Total
29823 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-1359 | 1 Microsoft | 1 Windows Nt | 2025-04-03 | 7.5 HIGH | N/A |
| When the Ntconfig.pol file is used on a server whose name is longer than 13 characters, Windows NT does not properly enforce policies for global groups, which could allow users to bypass restrictions that were intended by those policies. | |||||
| CVE-2004-2267 | 1 Ansel | 1 Ansel | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Ansel 2.1 and earlier allows remote attackers to inject arbitrary HTML or web script via the album name. | |||||
| CVE-2005-2738 | 1 Sun | 1 Java | 2025-04-03 | 5.0 MEDIUM | N/A |
| Java 1.4.2 before 1.4.2 Release 2 on Apple Mac OS X does not prevent multiple programs from opening the same port as a Java ServerSocket, which allows local users to operate a Java program that intercepts network data intended for the ServerSocket of a different Java program. | |||||
| CVE-2005-4529 | 1 Chatspot | 1 Chatspot | 2025-04-03 | 7.5 HIGH | N/A |
| The Chatspot 2.0.0a7 module for phpBB might allow remote attackers to impersonate other users via unknown vectors. | |||||
| CVE-2004-2643 | 1 Microsoft | 1 Cabarc | 2025-04-03 | 3.7 LOW | N/A |
| Directory traversal vulnerability in Microsoft cabarc allows remote attackers to overwrite files via "../" sequences in file names in a CAB archive. | |||||
| CVE-2004-0554 | 6 Avaya, Conectiva, Gentoo and 3 more | 18 Converged Communications Server, Intuity Audix, Modular Messaging Message Storage Server and 15 more | 2025-04-03 | 2.1 LOW | N/A |
| Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause a denial of service (system crash), possibly via an infinite loop that triggers a signal handler with a certain sequence of fsave and frstor instructions, as originally demonstrated using a "crash.c" program. | |||||
| CVE-2005-2561 | 1 Myfaq | 1 Myfaq | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in MYFAQ 1.0 allow remote attackers to execute arbitrary SQL commands via the Theme parameter to (1) affichagefaq.php3, (2) choixsoustheme.php3, (3) consultation.php3, (4) insfaq.php3, (5) inssoustheme.php3, (6) instheme.php3, (7) saisiefaqtotale.php3, (8) saisiesoustheme.php3, or (9) voirfaq.php3, the SousTheme parameter to (10) affichagefaq.php3, (11) consultation.php3, (12) insfaq.php3, (13) inssoustheme.php3, (14) saisiefaq.php3, (15) saisiefaqtotale.php3, or (16) voirfaq.php3, the Faq parameter to (17) saisiefaq.php3, (18) voirfaq.php3, or (19) inssolution.php3, or (20) question parameter to affichagefaq.php3. | |||||
| CVE-2006-3939 | 1 Scriptscenter | 1 Ezupload Pro | 2025-04-03 | 7.5 HIGH | N/A |
| ScriptsCenter ezUpload Pro 2.2.0 allows remote attackers to perform administrative activities without authentication in (1) filter.php, which permits changing the Extensions Mode file type; (2) access.php, which permits changing the Protection Method; (3) edituser.php, which permits adding upload capabilities to user accounts; (4) settings.php, which permits changing the admin information; and (5) index.php, which permits uploading of arbitrary files. | |||||
| CVE-2005-3042 | 2 Usermin, Webmin | 2 Usermin, Webmin | 2025-04-03 | 7.5 HIGH | N/A |
| miniserv.pl in Webmin before 1.230 and Usermin before 1.160, when "full PAM conversations" is enabled, allows remote attackers to bypass authentication by spoofing session IDs via certain metacharacters (line feed or carriage return). | |||||
| CVE-1999-1008 | 2 Freebsd, Mandrakesoft | 2 Freebsd, Mandrake Linux | 2025-04-03 | 7.2 HIGH | N/A |
| xsoldier program allows local users to gain root access via a long argument. | |||||
| CVE-2004-0161 | 3 Clearswift, F-secure, Paul L Daniels | 3 Mailsweeper, Internet Gatekeeper, Ripmime | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use RFC2231 encoding, which may be interpreted differently by mail clients. | |||||
| CVE-2001-1390 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 6.2 MEDIUM | N/A |
| Unknown vulnerability in binfmt_misc in the Linux kernel before 2.2.19, related to user pages. | |||||
| CVE-2005-1875 | 1 Exhibit Engine | 1 Exhibit Engine | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in list.php in Exhibit Engine (EE) 1.22 allow remote attackers to execute arbitrary SQL commands via the (1) search_row, (2) sort_row, (3) order or (4) perpage parameter. | |||||
| CVE-2006-1274 | 1 Avira | 1 Antivir Personal | 2025-04-03 | 7.2 HIGH | N/A |
| Classic Planer in AntiVir PersonalEdition Classic 7 does not drop privileges before executing external programs, which allows local users to gain privileges via notepad.exe, which is used to display scan reports. | |||||
| CVE-2006-0427 | 1 Bea | 1 Weblogic Server | 2025-04-03 | 2.1 LOW | N/A |
| Unspecified vulnerability in BEA WebLogic Server and WebLogic Express 9.0 and 8.1 through SP5 allows malicious EJBs or servlet applications to decrypt system passwords, possibly by accessing functionality that should have been restricted. | |||||
| CVE-2005-3146 | 2 Storebackup, Suse | 2 Storebackup, Suse Linux | 2025-04-03 | 2.1 LOW | N/A |
| StoreBackup before 1.19 allows local users to perform unauthorized operations on arbitrary files via a symlink attack on temporary files. | |||||
| CVE-1999-1062 | 1 Hp | 1 Jetdirect | 2025-04-03 | 7.5 HIGH | N/A |
| HP Laserjet printers with JetDirect cards, when configured with TCP/IP, allow remote attackers to bypass print filters by directly sending PostScript documents to TCP ports 9099 and 9100. | |||||
| CVE-2001-1314 | 1 Critical Path | 2 Injoin Directory Server, Livecontent Directory | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflows in Critical Path (1) InJoin Directory Server or (2) LiveContent Directory allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite. | |||||
| CVE-2003-0212 | 1 Rinetd | 1 Rinetd | 2025-04-03 | 7.5 HIGH | N/A |
| handleAccept in rinetd before 0.62 does not properly resize the connection list when it becomes full and sets an array index incorrectly, which allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large number of connections. | |||||
| CVE-2005-4090 | 1 Hp | 1 Hp-ux | 2025-04-03 | 10.0 HIGH | N/A |
| Unspecified vulnerability in HP-UX B.11.00 to B.11.23, when IPSEC is running, allows remote attackers to have unknown impact. | |||||