Total
29809 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-0273 | 1 Sun | 1 Sunos | 2025-04-03 | 5.0 MEDIUM | N/A |
| Denial of service through Solaris 2.5.1 telnet by sending ^D characters. | |||||
| CVE-2003-0737 | 1 Phpwebsite | 1 Phpwebsite | 2025-04-03 | 5.0 MEDIUM | N/A |
| The calendar module in phpWebSite 0.9.x and earlier allows remote attackers to obtain the full pathname of phpWebSite via an invalid year, which generates an error from localtime() in TimeZone.php of the Pear library. | |||||
| CVE-2001-0259 | 1 Ssh | 1 Ssh | 2025-04-03 | 3.6 LOW | N/A |
| ssh-keygen in ssh 1.2.27 - 1.2.30 with Secure-RPC can allow local attackers to recover a SUN-DES-1 magic phrase generated by another user, which the attacker can use to decrypt that user's private key file. | |||||
| CVE-2003-1292 | 1 Ashwebstudio | 1 Ashnews | 2025-04-03 | 5.0 MEDIUM | N/A |
| PHP remote file include vulnerability in Derek Ashauer ashNews 0.83 allows remote attackers to include and execute arbitrary remote files via a URL in the pathtoashnews parameter to (1) ashnews.php and (2) ashheadlines.php. | |||||
| CVE-2005-2144 | 1 Prevx | 1 Prevx Pro 2005 | 2025-04-03 | 2.1 LOW | N/A |
| Prevx Pro 2005 1.0 allows local users to bypass file protection and modify files by using MapViewOfFile to perform memory mapping on the file. | |||||
| CVE-2001-0156 | 1 Van Dyke Technologies | 1 Vshell | 2025-04-03 | 2.1 LOW | N/A |
| VShell SSH gateway 1.0.1 and earlier has a default port forwarding rule of 0.0.0.0/0.0.0.0, which could allow local users to conduct arbitrary port forwarding to other systems. | |||||
| CVE-2001-0109 | 1 Suse | 1 Suse Linux | 2025-04-03 | 1.2 LOW | N/A |
| rctab in SuSE 7.0 and earlier allows local users to create or overwrite arbitrary files via a symlink attack on the rctmp temporary file. | |||||
| CVE-1999-1114 | 1 Sgi | 1 Irix | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in Korn Shell (ksh) suid_exec program on IRIX 6.x and earlier, and possibly other operating systems, allows local users to gain root privileges. | |||||
| CVE-2005-1018 | 1 Ca | 1 Brightstor Arcserve Backup | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the UniversalAgent for Computer Associates (CA) BrightStor ARCserve Backup allows remote authenticated users to cause a denial of service or execute arbitrary code via an agent request to TCP port 6050 with a large argument before the option field. | |||||
| CVE-2002-1450 | 1 Ibm | 1 U2 Universe | 2025-04-03 | 5.0 MEDIUM | N/A |
| IBM UniVerse with UV/ODBC allows attackers to cause a denial of service (client crash or server CPU consumption) via a query with an invalid link between tables, possibly via a buffer overflow. | |||||
| CVE-2005-4057 | 1 Jonathan Beckett | 1 Pluggedout Nexus | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in search.php in PluggedOut Nexus 0.1 allows remote attackers to inject arbitrary web script or HTML via the (1) Location, (2) Last Name, and (3) First Name parameters. | |||||
| CVE-2005-0502 | 1 Xinkaa Web Station | 1 Xinkaa Web Station | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Xinkaa 1.0.3 and earlier allows remote attackers to read arbitrary files via (1) ../ and (2) ..\ characters in an HTTP request. | |||||
| CVE-2003-0249 | 1 Php | 1 Php | 2025-04-03 | 7.5 HIGH | N/A |
| PHP treats unknown methods such as "PoSt" as a GET request, which could allow attackers to intended access restrictions if PHP is running on a server that passes on all methods, such as Apache httpd 2.0, as demonstrated using a Limit directive. NOTE: this issue has been disputed by the Apache security team, saying "It is by design that PHP allows scripts to process any request method. A script which does not explicitly verify the request method will hence be processed as normal for arbitrary methods. It is therefore expected behaviour that one cannot implement per-method access control using the Apache configuration alone, which is the assumption made in this report. | |||||
| CVE-2006-1327 | 1 Softbb | 1 Softbb | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in reg.php in SoftBB 0.1 allows remote attackers to execute arbitrary SQL commands via the mail parameter. | |||||
| CVE-2005-0346 | 1 Safenet | 1 Softremote Vpn Client | 2025-04-03 | 2.1 LOW | N/A |
| SafeNet SoftRemote VPN Client stores the VPN password (pre-shared key) in cleartext in memory of the IreIKE.exe process, which allows local users to gain sensitive information if they have access to that process. | |||||
| CVE-2006-4246 | 1 Usermin | 1 Usermin | 2025-04-03 | 3.6 LOW | N/A |
| Usermin before 1.220 (20060629) allows remote attackers to read arbitrary files, possibly related to chfn/save.cgi not properly handling an empty shell parameter, which results in changing root's shell instead of the shell of a specified user. | |||||
| CVE-2003-0073 | 1 Oracle | 1 Mysql | 2025-04-03 | 5.0 MEDIUM | N/A |
| Double-free vulnerability in mysqld for MySQL before 3.23.55 allows attackers with MySQL access to cause a denial of service (crash) via mysql_change_user. | |||||
| CVE-2003-0198 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | 6.4 MEDIUM | N/A |
| Mac OS X before 10.2.5 allows guest users to modify the permissions of the DropBox folder and read unauthorized files. | |||||
| CVE-2005-3098 | 1 Qualcomm | 1 Qpopper | 2025-04-03 | 4.6 MEDIUM | N/A |
| poppassd in Qualcomm qpopper 4.0.8 allows local users to modify arbitrary files and gain privileges via the -t (trace file) command line argument. | |||||
| CVE-2004-0726 | 1 Microsoft | 1 Windows 2000 | 2025-04-03 | 7.5 HIGH | N/A |
| The Windows Media Player control in Microsoft Windows 2000 allows remote attackers to execute arbitrary script in the local computer zone via an ASX filename that contains javascript, which is executed in the local context in a preview panel. | |||||