Total
29562 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-0100 | 1 Isc | 1 Inn | 2025-04-03 | 10.0 HIGH | N/A |
| Remote access in AIX innd 1.5.1, using control messages. | |||||
| CVE-2005-0863 | 1 Phpopenchat | 1 Phpopenchat | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in PHPOpenChat v3.x allows remote attackers to inject arbitrary web script or HTML via (1) the chatter parameter to regulars.php or (2) the chatter, chatter1, chatter2, chatter3, or chatter4 parameters to register.php. | |||||
| CVE-2005-1340 | 1 Apple | 1 Mac Os X | 2025-04-03 | 7.5 HIGH | N/A |
| The HTTP proxy service in Server Admin for Mac OS X 10.3.9 does not restrict access when it is enabled, which allows remote attackers to use the proxy. | |||||
| CVE-2005-3771 | 1 Joomla | 1 Joomla | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before 1.0.4 allow remote attackers to inject arbitrary web script or HTML via (1) "GET and other variables" and (2) "SEF". | |||||
| CVE-1999-0720 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 4.6 MEDIUM | N/A |
| The pt_chown command in Linux allows local users to modify TTY terminal devices that belong to other users. | |||||
| CVE-2006-1103 | 1 Sauerbraten | 2 Cube, Sauerbraten | 2025-04-03 | 5.0 MEDIUM | N/A |
| engine/server.cpp in Sauerbraten 2006_02_28, as derived from the Cube engine, allows remote attackers to cause a denial of service (segmentation fault) via a client that does not completely join the game and times out, which results in a null pointer dereference. | |||||
| CVE-2000-0527 | 1 3r Soft | 1 Mailstudio 2000 | 2025-04-03 | 10.0 HIGH | N/A |
| userreg.cgi CGI program in MailStudio 2000 2.0 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters. | |||||
| CVE-2006-4295 | 1 Panda | 1 Panda Activescan | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in ascan_6.asp in Panda ActiveScan 5.53.00 allows remote attackers to inject arbitrary web script or HTML via the email parameter. | |||||
| CVE-2002-1117 | 1 Symantec Veritas | 1 Backup Exec | 2025-04-03 | 5.0 MEDIUM | N/A |
| Veritas Backup Exec 8.5 and earlier requires that the "RestrictAnonymous" registry key for Microsoft Exchange 2000 must be set to 0, which enables anonymous listing of the SAM database and shares. | |||||
| CVE-2004-2623 | 1 Matthew Skala | 1 Rippy The Aggregator | 2025-04-03 | 10.0 HIGH | N/A |
| Unknown vulnerability in Rippy the Aggregator before 0.10, when register_globals is enabled, has unknown attack vectors and impact, possibly related to the "user-controlled filter." | |||||
| CVE-2006-3536 | 1 Ej3 | 1 Topo | 2025-04-03 | 7.5 HIGH | N/A |
| Direct static code injection vulnerability in code/class_db_text.php in EJ3 TOPo 2.2.178 and earlier allows remote attackers to execute arbitrary PHP code via parameters such as (1) descripcion and (2) pais, which are stored directly in a PHP script. NOTE: the provenance of this information is unknown; the details are obtained solely from third party reports. | |||||
| CVE-2005-1075 | 1 Radscripts | 1 Radbids | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in RadScripts RadBids Gold 2 allow remote attackers to inject arbitrary web script or HTML via (1) the farea parameter to faq.php or the (2) cat, (3) order, or (4) area parameters to index.php. | |||||
| CVE-2005-3367 | 1 Sparkleblog | 1 Sparkleblog | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in journal.php in SparkleBlog 2.1 allows remote attackers to inject arbitrary web script or HTML via the name field. | |||||
| CVE-2004-2213 | 1 Mbedthis Software | 1 Mbedthis Appweb Http Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Mbedthis AppWeb HTTP server before 1.1.3 allows remote attackers to obtain the source code for scripts via a (1) trailing dot (".") or (2) trailing space in an HTTP request. | |||||
| CVE-2005-2574 | 1 Xmb Forum | 1 Xmb | 2025-04-03 | 5.0 MEDIUM | N/A |
| xmb.php in XMB Forum 1.9.1 extracts and defines all provided variables, which allows remote attackers to modify arbitrary server variables such as _SERVER[REMOTE_ADDR]. | |||||
| CVE-2005-0082 | 1 Mysql | 1 Maxdb | 2025-04-03 | 5.0 MEDIUM | N/A |
| The sapdbwa_GetUserData function in MySQL MaxDB 7.5.0.0, and other versions before 7.5.0.21, allows remote attackers to cause a denial of service (crash) via invalid parameters to the WebDAV handler code, which triggers a null dereference that causes the SAP DB Web Agent to crash. | |||||
| CVE-2005-2763 | 1 Openttd | 1 Openttd | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple format string vulnerabilities in OpenTTD before 0.4.0.1 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors. | |||||
| CVE-2006-1059 | 1 Samba | 1 Samba | 2025-04-03 | 1.2 LOW | N/A |
| The winbindd daemon in Samba 3.0.21 to 3.0.21c writes the machine trust account password in cleartext in log files, which allows local users to obtain the password and spoof the server in the domain. | |||||
| CVE-2001-0143 | 2 Immunix, Redhat | 2 Immunix, Linux | 2025-04-03 | 1.2 LOW | N/A |
| vpop3d program in linuxconf 1.23r and earlier allows local users to overwrite arbitrary files via a symlink attack. | |||||
| CVE-2005-0178 | 3 Linux, Netkit, Vserver | 3 Linux Kernel, Linux Netkit, Linux-vserver | 2025-04-03 | 6.2 MEDIUM | N/A |
| Race condition in the setsid function in Linux before 2.6.8.1 allows local users to cause a denial of service (crash) and possibly access portions of kernel memory, related to TTY changes, locking, and semaphores. | |||||