Total
29827 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-0052 | 3 Clearswift, F-secure, Paul L Daniels | 3 Mailsweeper, Internet Gatekeeper, Ripmime | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use non-standard separator characters, or use standard separators incorrectly, within MIME headers, fields, parameters, or values, which may be interpreted differently by mail clients. | |||||
| CVE-2005-3922 | 1 Panda | 19 Panda Activescan, Panda Antivirus, Panda Antivirus Platinum and 16 more | 2025-04-03 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in pskcmp.dll in Panda Software Antivirus library allows remote attackers to execute arbitrary code via a crafted ZOO archive. | |||||
| CVE-2001-0567 | 1 Zope | 1 Zope | 2025-04-03 | 4.6 MEDIUM | N/A |
| Digital Creations Zope 2.3.2 and earlier allows a local attacker to gain additional privileges via the changing of ZClass permission mappings for objects and methods in the ZClass. | |||||
| CVE-2004-0194 | 1 Adobe | 1 Acrobat Reader | 2025-04-03 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the OutputDebugString function for Adobe Acrobat Reader 5.1 allows remote attackers to execute arbitrary code via a PDF document with XML Forms Data Format (XFDF) data. | |||||
| CVE-2005-3814 | 1 Orbitscripts | 1 Smartppc Pro | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in SmartPPC Pro allow remote attackers to inject arbitrary web script or HTML via the username parameter in (1) directory.php, (2) frames.php, and (3) search.php. | |||||
| CVE-2000-0995 | 1 Openbsd | 1 Openbsd | 2025-04-03 | 7.2 HIGH | N/A |
| Format string vulnerability in OpenBSD yp_passwd program (and possibly other BSD-based operating systems) allows attackers to gain root privileges a malformed name. | |||||
| CVE-2006-3693 | 1 Rocks Clusters | 1 Rocks Clusters | 2025-04-03 | 4.6 MEDIUM | N/A |
| Rocks Clusters 4.1 and earlier allows local users to gain privileges via commands enclosed with escaped backticks (\`) in an argument to the (1) mount-loop (mount-loop.c) or (2) umount-loop (umount-loop.c) command, which is not filtered in a system function call. | |||||
| CVE-1999-0237 | 1 Webcom | 1 Cgi Guestbook | 2025-04-03 | 7.5 HIGH | N/A |
| Remote execution of arbitrary commands through Guestbook CGI program. | |||||
| CVE-2006-0547 | 1 Oracle | 1 Database Server | 2025-04-03 | 7.5 HIGH | N/A |
| Oracle Database 8i, 9i, and 10g allow remote authenticated users to execute arbitrary SQL statements in the context of the SYS user and bypass audit logging, including statements to create new privileged database accounts, via a modified AUTH_ALTER_SESSION attribute in the authentication phase of the Transparent Network Substrate (TNS) protocol. NOTE: due to the lack of relevant details from the Oracle advisory, a separate CVE is being created since it cannot be conclusively proven that this issue has been addressed by Oracle. It is possible that this is the same issue as Oracle Vuln# DB18 from the January 2006 CPU, in which case this would be subsumed by CVE-2006-0265. | |||||
| CVE-2001-1102 | 1 Checkpoint | 1 Firewall-1 | 2025-04-03 | 6.2 MEDIUM | N/A |
| Check Point FireWall-1 3.0b through 4.1 for Solaris allows local users to overwrite arbitrary files via a symlink attack on temporary policy files that end in a .cpp extension, which are set world-writable. | |||||
| CVE-1999-1029 | 1 Ssh | 1 Ssh2 | 2025-04-03 | 7.5 HIGH | N/A |
| SSH server (sshd2) before 2.0.12 does not properly record login attempts if the connection is closed before the maximum number of tries, allowing a remote attacker to guess the password without showing up in the audit logs. | |||||
| CVE-2006-0350 | 1 Epic Designs | 1 Eggblog | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in eggblog 2.0 allow remote attackers to inject arbitrary web script or HTML via the message field to topic.php. | |||||
| CVE-2000-0321 | 1 Icradius | 1 Icradius | 2025-04-03 | 5.0 MEDIUM | N/A |
| Buffer overflow in IC Radius package allows a remote attacker to cause a denial of service via a long user name. | |||||
| CVE-2000-0323 | 1 Microsoft | 1 Jet | 2025-04-03 | 7.6 HIGH | N/A |
| The Microsoft Jet database engine allows an attacker to modify text files via a database query, aka the "Text I-ISAM" vulnerability. | |||||
| CVE-1999-0272 | 1 Slmail | 1 Slmail | 2025-04-03 | 5.0 MEDIUM | N/A |
| Denial of service in Slmail v2.5 through the POP3 port. | |||||
| CVE-2000-0080 | 1 Ibm | 1 Aix | 2025-04-03 | 2.1 LOW | N/A |
| AIX techlibss allows local users to overwrite files via a symlink attack. | |||||
| CVE-2005-3966 | 1 Java Search Engine | 1 Java Search Engine | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in search.jsp in Java Search Engine (JSE) 0.9.34 allows remote attackers to inject arbitrary web script or HTML via the q parameter. | |||||
| CVE-2004-2002 | 1 Sgi | 1 Irix | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in SGI IRIX 6.5 through 6.5.22m allows remote attackers to cause a denial of service via a certain UDP packet. | |||||
| CVE-2006-4273 | 1 Jelsoft | 1 Vbulletin | 2025-04-03 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Jelsoft vBulletin 3.5.4 and 3.6.0 allows remote attackers to inject arbitrary web script or HTML by uploading an attachment with a .pdf extension that contains JavaScript, which is processed as script by Microsoft Internet Explorer 6. | |||||
| CVE-2005-0214 | 1 Alexander Palmo | 1 Simple Php Blog | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Simple PHP Blog (SPHPBlog) 0.3.7c allows remote attackers to read or create arbitrary files via a .. (dot dot) in the entry parameter. | |||||