Total
29809 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0828 | 1 Mobius | 1 Documentdirect For The Internet | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in ddicgi.exe in Mobius DocumentDirect for the Internet 1.2 allows remote attackers to execute arbitrary commands via a long User-Agent parameter. | |||||
| CVE-2004-1226 | 1 Sugarcrm | 1 Sugarcrm | 2025-04-03 | 5.0 MEDIUM | N/A |
| SugarCRM Sugar Sales 2.0.1c and earlier allows remote attackers to gain sensitive information via certain requests to scripts that contain invalid input, which reveals the path in an error message, as demonstrated using phprint.php with an empty module parameter. | |||||
| CVE-2002-0549 | 1 Anthill | 1 Anthill | 2025-04-03 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerabilities in Anthill allow remote attackers to execute script as other Anthill users. | |||||
| CVE-2001-0274 | 1 Kicq | 1 Kicq | 2025-04-03 | 7.5 HIGH | N/A |
| kicq IRC client 1.0.0, and possibly later versions, allows remote attackers to execute arbitrary commands via shell metacharacters in a URL. | |||||
| CVE-1999-0178 | 1 Oreilly | 1 Oreilly Website | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the win-c-sample program (win-c-sample.exe) in the WebSite web server 1.1e allows remote attackers to execute arbitrary code via a long query string. | |||||
| CVE-2005-2451 | 1 Cisco | 2 Ios, Ios Xr | 2025-04-03 | 2.1 LOW | N/A |
| Cisco IOS 12.0 through 12.4 and IOS XR before 3.2, with IPv6 enabled, allows remote attackers on a local network segment to cause a denial of service (device reload) and possibly execute arbitrary code via a crafted IPv6 packet. | |||||
| CVE-2006-2638 | 1 Qjstudios | 1 Qjforum | 2025-04-03 | 6.4 MEDIUM | N/A |
| SQL injection vulnerability in member.asp in qjForum allows remote attackers to execute arbitrary SQL commands via the uName parameter. | |||||
| CVE-2002-1436 | 1 Novell | 1 Netware | 2025-04-03 | 7.5 HIGH | N/A |
| The web handler for Perl 5.003 on Novell NetWare 5.1 and NetWare 6 allows remote attackers to execute arbitrary Perl code via an HTTP POST request. | |||||
| CVE-2005-1517 | 1 Cisco | 1 Firewall Services Module | 2025-04-03 | 7.5 HIGH | N/A |
| Unknown vulnerability in Cisco Firewall Services Module (FWSM) 2.3.1 and earlier, when using URL, FTP, or HTTPS filtering exceptions, allows certain TCP packets to bypass access control lists (ACLs). | |||||
| CVE-2006-4450 | 1 Phpbb Group | 1 Phpbb | 2025-04-03 | 5.1 MEDIUM | N/A |
| usercp_avatar.php in PHPBB 2.0.20, when avatar uploading is enabled, allows remote attackers to use the server as a web proxy by submitting a URL to the avatarurl parameter, which is then used in an HTTP GET request. | |||||
| CVE-2002-1092 | 1 Cisco | 1 Vpn 3000 Concentrator Series Software | 2025-04-03 | 7.5 HIGH | N/A |
| Cisco VPN 3000 Concentrator 3.6(Rel) and earlier, and 2.x.x, when configured to use internal authentication with group accounts and without any user accounts, allows remote VPN clients to log in using PPTP or IPSEC user authentication. | |||||
| CVE-2006-3324 | 1 Id Software | 1 Quake 3 Engine | 2025-04-03 | 5.0 MEDIUM | N/A |
| The Automatic Downloading option in the id3 Quake 3 Engine and the Icculus Quake 3 Engine (ioquake3) before revision 804 allows remote attackers to overwrite arbitrary files in the quake3 directory (fs_homepath cvar) via a long string of filenames, as contained in the neededpaks buffer. | |||||
| CVE-2004-2637 | 1 Zonet | 1 Zsr1104we Wireless Router Runtime Code | 2025-04-03 | 6.4 MEDIUM | N/A |
| The NAT implementation in Zonet ZSR1104WE Wireless Router Runtime Code Version 2.41 converts IP addresses of inbound connections to the IP address of the router, which allows remote attackers to bypass intended security restrictions. | |||||
| CVE-2001-0351 | 1 Microsoft | 1 Windows 2000 | 2025-04-03 | 2.1 LOW | N/A |
| Microsoft Windows 2000 telnet service allows a local user to make a certain system call that allows the user to terminate a Telnet session and cause a denial of service. | |||||
| CVE-2002-0101 | 1 Microsoft | 1 Internet Explorer | 2025-04-03 | 5.0 MEDIUM | N/A |
| Microsoft Internet Explorer 6.0 and earlier allows local users to cause a denial of service via an infinite loop for modeless dialogs showModelessDialog, which causes CPU usage while the focus for the dialog is not released. | |||||
| CVE-2001-0721 | 1 Microsoft | 4 Windows 98, Windows 98se, Windows Me and 1 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| Universal Plug and Play (UPnP) in Windows 98, 98SE, ME, and XP allows remote attackers to cause a denial of service (memory consumption or crash) via a malformed UPnP request. | |||||
| CVE-2006-1785 | 1 Adobe | 1 Document Server | 2025-04-03 | 2.1 LOW | N/A |
| Adobe Document Server for Reader Extensions 6.0 allows remote authenticated users to inject arbitrary web script via a leading (1) ftp or (2) http URI in the ReaderURL variable in the "Update Download Site" section of ads-readerext. NOTE: it is not clear whether the vendor advisory addresses this issue. In addition, since the issue requires administrative privileges to exploit, it is not clear whether this crosses security boundaries. | |||||
| CVE-2006-4676 | 1 Tibco | 1 Rendezvous | 2025-04-03 | 1.2 LOW | N/A |
| TIBCO RendezVous 7.4.11 and earlier logs base64-encoded usernames and passwords in rvrd.db, which allows local users to obtain sensitive information by decoding the log file. | |||||
| CVE-1999-0935 | 2025-04-03 | 10.0 HIGH | N/A | ||
| classifieds.cgi allows remote attackers to execute arbitrary commands by specifying them in a hidden variable in a CGI form. | |||||
| CVE-2003-0277 | 1 Happycgi | 1 Happymall | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in normal_html.cgi in Happycgi.com Happymall 4.3 and 4.4 allows remote attackers to read arbitrary files via .. (dot dot) sequences in the file parameter. | |||||