Total
29827 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-2246 | 1 Goollery | 1 Goollery | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Goollery before 0.04b allows remote attackers to inject arbitrary HTML or web script via the conversation_id parameter to viewpic.php. | |||||
| CVE-2006-3519 | 1 Native Solutions | 1 The Banner Engine | 2025-04-03 | 5.8 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in The Banner Engine (tbe) 4.0 allow remote attackers to execute arbitrary web script or HTML via the (1) text parameter in a search action to (a) top.php, and the (2) adminpass or (3) adminlogin parameter to (b) signup.php. | |||||
| CVE-2002-0598 | 1 Foundstone | 1 Fscan | 2025-04-03 | 7.5 HIGH | N/A |
| Format string vulnerability in Foundstone FScan 1.12 with banner grabbing enabled allows remote attackers to execute arbitrary code on the scanning system via format string specifiers in the server banner. | |||||
| CVE-2005-2153 | 1 Osticket | 1 Osticket Sts | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in class.ticket.php in osTicket 1.3.1 beta and earlier allows remote attackers to execute arbitrary SQL commands via the ticket variable. | |||||
| CVE-2000-1037 | 1 Checkpoint | 1 Firewall-1 | 2025-04-03 | 7.5 HIGH | N/A |
| Check Point Firewall-1 session agent 3.0 through 4.1 generates different error messages for invalid user names versus invalid passwords, which allows remote attackers to determine valid usernames and guess a password via a brute force attack. | |||||
| CVE-2001-0678 | 1 Trend Micro | 2 Interscan Viruswall, Interscan Webmanager | 2025-04-03 | 4.6 MEDIUM | N/A |
| A buffer overflow in reggo.dll file used by Trend Micro InterScan VirusWall prior to 3.51 build 1349 for Windows NT 3.5 and InterScan WebManager 1.2 allows a local attacker to execute arbitrary code. | |||||
| CVE-2001-1255 | 2 Mysql, Oracle | 2 Winmysqladmin, Mysql | 2025-04-03 | 4.6 MEDIUM | N/A |
| WinMySQLadmin 1.1 stores the MySQL password in plain text in the my.ini file, which allows local users to obtain unathorized access the MySQL database. | |||||
| CVE-2001-0275 | 1 Moby | 1 Netsuite Web Server | 2025-04-03 | 2.1 LOW | N/A |
| Moby Netsuite Web Server 1.02 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long HTTP request. | |||||
| CVE-2005-4041 | 1 Mr. Cgi Guy | 2 Hot Links Pro, Hot Links Sql | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in search.cgi in MR CGI Guy Hot Links SQL 3.1.x and Hot Links Pro 3.1.x allows remote attackers to inject arbitrary web script or HTML via the query string. | |||||
| CVE-2002-0393 | 1 Red-m | 1 1050ap Lan Acess Point | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in Red-M 1050 (Bluetooth Access Point) management web interface allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long administration password. | |||||
| CVE-2003-1063 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 7.5 HIGH | N/A |
| The patches (1) 105693-13, (2) 108800-02, (3) 105694-13, and (4) 108801-02 for cachefs on Solaris 2.6 and 7 overwrite the inetd.conf file, which may silently reenable services and allow remote attackers to bypass the intended security policy. | |||||
| CVE-1999-0465 | 2025-04-03 | 10.0 HIGH | N/A | ||
| Remote attackers can crash Lynx and Internet Explorer using an IMG tag with a large width parameter. | |||||
| CVE-2006-1026 | 1 Jfacets | 1 Jfacets | 2025-04-03 | 7.5 HIGH | N/A |
| JFacets before 0.2 allows remote attackers to gain privileges as any account via a GET request with a modified account profileID. | |||||
| CVE-2001-0059 | 1 Sun | 1 Sunos | 2025-04-03 | 6.2 MEDIUM | N/A |
| patchadd in Solaris allows local users to overwrite arbitrary files via a symlink attack. | |||||
| CVE-2006-1355 | 1 Alwil | 1 Avast Antivirus | 2025-04-03 | 7.2 HIGH | N/A |
| avast! Antivirus 4.6.763 and earlier sets "BUILTIN\Everyone" permissions to critical system files in the installation folder, which allows local users to gain privileges or disable protection by modifying those files. | |||||
| CVE-2001-0263 | 1 Gene6 | 1 G6 Ftp Server | 2025-04-03 | 7.5 HIGH | N/A |
| Gene6 G6 FTP Server 2.0 (aka BPFTP Server 2.10) allows attackers to read file attributes outside of the web root via the (1) SIZE and (2) MDTM commands when the "show relative paths" option is not enabled. | |||||
| CVE-2006-4708 | 1 Vikingboard | 1 Vikingboard | 2025-04-03 | 6.8 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Vikingboard 0.1b allow remote attackers to inject arbitrary web script or HTML via the (1) act parameter in (a) help.php and (b) search.php, and the (2) p parameter in report.php. | |||||
| CVE-2006-2571 | 1 Alkacon | 1 Opencms | 2025-04-03 | 2.6 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in search.html in Alkacon OpenCms 6.0.0, 6.0.2, and 6.0.3 allows remote attackers to inject arbitrary web script or HTML via the query parameter in a search action. | |||||
| CVE-2006-2089 | 1 Mysmartbb | 1 Mysmartbb | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in misc.php in MySmartBB 1.1.x allow remote attackers to inject arbitrary web script or HTML via the (1) id and (2) username parameters. | |||||
| CVE-2005-2105 | 1 Cisco | 1 Ios | 2025-04-03 | 7.5 HIGH | N/A |
| Cisco IOS 12.2T through 12.4 allows remote attackers to bypass Authentication, Authorization, and Accounting (AAA) RADIUS authentication, if the fallback method is set to none, via a long username. | |||||