Total
29798 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-0358 | 1 Sgi | 1 Mediamail | 2025-04-03 | 4.6 MEDIUM | N/A |
| MediaMail and MediaMail Pro in SGI IRIX 6.5.16 and earlier allows local users to force the program to dump core via certain arguments, which could allow the users to read sensitive data or gain privileges. | |||||
| CVE-1999-1368 | 1 Broadcom | 1 Inoculateit | 2025-04-03 | 7.5 HIGH | N/A |
| AV Option for MS Exchange Server option for InoculateIT 4.53, and possibly other versions, only scans the Inbox folder tree of a Microsoft Exchange server, which could allow viruses to escape detection if a user's rules cause the message to be moved to a different mailbox. | |||||
| CVE-2003-1276 | 1 Nettelephone | 1 Nettelephone | 2025-04-03 | 4.6 MEDIUM | N/A |
| Netfone.exe of NetTelephone 3.5.6 uses weak encryption for user PIN's and stores user account numbers in plaintext in the HKEY_CURRENT_USER\Software\MediaRing.com\SDK\NetTelephone\settings registry key, which could allow local users to gain unauthorized access to NetTelephone accounts. | |||||
| CVE-2003-0551 | 1 Redhat | 1 Linux | 2025-04-03 | 5.0 MEDIUM | N/A |
| The STP protocol implementation in Linux 2.4.x does not properly verify certain lengths, which could allow attackers to cause a denial of service. | |||||
| CVE-2002-2184 | 1 Digi-net Technologies | 1 Digichat | 2025-04-03 | 5.0 MEDIUM | N/A |
| Digi-Net Technologies DigiChat 3.5 allows chat users to obtain the IP addresses of other chat users via a "Showip" parameter in the chat applet. | |||||
| CVE-2001-0164 | 1 Netscape | 1 Directory Server | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in Netscape Directory Server 4.12 and earlier allows remote attackers to cause a denial of service or execute arbitrary commands via a malformed recipient field. | |||||
| CVE-2005-1200 | 1 Azbb | 1 Az Bulletin Board | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in main_index.php in AZ Bulletin Board (AZbb) 1.0.07a through 1.0.07c allows remote attackers to execute arbitrary PHP code by modifying the (1) dir_src or (2) abs_layer parameter to reference a URL on a remote web server that contains the code. | |||||
| CVE-2004-2403 | 1 Yabb | 1 Yabb | 2025-04-03 | 10.0 HIGH | N/A |
| Cross-site request forgery (CSRF) vulnerability in YaBB 1 GOLD SP 1.3.2 allows remote attackers to perform unauthorized actions as the administrative user via a link or IMG tag to YaBB.pl that specifies the desired action, id, and moda parameters. | |||||
| CVE-1999-1374 | 1 Arpanet | 1 Perlshop | 2025-04-03 | 5.0 MEDIUM | N/A |
| perlshop.cgi shopping cart program stores sensitive customer information in directories and files that are under the web root, which allows remote attackers to obtain that information via an HTTP request. | |||||
| CVE-2005-0732 | 1 Py Software | 1 Active Webcam | 2025-04-03 | 5.0 MEDIUM | N/A |
| PY Software Active Webcam WebServer (webcam.exe) 5.5 allows remote attackers to obtain the full path of the web server via a request for a non-existent filename, which leaks the full path in an error message. | |||||
| CVE-2003-0477 | 1 Wzdftpd | 1 Wzdftpd | 2025-04-03 | 5.0 MEDIUM | N/A |
| wzdftpd 0.1rc4 and earlier allows remote attackers to cause a denial of service (crash) via a PORT command without an argument. | |||||
| CVE-2004-1068 | 3 Linux, Redhat, Ubuntu | 5 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop and 2 more | 2025-04-03 | 6.2 MEDIUM | N/A |
| A "missing serialization" error in the unix_dgram_recvmsg function in Linux 2.4.27 and earlier, and 2.6.x up to 2.6.9, allows local users to gain privileges via a race condition. | |||||
| CVE-2004-2314 | 1 Novell | 1 Ichain | 2025-04-03 | 7.5 HIGH | N/A |
| The Telnet listener for Novell iChain Server before 2.2 Field Patch 3b 2.2.116 does not have a password by default, which allows remote attackers to gain access. | |||||
| CVE-2005-2455 | 1 Greasemonkey | 1 Greasemonkey | 2025-04-03 | 5.0 MEDIUM | N/A |
| Greasemonkey before 0.3.5 allows remote web servers to (1) read arbitrary files via a GET request to a file:// URL in the GM_xmlhttpRequest API function, (2) list installed scripts using GM_scripts, or obtain sensitive information via (3) GM_setValue and GM_getValue. | |||||
| CVE-2006-2274 | 1 Lksctp | 1 Stream Control Transmission Protocol | 2025-04-03 | 5.0 MEDIUM | N/A |
| Linux SCTP (lksctp) before 2.6.17 allows remote attackers to cause a denial of service (infinite recursion and crash) via a packet that contains two or more DATA fragments, which causes an skb pointer to refer back to itself when the full message is reassembled, leading to infinite recursion in the sctp_skb_pull function. | |||||
| CVE-2001-1265 | 1 Ibm | 1 Alphaworks Tftp Server | 2025-04-03 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in IBM alphaWorks Java TFTP server 1.21 allows remote attackers to conduct unauthorized operations on arbitrary files via a .. (dot dot) attack. | |||||
| CVE-2006-3245 | 1 Mvnforum | 1 Mvnforum | 2025-04-03 | 2.6 LOW | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in activatemember in mvnForum 1.0 GA and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) member and (2) activatecode parameters. | |||||
| CVE-2006-1848 | 1 Linpha | 1 Linpha | 2025-04-03 | 2.6 LOW | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in stats_view.php in LinPHA 1.1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) date_from, (2) date_to, and (3) date parameter. | |||||
| CVE-2000-0805 | 1 Checkpoint | 1 Firewall-1 | 2025-04-03 | 7.5 HIGH | N/A |
| Check Point VPN-1/FireWall-1 4.1 and earlier improperly retransmits encapsulated FWS packets, even if they do not come from a valid FWZ client, aka "Retransmission of Encapsulated Packets." | |||||
| CVE-1999-1364 | 1 Microsoft | 1 Windows Nt | 2025-04-03 | 2.1 LOW | N/A |
| Windows NT 4.0 allows local users to cause a denial of service (crash) via an illegal kernel mode address to the functions (1) GetThreadContext or (2) SetThreadContext. | |||||