Total
29559 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0343 | 1 Brecht Claerhout | 1 Sniffit | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in Sniffit 0.3.x with the -L logging option enabled allows remote attackers to execute arbitrary commands via a long MAIL FROM mail header. | |||||
| CVE-2003-0022 | 1 Rxvt | 1 Rxvt | 2025-04-03 | 5.0 MEDIUM | N/A |
| The "screen dump" feature in rxvt 2.7.8 allows attackers to overwrite arbitrary files via a certain character escape sequence when it is echoed to a user's terminal, e.g. when the user views a file containing the malicious sequence. | |||||
| CVE-2005-0531 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 2.1 LOW | N/A |
| The atm_get_addr function in addr.c for Linux kernel 2.6.10 and 2.6.11 before 2.6.11-rc4 may allow local users to trigger a buffer overflow via negative arguments. | |||||
| CVE-1999-0193 | 1 Ascend | 1 Cascadeview Ux | 2025-04-03 | 5.0 MEDIUM | N/A |
| Denial of service in Ascend and 3com routers, which can be rebooted by sending a zero length TCP option. | |||||
| CVE-1999-1587 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 2.1 LOW | N/A |
| /usr/ucb/ps in Sun Microsystems Solaris 8 and 9, and certain earlier releases, allows local users to view the environment variables and values of arbitrary processes via the -e option. | |||||
| CVE-1999-1372 | 1 Triactive | 1 Remote Management | 2025-04-03 | 4.6 MEDIUM | N/A |
| Triactive Remote Manager with Basic authentication enabled stores the username and password in cleartext in registry keys, which could allow local users to gain privileges. | |||||
| CVE-1999-1575 | 1 Microsoft | 1 Internet Explorer | 2025-04-03 | 5.1 MEDIUM | N/A |
| The Kodak/Wang (1) Image Edit (imgedit.ocx), (2) Image Annotation (imgedit.ocx), (3) Image Scan (imgscan.ocx), (4) Thumbnail Image (imgthumb.ocx), (5) Image Admin (imgadmin.ocx), (6) HHOpen (hhopen.ocx), (7) Registration Wizard (regwizc.dll), and (8) IE Active Setup (setupctl.dll) ActiveX controls for Internet Explorer (IE) 4.01 and 5.0 are marked as "Safe for Scripting," which allows remote attackers to create and modify files and execute arbitrary commands. | |||||
| CVE-2006-3602 | 1 Farsinews | 1 Farsinews | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in jscripts/tiny_mce/tiny_mce_gzip.php in FarsiNews 3.0 BETA 1 allows remote attackers to include arbitrary files via a .. (dot dot) sequence and trailing null (%00) byte in the language parameter in the advanced theme. | |||||
| CVE-2005-1783 | 1 W.m.r. Simpson | 1 Bookreview | 2025-04-03 | 5.0 MEDIUM | N/A |
| BookReview beta 1.0 allows remote attackers to obtain the path of the web server via certain parameters to search.htm, possibly due to a search[string] parameter with a missing value or an incorrect submit[type] value, which reveals the path in the resulting error message. NOTE: it is not clear whether BookReview is available to the public. If not, then it should not be included in CVE. | |||||
| CVE-2001-1430 | 1 Cayman | 1 3220-h Dsl Router | 2025-04-03 | 7.5 HIGH | N/A |
| Cayman 3220-H DSL Router 1.0 ship without a password set, which allows remote attackers to gain unauthorized access. | |||||
| CVE-2002-1000 | 1 Analogx | 1 Simpleserver Shout | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in AnalogX SimpleServer:Shout 1.0 allows remote attackers to cause a denial of service and execute arbitrary code via a long request to TCP port 8001. | |||||
| CVE-2003-1297 | 1 Efs Software | 1 Efs Web Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Easy File Sharing (EFS) Web Server 1.2 stores the (1) option.ini (aka options.ini) file and (2) log directory under the web root with insufficient access control, which allows remote attackers to obtain sensitive information including an SMTP account username and password hash, the server configuration, and server log files. | |||||
| CVE-2002-2398 | 1 App | 1 Apboard | 2025-04-03 | 5.0 MEDIUM | N/A |
| The new thread posting page in APBoard 2.02 and 2.03 allows remote attackers to post messages to protected forums by modifying the insertinto parameter. | |||||
| CVE-2003-0327 | 1 Sybase | 1 Adaptive Server Enterprise | 2025-04-03 | 5.0 MEDIUM | N/A |
| Sybase Adaptive Server Enterprise (ASE) 12.5 allows remote attackers to cause a denial of service (hang) via a remote password array with an invalid length, which triggers a heap-based buffer overflow. | |||||
| CVE-2005-3789 | 1 Phpwcms | 1 Phpwcms | 2025-04-03 | 5.0 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in phpwcms 1.2.5 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) form_lang parameter in login.php and (2) the imgdir parameter in random_image.php. | |||||
| CVE-1999-0380 | 1 Seattle Lab Software | 1 Slmail | 2025-04-03 | 4.6 MEDIUM | N/A |
| SLMail 3.1 and 3.2 allows local users to access any file in the NTFS file system when the Remote Administration Service (RAS) is enabled by setting a user's Finger File to point to the target file, then running finger on the user. | |||||
| CVE-1999-0189 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 7.5 HIGH | N/A |
| Solaris rpcbind listens on a high numbered UDP port, which may not be filtered since the standard port number is 111. | |||||
| CVE-2001-0099 | 1 Brian Stanback | 1 Bsguest.cgi | 2025-04-03 | 10.0 HIGH | N/A |
| bsguest.cgi guestbook script allows remote attackers to execute arbitrary commands via shell metacharacters in the email address. | |||||
| CVE-2006-1965 | 1 Aasi Media | 1 Net Clubs Pro | 2025-04-03 | 5.8 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in aasi media Net Clubs Pro 4.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) onuser, (2) pass, (3) chatsys, (4) room, (5) username, and (6) to parameters in (a) sendim.cgi; the (7) username parameter in (b) imessage.cgi; the (8) password parameter in (c) login.cgi; and the (9) cat_id parameter in (d) viewcat.cgi. | |||||
| CVE-2006-4898 | 1 Guanxicrm | 1 Guanxicrm Business Solution | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in include/phpxd/phpXD.php in guanxiCRM 0.9.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the appconf[rootpath] parameter. | |||||