 | 7.5 HIGH | N/A |
| comersus_backoffice_install10.asp in BackOffice Lite 6.0 and 6.01 allows remote attackers to bypass authentication and gain privileges via a direct request to the program. | |||||
| CVE-2001-0584 | 1 Alt-n | 1 Mdaemon | 2025-04-03 | 2.1 LOW | N/A |
| IMAP server in Alt-N Technologies MDaemon 3.5.6 allows a local user to cause a denial of service (hang) via long (1) SELECT or (2) EXAMINE commands. | |||||
| CVE-2005-0161 | 1 E-merge | 1 Unace | 2025-04-03 | 2.1 LOW | N/A |
| Multiple directory traversal vulnerabilities in unace 1.2b allow attackers to overwrite arbitrary files via an ACE archive containing (1) ../ sequences or (2) absolute pathnames. | |||||
| CVE-2000-1125 | 1 Redhat | 1 Linux | 2025-04-03 | 7.2 HIGH | N/A |
| restore 0.4b15 and earlier in Red Hat Linux 6.2 trusts the pathname specified by the RSH environmental variable, which allows local users to obtain root privileges by modifying the RSH variable to point to a Trojan horse program. | |||||
| CVE-2005-3226 | 1 Arcavir | 1 Arcavir Antivirus | 2025-04-03 | 5.1 MEDIUM | N/A |
| Multiple interpretation error in unspecified versions of ArcaVir Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper. | |||||
| CVE-2001-1292 | 1 Sambar | 1 Sambar Server | 2025-04-03 | 7.5 HIGH | N/A |
| Sambar Telnet Proxy/Server allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long password. | |||||
| CVE-2003-1193 | 1 Oracle | 2 Application Server Portal, Oracle9i | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in the Portal DB (1) List of Values (LOVs), (2) Forms, (3) Hierarchy, and (4) XML components packages in Oracle Oracle9i Application Server 9.0.2.00 through 3.0.9.8.5 allow remote attackers to execute arbitrary SQL commands via the URL. | |||||
| CVE-2005-0648 | 1 Pixel-apes Group | 1 Safehtml | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple vulnerabilities in Pixel-Apes SafeHTML before 1.3.0 allow remote attackers to bypass cross-site scripting (XSS) protection via (1) "decimal HTML entities" or (2) "the \x00 symbol." | |||||
| CVE-2005-3043 | 1 Mall23 | 1 Mall23 | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in AddItem.asp in Mall23 eCommerce allows remote attackers to execute arbitrary SQL commands via the idOption_Dropdown_2 parameter. | |||||
| CVE-2005-4292 | 1 Internet Express Products | 1 Commercesql | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in CommerceSQL 1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search module parameters, possibly the keywords parameter in the Quick Find feature. | |||||
| CVE-2006-0126 | 1 Rxvt-unicode | 1 Rxvt-unicode | 2025-04-03 | 4.6 MEDIUM | N/A |
| rxvt-unicode before 6.3, on certain platforms that use openpty and non-Unix pty devices such as Linux and most BSD platforms, does not maintain the intended permissions of tty devices, which allows local users to gain read and write access to the devices. | |||||
| CVE-2006-4634 | 1 Vbzoom | 1 Vbzoom | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in VBZooM allows remote attackers to inject arbitrary web script or HTML via the UserID parameter, a different vector than CVE-2006-1133 and CVE-2005-2441. | |||||
| CVE-2005-1013 | 1 Mailenable | 2 Mailenable Enterprise, Mailenable Professional | 2025-04-03 | 5.0 MEDIUM | N/A |
| The SMTP service in MailEnable Enterprise 1.04 and earlier and Professional 1.54 and earlier allows remote attackers to cause a denial of service (server crash) via an EHLO command with a Unicode string. | |||||
| CVE-2003-1173 | 1 Centrinity | 1 Centrinity Firstclass | 2025-04-03 | 5.0 MEDIUM | N/A |
| Centrinity FirstClass 7.1 allows remote attackers to access sensitive information by appending search to the end of the URL and checking all of the search option checkboxes and leaving the text field blank, which will return all files in the searched directory. | |||||
| CVE-1999-0600 | 2025-04-03 | 10.0 HIGH | N/A | ||
| A network intrusion detection system (IDS) does not verify the checksum on a packet. | |||||
| CVE-1999-1514 | 1 Celtech Software | 1 Expressfs | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in Celtech ExpressFS FTP server 2.x allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long USER command. | |||||