Total
29560 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-0278 | 1 Microsoft | 2 Internet Information Server, Windows Nt | 2025-04-03 | 5.0 MEDIUM | N/A |
| In IIS, remote attackers can obtain source code for ASP files by appending "::$DATA" to the URL. | |||||
| CVE-2003-0897 | 1 Microsoft | 1 Windows Xp | 2025-04-03 | 4.6 MEDIUM | N/A |
| "Shatter" vulnerability in CommCtl32.dll in Windows XP may allow local users to execute arbitrary code by sending (1) BCM_GETTEXTMARGIN or (2) BCM_SETTEXTMARGIN button control messages to privileged applications. | |||||
| CVE-2001-0912 | 1 Mandrakesoft | 1 Mandrake Linux | 2025-04-03 | 7.2 HIGH | N/A |
| Packaging error for expect 8.3.3 in Mandrake Linux 8.1 causes expect to search for its libraries in the /home/snailtalk directory before other directories, which could allow a local user to gain root privileges. | |||||
| CVE-2005-4420 | 1 Quicksquare Development | 1 Honeycomb Archive Enterprise | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Honeycomb Archive Enterprise 3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters, possibly the keyword parameter in search.cfm. | |||||
| CVE-2003-0546 | 1 Redhat | 1 Up2date | 2025-04-03 | 7.5 HIGH | N/A |
| up2date 3.0.7 and 3.1.23 does not properly verify RPM GPG signatures, which could allow remote attackers to cause unsigned packages to be installed from the Red Hat Network, if that network is compromised. | |||||
| CVE-2001-1264 | 1 Hp | 2 Hp-ux, Vvos | 2025-04-03 | 10.0 HIGH | N/A |
| Vulnerability in mkacct in HP-UX 11.04 running Virtualvault Operating System (VVOS) 4.0 and 4.5 allows attackers to elevate privileges. | |||||
| CVE-2004-2120 | 1 Reptile Web Server | 1 Reptile Web Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Reptile Web Server allows remote attackers to cause a denial of service (CPU consumption) via multiple incomplete GET requests without the HTTP version. | |||||
| CVE-1999-0825 | 1 Sco | 1 Unixware | 2025-04-03 | 3.6 LOW | N/A |
| The default permissions for UnixWare /var/mail allow local users to read and modify other users' mail. | |||||
| CVE-2006-1627 | 1 Adobe | 1 Acrobat Reader | 2025-04-03 | 7.5 HIGH | N/A |
| Adobe Document Server for Reader Extensions 6.0 does not provide proper access control, which allows remote authenticated users to perform privileged actions by modifying the (1) actionID and (2) pageID parameters. NOTE: due to an error during reservation, this identifier was inadvertently associated with multiple issues. Other CVE identifiers have been assigned to handle other problems that are covered by the same disclosure. | |||||
| CVE-2006-0845 | 1 Leif M. Wright | 1 Web Blog | 2025-04-03 | 6.5 MEDIUM | N/A |
| Leif M. Wright's Blog 3.5 allows remote authenticated users with administrative privileges to execute arbitrary programs, including shell commands, by configuring the sendmail path to a malicious pathname. | |||||
| CVE-2005-0383 | 1 Trend Micro | 1 Control Manager | 2025-04-03 | 7.5 HIGH | N/A |
| Trend Micro Control Manager 3.0 Enterprise Edition allows remote attackers to gain privileges via a replay attack of the encrypted username and password. | |||||
| CVE-2006-2793 | 1 Aspsitem | 1 Aspsitem | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Anket.asp in ASPSitem 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the hid parameter. | |||||
| CVE-2003-0474 | 1 Ashley Brown | 1 Iweb Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in iWeb Server allows remote attackers to read arbitrary files via an HTTP request containing .. sequences, a different vulnerability than CVE-2003-0475. | |||||
| CVE-2005-0829 | 1 Php Fusion | 1 Php Fusion | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in setuser.php of the Digitanium addon to PHP-Fusion 5.01 allows remote attackers to inject arbitrary web script or HTML via the (1) user_name or (2) user_pass parameters. | |||||
| CVE-2004-0980 | 3 Angus Mackay, Debian, Gentoo | 3 Ez-ipupdate, Debian Linux, Linux | 2025-04-03 | 10.0 HIGH | N/A |
| Format string vulnerability in ez-ipupdate.c for ez-ipupdate 3.0.10 through 3.0.11b8, when running in daemon mode with certain service types in use, allows remote servers to execute arbitrary code. | |||||
| CVE-2005-4418 | 1 Vserver | 1 Util-vserver | 2025-04-03 | 7.5 HIGH | N/A |
| util-vserver before 0.30.208-1 with kernel-patch-vserver before 1.9.5.5 and 2.x before 2.3 for Debian GNU/Linux sets a default policy that trusts unknown capabilities, which could allow local users to conduct unauthorized activities. | |||||
| CVE-2005-0279 | 1 Jowood Productions | 1 Soldner Secret Wars | 2025-04-03 | 5.0 MEDIUM | N/A |
| Soldner Secret Wars 30830 and earlier does not properly handle the "message too long" socket error, which allows remote attackers to cause a denial of service (socket termination) via a long UDP packet. | |||||
| CVE-2005-0706 | 1 Grip | 1 Grip | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in discdb.c for grip 3.1.2 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code by causing the cddb lookup to return more matches than expected. | |||||
| CVE-2001-0187 | 1 Washington University | 1 Wu-ftpd | 2025-04-03 | 10.0 HIGH | N/A |
| Format string vulnerability in wu-ftp 2.6.1 and earlier, when running with debug mode enabled, allows remote attackers to execute arbitrary commands via a malformed argument that is recorded in a PASV port assignment. | |||||
| CVE-2003-0549 | 2 Gnome, Redhat | 4 Gdm, Enterprise Linux, Kdebase and 1 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| The X Display Manager Control Protocol (XDMCP) support for GDM before 2.4.1.6 allows attackers to cause a denial of service (daemon crash) via a short authorization key name. | |||||