Total
29562 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-2627 | 1 Sun | 1 J2me | 2025-04-03 | 10.0 HIGH | N/A |
| Java 2 Micro Edition (J2ME) does not properly validate bytecode, which allows remote attackers to escape the Kilobyte Virtual Machine (KVM) sandbox and execute arbitrary code. | |||||
| CVE-2004-1401 | 1 Asp-rider | 1 Asp-rider | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in verify.asp in Asp-rider allows remote attackers to execute arbitrary SQL statements and bypass authentication via the username parameter. | |||||
| CVE-2001-0238 | 1 Microsoft | 6 Windows 2000, Windows 95, Windows 98 and 3 more | 2025-04-03 | 7.5 HIGH | N/A |
| Microsoft Data Access Component Internet Publishing Provider 8.103.2519.0 and earlier allows remote attackers to bypass Security Zone restrictions via WebDAV requests. | |||||
| CVE-2001-1233 | 1 Novell | 2 Groupwise Webaccess, Netware | 2025-04-03 | 5.0 MEDIUM | N/A |
| Netware Enterprise Web Server 5.1 running GroupWise WebAccess 5.5 with Novell Directory Services (NDS) enabled allows remote attackers to enumerate user names, group names and other system information by accessing ndsobj.nlm. | |||||
| CVE-2000-1060 | 1 Xfree86 Project | 1 Xfce | 2025-04-03 | 4.6 MEDIUM | N/A |
| The default configuration of XFCE 3.5.1 bypasses the Xauthority access control mechanism with an "xhost + localhost" command in the xinitrc program, which allows local users to sniff X Windows traffic and gain privileges. | |||||
| CVE-2002-0581 | 1 Workforceroi | 1 Xpede | 2025-04-03 | 7.5 HIGH | N/A |
| WorkforceROI Xpede 4.1 allows remote attackers to execute arbitrary SQL commands and read, modify, or steal credentials from the database via the Qry parameter in the sprc.asp script. | |||||
| CVE-2001-0606 | 2 Hp, Sun | 2 Virtualvault, Iplanet Web Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Vulnerability in iPlanet Web Server 4.X in HP-UX 11.04 (VVOS) with VirtualVault A.04.00 allows a remote attacker to create a denial of service via the HTTPS service. | |||||
| CVE-1999-0401 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 3.7 LOW | N/A |
| A race condition in Linux 2.2.1 allows local users to read arbitrary memory from /proc files. | |||||
| CVE-2004-0593 | 1 Sygate Technologies | 2 Enforcer, Secure Enterprise | 2025-04-03 | 7.5 HIGH | N/A |
| Sygate Enforcer 3.5MR1 and earlier passes broadcast traffic before authentication, which could allow remote attackers to bypass filtering rules. | |||||
| CVE-2006-2706 | 1 Secure Elements | 1 Class 5 Enterprise Vulnerability Management | 2025-04-03 | 5.0 MEDIUM | N/A |
| Secure Elements Class 5 AVR server (aka C5 EVM) before 2.8.1 allows remote attackers to cause a denial of service via forged "session start" messages that cause AVR to connect to arbitrary hosts. | |||||
| CVE-2006-1104 | 1 Pixelpost | 1 Pixelpost | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Pixelpost 1.5 beta 1 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the showimage parameter in index.php; and the (2) USER_AGENT, (3) HTTP_REFERER, and (4) HTTP_HOST HTTP header fields as used in the book_vistor function in includes/functions.php. NOTE: the vendor has disputed some issues from the original disclosure, but due to the vagueness of the dispute, it is not clear whether the vendor is disputing this particular issue. | |||||
| CVE-2003-0344 | 1 Microsoft | 2 Ie, Internet Explorer | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to execute arbitrary code via / (slash) characters in the Type property of an Object tag in a web page. | |||||
| CVE-1999-0562 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2025-04-03 | 7.5 HIGH | N/A |
| The registry in Windows NT can be accessed remotely by users who are not administrators. | |||||
| CVE-2002-1521 | 1 Mdg Computer Services | 1 Web Server 4d | 2025-04-03 | 2.1 LOW | N/A |
| Web Server 4D (WS4D) 3.6 stores passwords in plaintext in the Ws4d.4DD file, which allows attackers to gain privileges. | |||||
| CVE-2005-1789 | 1 India Software Solution | 1 Shopping Cart | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in SignIn.asp in India Software Solution shopping cart allows remote attackers to execute arbitrary SQL commands via the password. | |||||
| CVE-2000-0188 | 1 Alex Heiphetz Group | 1 Ezshopper | 2025-04-03 | 7.5 HIGH | N/A |
| EZShopper 3.0 search.cgi CGI script allows remote attackers to read arbitrary files via a .. (dot dot) attack or execute commands via shell metacharacters. | |||||
| CVE-2004-1726 | 1 John Bradley | 1 Xv | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple integer overflows in (1) xviris.c, (2) xvpcx.c, and (3) xvpm.c in XV allow remote attackers to execute arbitrary code via a crafted image file that triggers a heap-based buffer overflow. | |||||
| CVE-2001-0386 | 1 Analogx | 1 Simpleserver Www | 2025-04-03 | 5.0 MEDIUM | N/A |
| AnalogX SimpleServer:WWW 1.08 allows remote attackers to cause a denial of service via an HTTP request to the /aux directory. | |||||
| CVE-2005-2612 | 1 Wordpress | 1 Wordpress | 2025-04-03 | 7.5 HIGH | N/A |
| Direct code injection vulnerability in WordPress 1.5.1.3 and earlier allows remote attackers to execute arbitrary PHP code via the cache_lastpostdate[server] cookie. | |||||
| CVE-2002-0595 | 1 Webtrends | 1 Reporting Center | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in WTRS_UI.EXE (WTX_REMOTE.DLL) for WebTrends Reporting Center 4.0d allows remote attackers to execute arbitrary code via a long HTTP GET request to the /reports/ directory. | |||||