Total
29801 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-1372 | 1 Bakbone | 1 Netvault | 2025-04-03 | 4.6 MEDIUM | N/A |
| nvstatsmngr.exe process in BakBone NetVault 7.1 does not properly drop privileges before opening files, which allows local users to gain privileges via the Help menu. | |||||
| CVE-2002-0810 | 1 Mozilla | 1 Bugzilla | 2025-04-03 | 5.0 MEDIUM | N/A |
| Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, directs error messages from the syncshadowdb command to the HTML output, which could leak sensitive information, including plaintext passwords, if syncshadowdb fails. | |||||
| CVE-2005-2523 | 1 Apple | 2 Mac Os X, Weblog Server | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Weblog Server in Mac OS X 10.4 to 10.4.2 allow remote attackers to inject arbitrary web script or HTML via unknown vectors. | |||||
| CVE-2004-1751 | 1 Massive Entertainment | 1 Ground Control Ii Operation Exodus | 2025-04-03 | 5.0 MEDIUM | N/A |
| Ground Control II: Operation Exodus 1.0.0.7 and earlier allows remote servers to cause a denial of service (client or server crash) via a large packet, which generates a "Message too long" socket error that is treated as a critical error. | |||||
| CVE-2004-0450 | 1 Log2mail | 1 Log2mail | 2025-04-03 | 10.0 HIGH | N/A |
| Format string vulnerability in the printlog function in log2mail before 0.2.5.2 allows local users or remote attackers to execute arbitrary code via format string specifiers in a logfile monitored by log2mail. | |||||
| CVE-2003-1021 | 1 Sco | 1 Openserver | 2025-04-03 | 7.2 HIGH | N/A |
| The scosession program in OpenServer 5.0.6 and 5.0.7 allows local users to gain privileges via crafted strings on the commandline. | |||||
| CVE-2006-1237 | 1 Dsportal | 1 Dsnewsletter | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in DSNewsletter 1.0, with magic_quotes_gpc disabled, allow remote attackers to execute arbitrary SQL commands via the email parameter to (1) include/sub.php, (2) include/confirm.php, or (3) include/unconfirm.php. | |||||
| CVE-1999-1135 | 1 Hp | 1 Hp-ux | 2025-04-03 | 7.2 HIGH | N/A |
| Vulnerability in VUE 3.0 in HP 9.x allows local users to gain root privileges, as fixed by PHSS_4994 and PHSS_5438. | |||||
| CVE-2006-4334 | 1 Gzip | 1 Gzip | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in gzip 1.3.5 allows context-dependent attackers to cause a denial of service (crash) via a crafted GZIP (gz) archive, which results in a NULL dereference. | |||||
| CVE-1999-0374 | 1 Debian | 1 Debian Linux | 2025-04-03 | 2.1 LOW | N/A |
| Debian GNU/Linux cfengine package is susceptible to a symlink attack. | |||||
| CVE-2005-3745 | 1 Apache | 1 Struts | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Apache Struts 1.2.7, and possibly other versions allows remote attackers to inject arbitrary web script or HTML via the query string, which is not properly quoted or filtered when the request handler generates an error message. | |||||
| CVE-2005-2065 | 1 Asp-nuke | 1 Asp-nuke | 2025-04-03 | 5.0 MEDIUM | N/A |
| HTTP response splitting vulnerability in language_select.asp in ASP Nuke 0.80 allows remote attackers to spoof web content and poison web caches via CRLF ("%0d%0a") sequences in the LangCode parameter. | |||||
| CVE-2005-0417 | 1 Ibm | 1 Db2 Universal Database | 2025-04-03 | 10.0 HIGH | N/A |
| Unknown "high risk" vulnerability in DB2 Universal Database 8.1 and earlier has unknown impact and attack vectors. NOTE: due to the delayed disclosure of details for this issue, this candidate may be SPLIT in the future. In addition, this may be a duplicate of other issues as reported by the vendor. | |||||
| CVE-2006-2904 | 1 Particle Soft | 1 Particle Links | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Partial Links 1.2.2 allows remote attackers to execute arbitrary SQL commands via the topic parameter. | |||||
| CVE-2001-0167 | 1 Att | 1 Winvnc | 2025-04-03 | 7.6 HIGH | N/A |
| Buffer overflow in AT&T WinVNC (Virtual Network Computing) client 3.3.3r7 and earlier allows remote attackers to execute arbitrary commands via a long rfbConnFailed packet with a long reason string. | |||||
| CVE-2002-1065 | 1 T. Hauck | 1 Jana Web Server | 2025-04-03 | 7.5 HIGH | N/A |
| Thomas Hauck Jana Server 2.x through 2.2.1, and 1.4.6 and earlier, does not restrict the number of unsuccessful login attempts, which makes it easier for remote attackers to gain privileges via brute force username and password guessing. | |||||
| CVE-2002-0541 | 1 Ibm | 1 Tivoli Storage Manager | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in Tivoli Storage Manager TSM (1) Server or Storage Agents 3.1 through 5.1, and (2) the TSM Client Acceptor Service 4.2 and 5.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP GET request to port 1580 or port 1581. | |||||
| CVE-2005-3522 | 1 Adventnet | 1 Manageengine Netflow Analyzer | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.jsp in ManageEngine Netflow Analyzer 4.0.2 allows remote attackers to inject arbitrary web script or HTML via the grDisp parameter. | |||||
| CVE-2004-0401 | 1 Free Software Foundation Inc. | 1 Libtasn1 | 2025-04-03 | 10.0 HIGH | N/A |
| Unknown vulnerability in libtasn1 0.1.x before 0.1.2, and 0.2.x before 0.2.7, related to the DER parsing functions. | |||||
| CVE-2004-1290 | 1 William Hoggarth | 1 Pgn2web | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in the process_moves function in pgn2web.c for pgn2web 0.3 allows remote attackers to execute arbitrary code via a crafted PGN file. | |||||