Total
29802 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-0454 | 1 Codeworx Technologies | 1 Dcp-portal | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in DCP-Portal 6.1.1 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the lcat, doc, or uid parameters to index.php, or (2) the mid or bid parameters to forums.php. | |||||
| CVE-2004-0227 | 1 Triornis | 1 Zoneminder | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the zms script in ZoneMinder before 1.19.2 may allow a remote attacker to execute arbitrary code via a long query string. | |||||
| CVE-2004-0827 | 9 Conectiva, Enlightenment, Imagemagick and 6 more | 14 Linux, Imlib, Imlib2 and 11 more | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3) DIB files. | |||||
| CVE-2002-1394 | 1 Apache | 1 Tomcat | 2025-04-03 | 7.5 HIGH | N/A |
| Apache Tomcat 4.0.5 and earlier, when using both the invoker servlet and the default servlet, allows remote attackers to read source code for server files or bypass certain protections, a variant of CAN-2002-1148. | |||||
| CVE-2000-1211 | 1 Zope | 1 Zope | 2025-04-03 | 7.5 HIGH | N/A |
| Zope 2.2.0 through 2.2.4 does not properly perform security registration for legacy names of object constructors such as DTML method objects, which could allow attackers to perform unauthorized activities. | |||||
| CVE-2005-2307 | 1 Microsoft | 2 Windows 2000, Windows Xp | 2025-04-03 | 5.0 MEDIUM | N/A |
| netman.dll in Microsoft Windows Connections Manager Library allows local users to cause a denial of service (Network Connections Service crash) via a large integer argument to a particular function, aka "Network Connection Manager Vulnerability." | |||||
| CVE-2002-0960 | 1 Voxel | 1 Cbms | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple cross-site scripting vulnerabilities in Voxel Dot Net CBMS 0.7 and earlier allows remote attackers to execute arbitrary script as other CBMS users. | |||||
| CVE-2004-1506 | 1 Webcalendar | 1 Webcalendar | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in WebCalendar allow remote attackers to inject arbitrary web script via (1) view_entry.php, (2) view_d.php, (3) usersel.php, (4) datesel.php, (5) trailer.php, or (6) styles.php, as demonstrated using img srg tags. | |||||
| CVE-2004-2627 | 1 Sun | 1 J2me | 2025-04-03 | 10.0 HIGH | N/A |
| Java 2 Micro Edition (J2ME) does not properly validate bytecode, which allows remote attackers to escape the Kilobyte Virtual Machine (KVM) sandbox and execute arbitrary code. | |||||
| CVE-2004-1401 | 1 Asp-rider | 1 Asp-rider | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in verify.asp in Asp-rider allows remote attackers to execute arbitrary SQL statements and bypass authentication via the username parameter. | |||||
| CVE-2001-0238 | 1 Microsoft | 6 Windows 2000, Windows 95, Windows 98 and 3 more | 2025-04-03 | 7.5 HIGH | N/A |
| Microsoft Data Access Component Internet Publishing Provider 8.103.2519.0 and earlier allows remote attackers to bypass Security Zone restrictions via WebDAV requests. | |||||
| CVE-2001-1233 | 1 Novell | 2 Groupwise Webaccess, Netware | 2025-04-03 | 5.0 MEDIUM | N/A |
| Netware Enterprise Web Server 5.1 running GroupWise WebAccess 5.5 with Novell Directory Services (NDS) enabled allows remote attackers to enumerate user names, group names and other system information by accessing ndsobj.nlm. | |||||
| CVE-2000-1060 | 1 Xfree86 Project | 1 Xfce | 2025-04-03 | 4.6 MEDIUM | N/A |
| The default configuration of XFCE 3.5.1 bypasses the Xauthority access control mechanism with an "xhost + localhost" command in the xinitrc program, which allows local users to sniff X Windows traffic and gain privileges. | |||||
| CVE-2002-0581 | 1 Workforceroi | 1 Xpede | 2025-04-03 | 7.5 HIGH | N/A |
| WorkforceROI Xpede 4.1 allows remote attackers to execute arbitrary SQL commands and read, modify, or steal credentials from the database via the Qry parameter in the sprc.asp script. | |||||
| CVE-2001-0606 | 2 Hp, Sun | 2 Virtualvault, Iplanet Web Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Vulnerability in iPlanet Web Server 4.X in HP-UX 11.04 (VVOS) with VirtualVault A.04.00 allows a remote attacker to create a denial of service via the HTTPS service. | |||||
| CVE-1999-0401 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 3.7 LOW | N/A |
| A race condition in Linux 2.2.1 allows local users to read arbitrary memory from /proc files. | |||||
| CVE-2004-0593 | 1 Sygate Technologies | 2 Enforcer, Secure Enterprise | 2025-04-03 | 7.5 HIGH | N/A |
| Sygate Enforcer 3.5MR1 and earlier passes broadcast traffic before authentication, which could allow remote attackers to bypass filtering rules. | |||||
| CVE-2006-2706 | 1 Secure Elements | 1 Class 5 Enterprise Vulnerability Management | 2025-04-03 | 5.0 MEDIUM | N/A |
| Secure Elements Class 5 AVR server (aka C5 EVM) before 2.8.1 allows remote attackers to cause a denial of service via forged "session start" messages that cause AVR to connect to arbitrary hosts. | |||||
| CVE-2006-1104 | 1 Pixelpost | 1 Pixelpost | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Pixelpost 1.5 beta 1 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the showimage parameter in index.php; and the (2) USER_AGENT, (3) HTTP_REFERER, and (4) HTTP_HOST HTTP header fields as used in the book_vistor function in includes/functions.php. NOTE: the vendor has disputed some issues from the original disclosure, but due to the vagueness of the dispute, it is not clear whether the vendor is disputing this particular issue. | |||||
| CVE-2003-0344 | 1 Microsoft | 2 Ie, Internet Explorer | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to execute arbitrary code via / (slash) characters in the Type property of an Object tag in a web page. | |||||