Total
29560 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0262 | 1 Avm | 1 Ken | 2025-04-03 | 5.0 MEDIUM | N/A |
| The AVM KEN! ISDN Proxy server allows remote attackers to cause a denial of service via a malformed request. | |||||
| CVE-2001-0962 | 1 Ibm | 2 Websphere Application Server, Websphere Commerce Suite | 2025-04-03 | 7.5 HIGH | N/A |
| IBM WebSphere Application Server 3.02 through 3.53 uses predictable session IDs for cookies, which allows remote attackers to gain privileges of WebSphere users via brute force guessing. | |||||
| CVE-2005-3318 | 1 Jed Wing | 1 Chm Lib | 2025-04-03 | 5.1 MEDIUM | N/A |
| Buffer overflow in the _chm_decompress_block function in CHM lib (chmlib) before 0.37, as used in products such as KchmViewer, allows attackers to execute arbitrary code, a different vulnerability than CVE-2005-2930. | |||||
| CVE-2001-1526 | 1 Easyscripts | 1 Easynews | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the comments action in index.php in easyNews 1.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the zeit parameter. | |||||
| CVE-2004-0252 | 1 Typsoft | 1 Typsoft Ftp Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| TYPSoft FTP Server 1.10 allows remote attackers to cause a denial of service (CPU consumption) via an empty USER name. | |||||
| CVE-2001-1332 | 1 Easy Software Products | 1 Cups | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflows in Linux CUPS before 1.1.6 may allow remote attackers to execute arbitrary code. | |||||
| CVE-2006-4025 | 1 Xennobb | 1 Xennobb | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in profile.php in XennoBB 2.1.0 and earlier allows remote authenticated users to execute arbitrary SQL commands via the (1) bday_day, (2) bday_month, and (3) bday_year parameters in the personal section. | |||||
| CVE-2003-1085 | 1 Thomson | 2 Tcm Cable Modem, Tcw Cable Modem | 2025-04-03 | 5.0 MEDIUM | N/A |
| The HTTP server in the Thomson TWC305, TWC315, and TCW690 cable modem ST42.03.0a allows remote attackers to cause a denial of service (unstable service) via a long GET request, possibly caused by a buffer overflow. | |||||
| CVE-1999-1534 | 1 Knox Software | 1 Arkeia | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in (1) nlservd and (2) rnavc in Knox Software Arkeia backup product allows local users to obtain root access via a long HOME environmental variable. | |||||
| CVE-2006-3237 | 1 Senokian Solutions | 1 Enterprise Groupware Systems | 2025-04-03 | 2.6 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Enterprise Groupware System (EGS) 1.2.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the module parameter. | |||||
| CVE-2005-0621 | 1 Enlight Software | 1 Scrapland | 2025-04-03 | 5.0 MEDIUM | N/A |
| Scrapland 1.0 and earlier allows remote attackers to cause a denial of service (server termination) by triggering an error, which is treated as a fatal error by the server, as demonstrated using (1) signed integers for size values, (2) an invalid model, (3) a "newpos" value that is less than or equal to a size value, or (4) partial packets. | |||||
| CVE-2000-0794 | 1 Sgi | 1 Irix | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in IRIX libgl.so library allows local users to gain root privileges via a long HOME variable to programs such as (1) gmemusage and (2) gr_osview. | |||||
| CVE-2005-0189 | 1 Realnetworks | 2 Realone Player, Realplayer | 2025-04-03 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the HandleAction function in RealPlayer 10.5 (6.0.12.1040) and earlier allows remote attackers to execute arbitrary code via a long ShowPreferences argument. | |||||
| CVE-2004-2217 | 1 Ychat | 1 Ychat | 2025-04-03 | 5.0 MEDIUM | N/A |
| Multiple unknown vulnerabilities in yhttpd in yChat before 0.7 allow remote attackers to cause a denial of service (segmentation fault) via unknown vectors. | |||||
| CVE-2001-1544 | 1 Macromedia | 1 Jrun | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Macromedia JRun Web Server (JWS) 2.3.3, 3.0 and 3.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the HTTP GET request. | |||||
| CVE-2001-1144 | 1 Mcafee | 1 Asap Virusscan | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in McAfee ASaP VirusScan agent 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the HTTP request. | |||||
| CVE-2003-0526 | 1 Microsoft | 1 Isa Server | 2025-04-03 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Microsoft Internet Security and Acceleration (ISA) Server 2000 allows remote attackers to inject arbitrary web script via a URL containing the script in the domain name portion, which is not properly cleansed in the default error pages (1) 500.htm for "500 Internal Server error" or (2) 404.htm for "404 Not Found." | |||||
| CVE-2006-0655 | 1 Hinton Design | 1 Phpht Topsites | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in (1) link_edited.php and (2) link_added.php in Hinton Design phpht Topsites 1.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2004-0745 | 1 Tsugio Okamoto | 1 Lha | 2025-04-03 | 10.0 HIGH | N/A |
| LHA 1.14 and earlier allows attackers to execute arbitrary commands via a directory with shell metacharacters in its name. | |||||
| CVE-2005-2546 | 1 Arab Portal | 1 Arab Portal | 2025-04-03 | 5.0 MEDIUM | N/A |
| Arab Portal 2.0 allows remote attackers to obtain sensitive information via a long (1) username or (2) password, which reveals the path in an error message when the undefined "errmsg" function is called. | |||||