Total
29559 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-0131 | 8 Bsdi, Digital, Eric Allman and 5 more | 9 Bsd Os, Osf 1, Sendmail and 6 more | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users. | |||||
| CVE-2005-4283 | 1 Nightmedia | 1 The City Shop | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in The CITY Shop 1.3 and earlier allows remote attackers to inject arbitrary web script or HTML via parameters to the search module, possibly SKey to store.cgi. | |||||
| CVE-1999-0770 | 1 Checkpoint | 1 Firewall-1 | 2025-04-03 | 2.1 LOW | N/A |
| Firewall-1 sets a long timeout for connections that begin with ACK or other packets except SYN, allowing an attacker to conduct a denial of service via a large number of connection attempts to unresponsive systems. | |||||
| CVE-2003-0066 | 1 Rxvt | 1 Rxvt | 2025-04-03 | 7.5 HIGH | N/A |
| The rxvt terminal emulator 2.7.8 and earlier allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. | |||||
| CVE-2006-3552 | 1 Ipswitch | 2 Ipswitch Collaboration Suite, Ipswitch Secure Server | 2025-04-03 | 6.4 MEDIUM | N/A |
| Premium Anti-Spam in Ipswitch IMail Secure Server 2006 and Collaboration Suite 2006 Premium, when using a certain .dat file in the StarEngine /data directory from 20060630 or earlier, does not properly receive and implement bullet signature updates, which allows context-dependent attackers to use the server for spam transmission. | |||||
| CVE-2003-0010 | 1 Microsoft | 7 Windows 2000, Windows 2000 Terminal Services, Windows 98 and 4 more | 2025-04-03 | 7.5 HIGH | N/A |
| Integer overflow in JsArrayFunctionHeapSort function used by Windows Script Engine for JScript (JScript.dll) on various Windows operating system allows remote attackers to execute arbitrary code via a malicious web page or HTML e-mail that uses a large array index value that enables a heap-based buffer overflow attack. | |||||
| CVE-2006-3266 | 1 Magnet | 1 Bee-hive Lite | 2025-04-03 | 5.1 MEDIUM | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Bee-hive Lite 1.2 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the (1) header parameter to (a) conad/include/rootGui.inc.php and (b) include/rootGui.inc.php; (2) mysqlCall parameter to (c) conad/changeEmail.inc.php, (d) conad/changeUserDetails.inc.php, (e) conad/checkPasswd.inc.php, (f) conad/login.inc.php and (g) conad/logout.inc.php; (3) mysqlcall parameter to (h) include/listall.inc.php; (4) prefix parameter to (i) show/index.php; and (5) config parameter to (j) conad/include/mysqlCall.inc.php. | |||||
| CVE-2005-4376 | 1 Box Uk | 1 Amaxus | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Amaxus 3 and earlier allows remote attackers to access arbitrary files via ".." sequences in the change parameter. | |||||
| CVE-1999-1444 | 1 Computer Software Manufaktur | 1 Alibaba | 2025-04-03 | 5.0 MEDIUM | N/A |
| genkey utility in Alibaba 2.0 generates RSA key pairs with an exponent of 1, which results in transactions that are sent in cleartext. | |||||
| CVE-2000-0764 | 1 Intel | 1 Express 8100 | 2025-04-03 | 5.0 MEDIUM | N/A |
| Intel Express 500 series switches allow a remote attacker to cause a denial of service via a malformed IP packet. | |||||
| CVE-2002-0345 | 1 Symantec | 1 Norton Ghost | 2025-04-03 | 7.5 HIGH | N/A |
| Symantec Ghost 7.0 stores usernames and passwords in plaintext in the NGServer\params registry key, which could allow an attacker to gain privileges. | |||||
| CVE-2004-1652 | 1 Brickhost | 1 Phpscheduleit | 2025-04-03 | 7.5 HIGH | N/A |
| phpScheduleIt 1.0.0 RC1 does not clear administrative privileges if the administrator logs in as a normal user, which allows users with physical access to gain administrative privileges. | |||||
| CVE-2005-3983 | 1 Hp | 1 Systems Insight Manager | 2025-04-03 | 7.8 HIGH | N/A |
| Unknown vulnerability in the login page for HP Systems Insight Manager (SIM) 4.0 and 4.1, when accessed by Microsoft Internet Explorer with the MS04-025 patch, leads to a denial of service (browser hang). NOTE: although the advisory is vague, this issue does not appear to involve an attacker at all. If not, then this issue is not a vulnerability. | |||||
| CVE-2006-4318 | 1 Texas Imperial Software | 1 Wftpd | 2025-04-03 | 6.5 MEDIUM | N/A |
| Buffer overflow in WFTPD Server 3.23 allows remote attackers to execute arbitrary code via long SIZE commands. | |||||
| CVE-2006-2289 | 1 Avahi | 1 Avahi | 2025-04-03 | 2.1 LOW | N/A |
| Buffer overflow in avahi-core in Avahi before 0.6.10 allows local users to execute arbitrary code via unknown vectors. | |||||
| CVE-2006-3096 | 1 Ipostmx | 1 Ipostmx 2005 | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in iPostMX 2005 2.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) forum parameter in messagepost.cfm and (2) topic parameter in topics.cfm. NOTE: this item was created based on information in a blog entry that was apparently removed after CVE analysis. As of 20060619, CVE is attempting to determine the cause of the removal. | |||||
| CVE-2003-0309 | 1 Microsoft | 1 Internet Explorer | 2025-04-03 | 7.5 HIGH | N/A |
| Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to bypass security zone restrictions and execute arbitrary programs via a web document with a large number of duplicate file:// or other requests that point to the program and open multiple file download dialogs, which eventually cause Internet Explorer to execute the program, as demonstrated using a large number of FRAME or IFRAME tags, aka the "File Download Dialog Vulnerability." | |||||
| CVE-2001-0454 | 1 Whitsoft | 1 Slimserve | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in SlimServe HTTPd 1.1a allows remote attackers to read arbitrary files via a ... (modified dot dot) in the HTTP request. | |||||
| CVE-2002-1875 | 1 Mcafee | 1 Entercept Agent | 2025-04-03 | 4.6 MEDIUM | N/A |
| Entercept Agent 2.5 agent for Windows, released before May 21, 2002, allows local administrative users to obtain the entercept agent password, which could allow the administrators to log on as the entercept_agent account and conceal their identity. | |||||
| CVE-2005-1741 | 1 Gearbox Software | 1 Halo Combat Evolved | 2025-04-03 | 5.0 MEDIUM | N/A |
| Gearbox Software Halo: Combat Evolved 1.6 allows remote attackers to cause a denial of service (infinite loop) via malformed data. | |||||