Total
29818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-2655 | 1 Maildrop | 1 Maildrop | 2025-04-03 | 10.0 HIGH | N/A |
| lockmail in maildrop before 1.5.3 does not drop privileges before executing commands, which allows local users to gain privileges via command line arguments. | |||||
| CVE-2003-0386 | 1 Openbsd | 1 Openssh | 2025-04-03 | 7.5 HIGH | N/A |
| OpenSSH 3.6.1 and earlier, when restricting host access by numeric IP addresses and with VerifyReverseMapping disabled, allows remote attackers to bypass "from=" and "user@host" address restrictions by connecting to a host from a system whose reverse DNS hostname contains the numeric IP address. | |||||
| CVE-2001-0132 | 1 Trend Micro | 1 Interscan Viruswall | 2025-04-03 | 1.2 LOW | N/A |
| Interscan VirusWall 3.6.x and earlier follows symbolic links when uninstalling the product, which allows local users to overwrite arbitrary files via a symlink attack. | |||||
| CVE-2006-4590 | 1 Jetstat.com | 1 Js Asp Faq Manager | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin/default.asp in Jetstat.com JS ASP Faq Manager 1.10 and earlier allows remote attackers to execute arbitrary SQL commands via the uid parameter, a different vector than CVE-2006-4463. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | |||||
| CVE-2005-4425 | 1 Kerio | 1 Winroute Firewall | 2025-04-03 | 7.8 HIGH | N/A |
| Unspecified vulnerability in Kerio WinRoute Firewall before 6.1.3 allows remote attackers to cause a denial of service (crash) via certain RTSP streams. | |||||
| CVE-2006-3617 | 1 Pixelated By Lev | 1 Pixelated By Lev Guestbook | 2025-04-03 | 5.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in pblguestbook.php in Pixelated By Lev (PBL) Guestbook 1.32 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) name, (2) message (aka comments), (3) website, and (4) email parameters, which bypasses XSS protection mechanisms that check for SCRIPT tags but not others, as demonstrated by a javascript URI in an onMouseOver attribute and the src attribute in an iframe tag. NOTE: some vectors might overlap CVE-2006-2975, although the use of alternate manipulations makes it unclear. | |||||
| CVE-2001-1531 | 1 Apple | 1 Claris Emailer | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in Claris Emailer 2.0v2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an email attachment with a long filename. | |||||
| CVE-2000-0407 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in Solaris netpr program allows local users to execute arbitrary commands via a long -p option. | |||||
| CVE-2001-0176 | 1 Voyant Technologies | 1 Sonata | 2025-04-03 | 7.2 HIGH | N/A |
| The setuid doroot program in Voyant Sonata 3.x executes arbitrary command line arguments, which allows local users to gain root privileges. | |||||
| CVE-2006-2322 | 1 Cisco | 2 Application Velocity System 3110, Application Velocity System 3120 | 2025-04-03 | 6.4 MEDIUM | N/A |
| The transparent proxy feature of the Cisco Application Velocity System (AVS) 3110 5.0 and 4.0 and earlier, and 3120 5.0.0 and earlier, has a default configuration that allows remote attackers to proxy arbitrary TCP connections, aka Bug ID CSCsd32143. | |||||
| CVE-2001-0488 | 1 Hp | 1 Hp-ux | 2025-04-03 | 2.1 LOW | N/A |
| pcltotiff in HP-UX 10.x has unnecessary set group id permissions, which allows local users to cause a denial of service. | |||||
| CVE-2004-2075 | 1 Sophos | 1 Sophos Anti-virus | 2025-04-03 | 5.0 MEDIUM | N/A |
| Sophos Anti-Virus 3.78 allows remote attackers to cause a denial of service (infinite loop) via a MIME header that is not properly terminated. | |||||
| CVE-1999-1189 | 1 Netscape | 2 Communicator, Navigator | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in Netscape Navigator/Communicator 4.7 for Windows 95 and Windows 98 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long argument after the ? character in a URL that references an .asp, .cgi, .html, or .pl file. | |||||
| CVE-2000-0177 | 1 Dnstools Software | 1 Dnstools | 2025-04-03 | 10.0 HIGH | N/A |
| DNSTools CGI applications allow remote attackers to execute arbitrary commands via shell metacharacters. | |||||
| CVE-2002-2172 | 1 Shana | 2 Informed Designer, Informed Filler | 2025-04-03 | 2.1 LOW | N/A |
| Informed (1) Designer and (2) Filler 3.05 does not zero out newly allocated disk blocks as an encrypted file grows in size, which may allow attackers to obtain sensitive information. | |||||
| CVE-1999-0290 | 1 Qbik | 1 Wingate | 2025-04-03 | 5.0 MEDIUM | N/A |
| The WinGate telnet proxy allows remote attackers to cause a denial of service via a large number of connections to localhost. | |||||
| CVE-2006-3191 | 1 Tpvgames | 1 Mpcs | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in comment.php in MPCS 0.2 allows remote attackers to inject arbitrary web script or HTML via the pageid parameter. | |||||
| CVE-2000-0443 | 1 Hp | 1 Jetadmin | 2025-04-03 | 7.5 HIGH | N/A |
| The web interface server in HP Web JetAdmin 5.6 allows remote attackers to read arbitrary files via a .. (dot dot) attack. | |||||
| CVE-1999-0944 | 2025-04-03 | 10.0 HIGH | N/A | ||
| IBM WebSphere ikeyman tool uses weak encryption to store a password for a key database that is used for SSL connections. | |||||
| CVE-2006-1046 | 1 Monopd | 1 Monopd | 2025-04-03 | 5.0 MEDIUM | N/A |
| server.cpp in Monopd 0.9.3 allows remote attackers to cause a denial of service (CPU and memory consumption) via a string containing a large number of characters that are escaped when Monopd produces XML output. | |||||