Total
29810 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-1145 | 1 Cor Entertainment | 1 Alien Arena 2006 | 2025-04-03 | 6.5 MEDIUM | N/A |
| Format string vulnerability in the safe_cprintf function in acebot_cmds.c in Alien Arena 2006 Gold Edition 5.00 allows remote attackers (possibly authenticated) to execute arbitrary code via unspecified vectors when the server sends crafted messages to the clients. | |||||
| CVE-2006-4211 | 1 B0zz And Chris Vincent | 1 Owl Intranet Engine | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in b0zz and Chris Vincent Owl Intranet Engine 0.90 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-1999-1472 | 1 Microsoft | 1 Internet Explorer | 2025-04-03 | 5.0 MEDIUM | N/A |
| Internet Explorer 4.0 allows remote attackers to read arbitrary text and HTML files on the user's machine via a small IFRAME that uses Dynamic HTML (DHTML) to send the data to the attacker, aka the Freiburg text-viewing issue. | |||||
| CVE-1999-0334 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 7.2 HIGH | N/A |
| In Solaris 2.2 and 2.3, when fsck fails on startup, it allows a local user with physical access to obtain root access. | |||||
| CVE-2000-1086 | 1 Microsoft | 2 Data Engine, Sql Server | 2025-04-03 | 4.6 MEDIUM | N/A |
| The xp_printstatements function in Microsoft SQL Server 2000 and SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows an attacker to cause a denial of service or execute arbitrary commands, aka the "Extended Stored Procedure Parameter Parsing" vulnerability. | |||||
| CVE-2005-3836 | 1 Desklance | 1 Desklance | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in DeskLance 2.3 and earlier allows remote attackers to execute arbitrary SQL commands via the announce parameter. | |||||
| CVE-2005-3459 | 1 Oracle | 2 Clinical, E-business Suite | 2025-04-03 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Oracle E-Business Suite and Applications 4.5 up to 4.5.1 has unknown impact and attack vectors, as identified by Oracle Vuln# APPS22 in Oracle Clinical. | |||||
| CVE-1999-1270 | 1 Kde | 1 Kde | 2025-04-03 | 4.6 MEDIUM | N/A |
| KMail in KDE 1.0 provides a PGP passphrase as a command line argument to other programs, which could allow local users to obtain the passphrase and compromise the PGP keys of other users by viewing the arguments via programs that list process information, such as ps. | |||||
| CVE-2005-1733 | 1 Metro Marketing | 1 Cookie Cart | 2025-04-03 | 5.0 MEDIUM | N/A |
| Cookie Cart stores the password file under the web document root with insufficient access control, which allows remote attackers to obtain usernames and encrypted passwords via a direct request to passwd.txt. | |||||
| CVE-2006-0665 | 1 Mantis | 1 Mantis | 2025-04-03 | 10.0 HIGH | N/A |
| Unspecified vulnerability in (1) query_store.php and (2) manage_proj_create.php in Mantis before 1.0.0 has unknown impact and attack vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. An original vendor bug report is referenced, but not accessible to the general public. | |||||
| CVE-2000-0191 | 1 Axis | 1 Storpoint Cd | 2025-04-03 | 10.0 HIGH | N/A |
| Axis StorPoint CD allows remote attackers to access administrator URLs without authentication via a .. (dot dot) attack. | |||||
| CVE-2002-0744 | 1 Ibm | 1 Aix | 2025-04-03 | 10.0 HIGH | N/A |
| namerslv in AIX 4.3.3 core dumps when called with a very long argument, possibly as a result of a buffer overflow. | |||||
| CVE-2006-3424 | 1 Webex Communications | 1 Webex Downloader Activex Control | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple buffer overflows in WebEx Downloader ActiveX Control, possibly in versions before November 2005, allow remote attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2004-2207 | 1 Ideal Science | 1 Idealbb | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Ideal Science IdealBB 1.4.9 through 1.5.3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | |||||
| CVE-2003-1198 | 1 Cherokee | 1 Cherokee Httpd | 2025-04-03 | 5.0 MEDIUM | N/A |
| connection.c in Cherokee web server before 0.4.6 allows remote attackers to cause a denial of service via an HTTP POST request without a Content-Length header field. | |||||
| CVE-2000-0087 | 1 Netscape | 2 Communicator, Navigator | 2025-04-03 | 5.0 MEDIUM | N/A |
| Netscape Mail Notification (nsnotify) utility in Netscape Communicator uses IMAP without SSL, even if the user has set a preference for Communicator to use an SSL connection, allowing a remote attacker to sniff usernames and passwords in plaintext. | |||||
| CVE-2000-1232 | 1 Phorum | 1 Phorum | 2025-04-03 | 5.0 MEDIUM | N/A |
| upgrade.php3 in Phorum 3.0.7 could allow remote attackers to modify certain Phorum database tables via an unknown method. | |||||
| CVE-2001-0439 | 5 Conectiva, Freebsd, Licq and 2 more | 6 Linux, Freebsd, Licq and 3 more | 2025-04-03 | 7.5 HIGH | N/A |
| licq before 1.0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in a URL. | |||||
| CVE-2004-0033 | 1 Phpgedview | 1 Phpgedview | 2025-04-03 | 5.0 MEDIUM | N/A |
| admin.php in PHPGEDVIEW 2.61 allows remote attackers to obtain sensitive information via an action parameter with a phpinfo command. | |||||
| CVE-2002-1413 | 1 Novell | 1 Netware | 2025-04-03 | 7.5 HIGH | N/A |
| RCONAG6 for Novell Netware SP2, while running RconJ in secure mode, allows remote attackers to bypass authentication using the RconJ "Secure IP" (SSL) option during a connection. | |||||