Total
29814 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-1248 | 1 Positive Software | 1 H-sphere | 2025-04-03 | 7.5 HIGH | N/A |
| H-Sphere WebShell 2.3 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) mode and (2) zipfile parameters in a URL request. | |||||
| CVE-2006-3171 | 1 Comscripts | 1 Cs-forum | 2025-04-03 | 5.0 MEDIUM | N/A |
| CRLF injection vulnerability in CS-Forum before 0.82 allows remote attackers to inject arbitrary email headers via a newline character in the email parameter to ajouter.php. | |||||
| CVE-2005-1553 | 1 Geovision | 1 Digital Surveillance System | 2025-04-03 | 7.5 HIGH | N/A |
| GeoVision Digital Video Surveillance System 6.04, 6.1 and 7.0 uses a weak encryption scheme to encrypt passwords, which allows remote attackers to obtain the password via sniffing. | |||||
| CVE-2006-4789 | 1 Open Movie Editor | 1 Open Movie Editor | 2025-04-03 | 4.6 MEDIUM | N/A |
| Buffer overflow in Open Movie Editor 0.0.20060901 allows local users to cause a denial of service (system crash) or execute arbitrary code via a long project name in an open_movie_editor_project XML tag. | |||||
| CVE-2006-0974 | 1 Battleaxe Software | 1 Bttlxeforum | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in failure.asp in Battleaxe bttlxeForum 2.0 allows remote attackers to inject arbitrary web script or HTML via the err_txt parameter. | |||||
| CVE-2006-3664 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in NIS server on Sun Solaris 8, 9, and 10 allows local and remote attackers to cause a denial of service (ypserv hang) via unknown vectors. | |||||
| CVE-1999-0549 | 1 Microsoft | 1 Windows Nt | 2025-04-03 | 7.2 HIGH | N/A |
| Windows NT automatically logs in an administrator upon rebooting. | |||||
| CVE-2004-0052 | 3 Clearswift, F-secure, Paul L Daniels | 3 Mailsweeper, Internet Gatekeeper, Ripmime | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use non-standard separator characters, or use standard separators incorrectly, within MIME headers, fields, parameters, or values, which may be interpreted differently by mail clients. | |||||
| CVE-2005-3922 | 1 Panda | 19 Panda Activescan, Panda Antivirus, Panda Antivirus Platinum and 16 more | 2025-04-03 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in pskcmp.dll in Panda Software Antivirus library allows remote attackers to execute arbitrary code via a crafted ZOO archive. | |||||
| CVE-2001-0567 | 1 Zope | 1 Zope | 2025-04-03 | 4.6 MEDIUM | N/A |
| Digital Creations Zope 2.3.2 and earlier allows a local attacker to gain additional privileges via the changing of ZClass permission mappings for objects and methods in the ZClass. | |||||
| CVE-2004-0194 | 1 Adobe | 1 Acrobat Reader | 2025-04-03 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the OutputDebugString function for Adobe Acrobat Reader 5.1 allows remote attackers to execute arbitrary code via a PDF document with XML Forms Data Format (XFDF) data. | |||||
| CVE-2005-3814 | 1 Orbitscripts | 1 Smartppc Pro | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in SmartPPC Pro allow remote attackers to inject arbitrary web script or HTML via the username parameter in (1) directory.php, (2) frames.php, and (3) search.php. | |||||
| CVE-2000-0995 | 1 Openbsd | 1 Openbsd | 2025-04-03 | 7.2 HIGH | N/A |
| Format string vulnerability in OpenBSD yp_passwd program (and possibly other BSD-based operating systems) allows attackers to gain root privileges a malformed name. | |||||
| CVE-2006-3693 | 1 Rocks Clusters | 1 Rocks Clusters | 2025-04-03 | 4.6 MEDIUM | N/A |
| Rocks Clusters 4.1 and earlier allows local users to gain privileges via commands enclosed with escaped backticks (\`) in an argument to the (1) mount-loop (mount-loop.c) or (2) umount-loop (umount-loop.c) command, which is not filtered in a system function call. | |||||
| CVE-1999-0237 | 1 Webcom | 1 Cgi Guestbook | 2025-04-03 | 7.5 HIGH | N/A |
| Remote execution of arbitrary commands through Guestbook CGI program. | |||||
| CVE-2006-0547 | 1 Oracle | 1 Database Server | 2025-04-03 | 7.5 HIGH | N/A |
| Oracle Database 8i, 9i, and 10g allow remote authenticated users to execute arbitrary SQL statements in the context of the SYS user and bypass audit logging, including statements to create new privileged database accounts, via a modified AUTH_ALTER_SESSION attribute in the authentication phase of the Transparent Network Substrate (TNS) protocol. NOTE: due to the lack of relevant details from the Oracle advisory, a separate CVE is being created since it cannot be conclusively proven that this issue has been addressed by Oracle. It is possible that this is the same issue as Oracle Vuln# DB18 from the January 2006 CPU, in which case this would be subsumed by CVE-2006-0265. | |||||
| CVE-2001-1102 | 1 Checkpoint | 1 Firewall-1 | 2025-04-03 | 6.2 MEDIUM | N/A |
| Check Point FireWall-1 3.0b through 4.1 for Solaris allows local users to overwrite arbitrary files via a symlink attack on temporary policy files that end in a .cpp extension, which are set world-writable. | |||||
| CVE-1999-1029 | 1 Ssh | 1 Ssh2 | 2025-04-03 | 7.5 HIGH | N/A |
| SSH server (sshd2) before 2.0.12 does not properly record login attempts if the connection is closed before the maximum number of tries, allowing a remote attacker to guess the password without showing up in the audit logs. | |||||
| CVE-2006-0350 | 1 Epic Designs | 1 Eggblog | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in eggblog 2.0 allow remote attackers to inject arbitrary web script or HTML via the message field to topic.php. | |||||
| CVE-2000-0321 | 1 Icradius | 1 Icradius | 2025-04-03 | 5.0 MEDIUM | N/A |
| Buffer overflow in IC Radius package allows a remote attacker to cause a denial of service via a long user name. | |||||