Total
29559 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-1249 | 1 Vwebserver | 1 Vwebserver | 2025-04-03 | 5.0 MEDIUM | N/A |
| vWebServer 1.2.0 allows remote attackers to cause a denial of service via a URL that contains MS-DOS device names. | |||||
| CVE-2005-0527 | 1 Mozilla | 1 Firefox | 2025-04-03 | 5.1 MEDIUM | N/A |
| Firefox 1.0 allows remote attackers to execute arbitrary code via plugins that load "privileged content" into frames, as demonstrated using certain XUL events when a user drags a scrollbar two times, aka "Firescrolling." | |||||
| CVE-2001-0373 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2025-04-03 | 2.1 LOW | N/A |
| The default configuration of the Dr. Watson program in Windows NT and Windows 2000 generates user.dmp crash dump files with world-readable permissions, which could allow a local user to gain access to sensitive information. | |||||
| CVE-2000-0033 | 1 Trend Micro | 1 Interscan Viruswall | 2025-04-03 | 5.0 MEDIUM | N/A |
| InterScan VirusWall SMTP scanner does not properly scan messages with malformed attachments. | |||||
| CVE-2002-1199 | 3 Caldera, Sco, Sun | 4 Openlinux, Openserver, Solaris and 1 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| The getdbm procedure in ypxfrd allows local users to read arbitrary files, and remote attackers to read databases outside /var/yp, via a directory traversal and symlink attack on the domain and map arguments. | |||||
| CVE-2002-0865 | 1 Microsoft | 1 Virtual Machine | 2025-04-03 | 7.5 HIGH | N/A |
| A certain class that supports XML (Extensible Markup Language) in Microsoft Virtual Machine (VM) 5.0.3805 and earlier, probably com.ms.osp.ospmrshl, exposes certain unsafe methods, which allows remote attackers to execute unsafe code via a Java applet, aka "Inappropriate Methods Exposed in XML Support Classes." | |||||
| CVE-2004-0429 | 1 Apple | 1 Mac Os X | 2025-04-03 | 10.0 HIGH | N/A |
| Unknown vulnerability related to "the handling of large requests" in RAdmin for Apple Mac OS X 10.3.3 and Mac OS X 10.2.8 may allow attackers to have unknown impact via unknown attack vectors. | |||||
| CVE-2006-0479 | 1 Pmwiki | 1 Pmwiki | 2025-04-03 | 4.3 MEDIUM | N/A |
| pmwiki.php in PmWiki 2.1 beta 20, with register_globals enabled, allows remote attackers to bypass protection mechanisms that deregister global variables by setting both a GPC variable and a GLOBALS[] variable with the same name, which causes PmWiki to unset the GLOBALS[] variable but not the GPC variable, which creates resultant vulnerabilities such as remote file inclusion and cross-site scripting (XSS). | |||||
| CVE-2002-1271 | 1 Perl-mailtools | 1 Perl-mailtools | 2025-04-03 | 7.5 HIGH | N/A |
| The Mail::Mailer Perl module in the perl-MailTools package 1.47 and earlier uses mailx as the default mailer, which allows remote attackers to execute arbitrary commands by inserting them into the mail body, which is then processed by mailx. | |||||
| CVE-2006-2117 | 1 Extrosoft | 1 Thyme | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Thyme 1.3 allows remote attackers to inject arbitrary web script or HTML via the search page. | |||||
| CVE-2004-1174 | 6 Debian, Gentoo, Midnight Commander and 3 more | 8 Debian Linux, Linux, Midnight Commander and 5 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| direntry.c in Midnight Commander (mc) 4.5.55 and earlier allows attackers to cause a denial of service by "manipulating non-existing file handles." | |||||
| CVE-2006-0578 | 1 Bluecoat | 1 Sgos | 2025-04-03 | 7.5 HIGH | N/A |
| Blue Coat Proxy Security Gateway OS (SGOS) 4.1.2.1 does not enforce CONNECT rules when using Deep Content Inspection, which allows remote attackers to bypass connection filters. | |||||
| CVE-2005-2691 | 1 Runcms | 1 Runcms | 2025-04-03 | 7.5 HIGH | N/A |
| includes/common.php in RunCMS 1.2 and earlier calls the extract function with EXTR_OVERWRITE on HTTP POST variables, which allows remote attackers to overwrite arbitrary variables, possibly allowing execution of arbitrary code. | |||||
| CVE-2005-2997 | 1 Bugada Andrea | 1 Php Advanced Transfer Manager | 2025-04-03 | 5.0 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in PHP Advanced Transfer Manager 1.30 allow remote attackers to read arbitrary files via ".." sequences in (1) the currentdir parameter to txt.php, or the current_dir parameter to (2) htm.php or (3) html.php. | |||||
| CVE-2004-1119 | 1 Nullsoft | 1 Winamp | 2025-04-03 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in IN_CDDA.dll in Winamp 5.05, and possibly other versions including 5.06, allows remote attackers to execute arbitrary code via a certain .m3u playlist file. | |||||
| CVE-2004-1919 | 1 Crackalaka | 1 Crackalaka | 2025-04-03 | 5.0 MEDIUM | N/A |
| The hash_strcmp function in hasch.c in Crackalaka 1.0.8 allows remote attackers to cause a denial of service (crash) via large malformed strings. | |||||
| CVE-2002-0484 | 1 Php | 1 Php | 2025-04-03 | 5.0 MEDIUM | N/A |
| move_uploaded_file in PHP does not does not check for the base directory (open_basedir), which could allow remote attackers to upload files to unintended locations on the system. | |||||
| CVE-2005-4318 | 1 Limbo Cms | 1 Limbo Cms | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Limbo CMS 1.0.4.2 and earlier, with register_globals off, allows remote attackers to execute arbitrary SQL commands via the _SERVER[REMOTE_ADDR] parameter, which modifies the underlying $_SERVER variable. | |||||
| CVE-1999-0722 | 1 Sun | 1 Cobalt Raq 2 | 2025-04-03 | 10.0 HIGH | N/A |
| The default configuration of Cobalt RaQ2 servers allows remote users to install arbitrary software packages. | |||||
| CVE-2005-2159 | 1 Planetdns | 1 Planetfileserver | 2025-04-03 | 5.0 MEDIUM | N/A |
| mshftp.dll in PlanetDNS PlanetFileServer 2.0.1.3 allows remote attackers to cause a denial of service (application crash) via a long request. | |||||