Total
29810 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-0740 | 1 Stunnel | 1 Stunnel | 2025-04-03 | 4.6 MEDIUM | N/A |
| Stunnel 4.00, and 3.24 and earlier, leaks a privileged file descriptor returned by listen(), which allows local users to hijack the Stunnel server. | |||||
| CVE-2003-0615 | 3 Cgi.pm, Debian, Openpkg | 3 Cgi.pm, Debian Linux, Openpkg | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in start_form() of CGI.pm allows remote attackers to insert web script via a URL that is fed into the form's action parameter. | |||||
| CVE-2004-0126 | 1 Freebsd | 1 Freebsd | 2025-04-03 | 4.6 MEDIUM | N/A |
| The jail_attach system call in FreeBSD 5.1 and 5.2 changes the directory of a calling process even if the process doesn't have permission to change directory, which allows local users to gain read/write privileges to files and directories within another jail. | |||||
| CVE-2006-3781 | 1 Sun | 1 Solaris | 2025-04-03 | 7.8 HIGH | N/A |
| Unspecified vulnerability in Sun Solaris 10 allows context-dependent attackers to cause a denial of service (panic) via unspecified vectors involving the event port API. | |||||
| CVE-2006-0184 | 1 Mainenet Enterprises | 1 Asptopsites | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in AspTopSites allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to goto.asp or (2) password parameter to includeloginuser.asp. | |||||
| CVE-2006-3093 | 1 Adobe | 1 Acrobat Reader | 2025-04-03 | 6.8 MEDIUM | N/A |
| Multiple unspecified vulnerabilities in Adobe Acrobat Reader (acroread) before 7.0.8 have unknown impact and unknown vectors. | |||||
| CVE-2002-0110 | 1 Nevrona Designs | 1 Miramail | 2025-04-03 | 2.1 LOW | N/A |
| Nevrona Designs MiraMail 1.04 and earlier stores authentication information such as POP usernames and passwords in plaintext in a .ini file, which allows an attacker to gain privileges by reading the passwords from the file. | |||||
| CVE-2005-1449 | 1 S9y | 1 Serendipity | 2025-04-03 | 10.0 HIGH | N/A |
| Unknown vulnerability in serendipity_config_local.inc.php for Serendipity before 0.8 has unknown impact. | |||||
| CVE-2006-1156 | 1 Manas Tungare | 1 Site Membership Script | 2025-04-03 | 5.0 MEDIUM | N/A |
| SQL injection vulnerability in manas tungare Site Membership Script before 8 March, 2006 allows remote attackers to execute arbitrary SQL commands via the Username parameter in login.asp. | |||||
| CVE-2005-4670 | 1 Citypost | 1 Php Lnkx | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in message.php in CityPost Automated Link Exchange (LNKX) allows remote attackers to inject arbitrary web script or HTML via the msg parameter. | |||||
| CVE-2005-0762 | 1 Imagemagick | 1 Imagemagick | 2025-04-03 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in the SGI parser in ImageMagick before 6.0 allows remote attackers to execute arbitrary code via a crafted SGI image file. | |||||
| CVE-2005-2871 | 1 Mozilla | 1 Firefox | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the International Domain Name (IDN) support in Mozilla Firefox 1.0.6 and earlier, and Netscape 8.0.3.3 and 7.2, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a hostname with all "soft" hyphens (character 0xAD), which is not properly handled by the NormalizeIDN call in nsStandardURL::BuildNormalizedSpec. | |||||
| CVE-2003-1194 | 1 Booby | 1 Booby | 2025-04-03 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Booby .1 through 0.2.3 allows remote attackers to inject arbitrary web script or HTML via the error message. | |||||
| CVE-2004-0873 | 1 Apple | 2 Ichat, Ichat Av | 2025-04-03 | 7.5 HIGH | N/A |
| Apple iChat AV 2.1, AV 2.0, and 1.0.1 allows remote attackers to execute arbitrary programs via a "link" that references the program. | |||||
| CVE-2005-4446 | 1 Aspbite | 1 Aspbite | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.asp in ASPBite 8.x allows remote attackers to inject arbitrary web script or HTML via the strSearch parameter. | |||||
| CVE-2006-4669 | 1 Somery | 1 Somery | 2025-04-03 | 5.1 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in admin/system/include.php in Somery 0.4.6 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the skindir parameter. | |||||
| CVE-2005-1700 | 1 Postnuke Software Foundation | 1 Postnuke | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in pnadmin.php in the Xanthia module in PostNuke 0.760-RC3 allows remote administrators to execute arbitrary SQL commands via the riga[0] parameter. | |||||
| CVE-2006-2044 | 1 Ip3 Networks | 1 Ip3 Netaccess 75 | 2025-04-03 | 7.5 HIGH | N/A |
| na-img-4.0.34.bin for the IP3 Networks NetAccess NA75 has a default username of admin and a default password of admin. | |||||
| CVE-2001-0565 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 4.6 MEDIUM | N/A |
| Buffer overflow in mailx in Solaris 8 and earlier allows a local attacker to gain additional privileges via a long '-F' command line option. | |||||
| CVE-1999-0383 | 1 Acc | 1 Tigris | 2025-04-03 | 7.5 HIGH | N/A |
| ACC Tigris allows public access without a login. | |||||