Total
29809 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-3903 | 1 Sco | 1 Unixware | 2025-04-03 | 4.6 MEDIUM | N/A |
| Buffer overflow in uidadmin in SCO Unixware 7.1.3 and 7.1.4 allows local users to execute arbitrary code via a -S (scheme) argument that specifies a large file, a different vulnerability than CVE-2001-1063. | |||||
| CVE-2005-3471 | 1 Mailscanner | 1 Mailscanner | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the ruleset view for MailWatch for MailScanner 1.0.2 allows remote attackers to access arbitrary files. | |||||
| CVE-2005-2989 | 1 Deluxebb | 1 Deluxebb | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in DeluxeBB 1.0 and 1.0.5 allow remote attackers to execute arbitrary SQL commands via the (1) tid parameter to topic.php, the uid parameter to (2) misc.php or (3) pm.php, or the fid parameter to (3) forums.php or (4) newpost.php. | |||||
| CVE-2005-1057 | 1 Cisco | 1 Ios | 2025-04-03 | 7.5 HIGH | N/A |
| Cisco IOS 12.2T, 12.3 and 12.3T, when using Easy VPN Server XAUTH version 6 authentication, allows remote attackers to bypass authentication via a "malformed packet." | |||||
| CVE-2004-0259 | 1 Joe Lumbroso Acks | 1 Formmail.php | 2025-04-03 | 9.3 HIGH | N/A |
| The check_referer() function in Formmail.php 5.0 and earlier allows remote attackers to bypass access restrictions via an empty or spoofed HTTP Referer, as demonstrated using an application on the same web server that contains a cross-site scripting (XSS) issue. | |||||
| CVE-2005-1751 | 1 Shtool | 1 Shtool | 2025-04-03 | 3.7 LOW | N/A |
| Race condition in shtool 2.0.1 and earlier allows local users to create or modify arbitrary files via a symlink attack on the .shtool.$$ temporary file, a different vulnerability than CVE-2005-1759. | |||||
| CVE-2001-0868 | 1 Redhat | 1 Stronghold | 2025-04-03 | 5.0 MEDIUM | N/A |
| Red Hat Stronghold 2.3 to 3.0 allows remote attackers to retrieve system information via an HTTP GET request to (1) stronghold-info or (2) stronghold-status. | |||||
| CVE-2001-0279 | 2 Debian, Mandrakesoft | 3 Debian Linux, Mandrake Linux, Mandrake Linux Corporate Server | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in sudo earlier than 1.6.3p6 allows local users to gain root privileges. | |||||
| CVE-2002-0855 | 1 Gnu | 1 Mailman | 2025-04-03 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerability in Mailman before 2.0.12 allows remote attackers to execute script as other users via a subscriber's list subscription options in the (1) adminpw or (2) info parameters to the ml-name feature. | |||||
| CVE-2005-2719 | 1 Flagship Industries | 1 Ventrilo | 2025-04-03 | 5.0 MEDIUM | N/A |
| Ventrilo 2.1.2 through 2.3.0 allows remote attackers to cause a denial of service (application crash) via a status packet that contains less data than specified in the packet header sent to UDP port 3784. | |||||
| CVE-2004-0871 | 1 Mozilla | 1 Mozilla | 2025-04-03 | 5.0 MEDIUM | N/A |
| Mozilla does not prevent cookies that are sent over an insecure channel (HTTP) from also being sent over a secure channel (HTTPS/SSL) in the same domain, which could allow remote attackers to steal cookies and conduct unauthorized activities, aka "Cross Security Boundary Cookie Injection." | |||||
| CVE-2003-0486 | 1 Phpbb Group | 1 Phpbb | 2025-04-03 | 5.0 MEDIUM | N/A |
| SQL injection vulnerability in viewtopic.php for phpBB 2.0.5 and earlier allows remote attackers to steal password hashes via the topic_id parameter. | |||||
| CVE-1999-0205 | 1 Eric Allman | 1 Sendmail | 2025-04-03 | 5.0 MEDIUM | N/A |
| Denial of service in Sendmail 8.6.11 and 8.6.12. | |||||
| CVE-2004-2447 | 1 1st Class Internet Solutions | 1 1st Class Mail Server | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in 1st Class Mail Server 4.01 allows remote attackers to inject arbitrary web script or HTML via the Mailbox parameter to (1) viewmail.tagz, (2) the index script under /user/, (3) members.tagz, (4) general.tagz, (5) advanced.tagz, or (6) list.tagz. | |||||
| CVE-2002-0674 | 1 Pingtel | 1 Xpressa | 2025-04-03 | 7.2 HIGH | N/A |
| Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 does not "time out" an inactive administrator session, which could allow other users to perform administrator actions if the administrator does not explicitly end the authentication. | |||||
| CVE-2000-0414 | 1 Hp | 2 Hp-ux, Vvos | 2025-04-03 | 4.6 MEDIUM | N/A |
| Vulnerability in shutdown command for HP-UX 11.X and 10.X allows allows local users to gain privileges via malformed input variables. | |||||
| CVE-2006-2720 | 1 Variomat | 1 Variomat | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in news.php in VARIOMAT allows remote attackers to execute arbitrary SQL commands via the subcat parameter. | |||||
| CVE-2005-4613 | 1 Vubb | 1 Vubb | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in VUBB alpha rc1 allows remote attackers to inject arbitrary web script or HTML via unspecified fields in the user edit profile. | |||||
| CVE-2006-3380 | 1 Freestyle | 1 Freestyle Wiki | 2025-04-03 | 5.0 MEDIUM | N/A |
| Algorithmic complexity vulnerability in FreeStyle Wiki before 3.6.2 allows remote attackers to cause a denial of service (CPU consumption) by performing a diff between large, crafted pages that trigger the worst case. | |||||
| CVE-2006-3710 | 1 Oracle | 1 Application Server | 2025-04-03 | 10.0 HIGH | N/A |
| Unspecified vulnerability in OC4J for Oracle Application Server 9.0.2.3, 9.0.3.1, 9.0.4.2, and 10.1.2.0.0 has unknown impact and attack vectors, aka Oracle Vuln# (1) AS05 and (2) AS08. | |||||