Total
29562 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-3095 | 1 Avi Alkalay | 1 Notify | 2025-04-03 | 7.5 HIGH | N/A |
| Avi Alkalay notify program, dated 19 Aug 2001, allows remote attackers to execute arbitrary commands via shell metacharacters in the from parameter. | |||||
| CVE-2001-0327 | 1 Iplanet | 1 Iplanet Web Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| iPlanet Web Server Enterprise Edition 4.1 and earlier allows remote attackers to retrieve sensitive data from memory allocation pools, or cause a denial of service, via a URL-encoded Host: header in the HTTP request, which reveals memory in the Location: header that is returned by the server. | |||||
| CVE-2003-0925 | 1 Ethereal Group | 1 Ethereal | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in Ethereal 0.9.15 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed GTP MSISDN string. | |||||
| CVE-2005-3700 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | 4.6 MEDIUM | N/A |
| Unknown vulnerability in iodbcadmintool in the ODBC Administrator utility in Mac OS X and OS X Server 10.3.9 and 10.4.3 allows local users to execute arbitrary code via unknown attack vectors. | |||||
| CVE-2002-0736 | 1 Microsoft | 1 Backoffice | 2025-04-03 | 10.0 HIGH | N/A |
| Microsoft BackOffice 4.0 and 4.5, when configured to be accessible by other systems, allows remote attackers to bypass authentication and access the administrative ASP pages via an HTTP request with an authorization type (auth_type) that is not blank. | |||||
| CVE-2006-0490 | 1 Aspthai.net | 1 Aspthai Forums | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in login.asp in ASPThai.Net ASPThai Forums 8.0 and earlier allows remote attackers to execute arbitrary SQL commands and bypass login authentication via the password field. | |||||
| CVE-2005-1256 | 1 Ipswitch | 3 Imail, Imail Server, Ipswitch Collaboration Suite | 2025-04-03 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in the IMAP daemon (IMAPD32.EXE) in IMail 8.13 in Ipswitch Collaboration Suite (ICS), and other versions before IMail Server 8.2 Hotfix 2, allows remote authenticated users to execute arbitrary code via a STATUS command with a long mailbox name. | |||||
| CVE-2002-0455 | 1 Incredimail | 1 Incredimail | 2025-04-03 | 5.0 MEDIUM | N/A |
| IncrediMail stores attachments in a directory with a fixed name, which could make it easier for attackers to exploit vulnerabilities in other software that rely on installing and reading files from directories with known pathnames. | |||||
| CVE-1999-0231 | 1 Seattle Lab Software | 1 Slmail | 2025-04-03 | 5.0 MEDIUM | N/A |
| Buffer overflow in IP-Switch IMail and Seattle Labs Slmail 2.6 packages using a long VRFY command, causing a denial of service and possibly remote access. | |||||
| CVE-2004-0475 | 1 Microsoft | 1 Ie | 2025-04-03 | 5.1 MEDIUM | N/A |
| The showHelp function in Internet Explorer 6 on Windows XP Pro allows remote attackers to execute arbitrary local .CHM files via a double backward slash ("\\") before the target CHM file, as demonstrated using an "ms-its" URL to ntshared.chm. NOTE: this bug may overlap CVE-2003-1041. | |||||
| CVE-1999-1332 | 1 Redhat | 1 Linux | 2025-04-03 | 2.1 LOW | N/A |
| gzexe in the gzip package on Red Hat Linux 5.0 and earlier allows local users to overwrite files of other users via a symlink attack on a temporary file. | |||||
| CVE-2000-0486 | 1 Cisco | 2 Ios, Tacacs\+ | 2025-04-03 | 5.0 MEDIUM | N/A |
| Buffer overflow in Cisco TACACS+ tac_plus server allows remote attackers to cause a denial of service via a malformed packet with a long length field. | |||||
| CVE-2006-0421 | 1 Bea | 1 Weblogic Server | 2025-04-03 | 4.6 MEDIUM | N/A |
| By design, BEA WebLogic Server and WebLogic Express 7.0 and 6.1, when creating multiple domains from the same WebLogic instance on the same machine, allows administrators of any created domain to access other created domains, which could allow administrators to gain privileges that were not intended. | |||||
| CVE-2006-4787 | 1 Alphamail | 1 Alphamail | 2025-04-03 | 2.1 LOW | N/A |
| AlphaMail before 1.0.16 allows local users to obtain sensitive information via the logging functionality, which displays unencrypted passwords in an error message. NOTE: some details are obtained from third party information. | |||||
| CVE-2004-0426 | 1 Andrew Tridgell | 1 Rsync | 2025-04-03 | 5.0 MEDIUM | N/A |
| rsync before 2.6.1 does not properly sanitize paths when running a read/write daemon without using chroot, which allows remote attackers to write files outside of the module's path. | |||||
| CVE-1999-0254 | 1 Sun | 1 Solaris | 2025-04-03 | 10.0 HIGH | N/A |
| A hidden SNMP community string in HP OpenView allows remote attackers to modify MIB tables and obtain sensitive information. | |||||
| CVE-2005-0826 | 1 Ollydbg | 1 Ollydbg | 2025-04-03 | 5.0 MEDIUM | N/A |
| OllyDbg 1.10 and earlier allows remote attackers to cause a denial of service (application crash) via a dynamic link library (DLL) with a long filename. | |||||
| CVE-2001-0292 | 1 Francisco Burzi | 1 Php-nuke | 2025-04-03 | 7.5 HIGH | N/A |
| PHP-Nuke 4.4.1a allows remote attackers to modify a user's email address and obtain the password by guessing the user id (UID) and calling user.php with the saveuser operator. | |||||
| CVE-2006-0493 | 1 Thomas Rybak | 1 Mg2 | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in MG2 (formerly known as Minigal) 0.5.1 allows remote attackers to inject arbitrary web script or HTML via the Name field in a comment associated with a picture. | |||||
| CVE-2006-4495 | 1 Microsoft | 2 Ie, Windows 2003 Server | 2025-04-03 | 7.5 HIGH | N/A |
| Microsoft Internet Explorer allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code by instantiating certain Windows 2000 ActiveX COM Objects including (1) ciodm.dll, (2) myinfo.dll, (3) msdxm.ocx, and (4) creator.dll. | |||||