Total
29809 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-0307 | 1 Poster | 1 Poster | 2025-04-03 | 7.5 HIGH | N/A |
| Poster version.two allows remote authenticated users to gain administrative privileges by appending the "|" field separator and an "admin" value into the email address field. | |||||
| CVE-2006-2831 | 1 Drupal | 1 Drupal | 2025-04-03 | 7.5 HIGH | N/A |
| Drupal 4.6.x before 4.6.8 and 4.7.x before 4.7.2, when running under certain Apache configurations such as when FileInfo overrides are disabled within .htaccess, allows remote attackers to execute arbitrary code by uploading a file with multiple extensions, a variant of CVE-2006-2743. | |||||
| CVE-2004-1771 | 1 Open Group | 1 Scalable Ogo | 2025-04-03 | 5.0 MEDIUM | N/A |
| Scalable OGo (SOGo) 1.0 allows remote authenticated users to bypass intended permissions and view private appointments of other users. | |||||
| CVE-2002-1640 | 1 Oracle | 1 Configurator | 2025-04-03 | 6.8 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Oracle Configurator before 11.5.7.17.32 and 11.5.6.16.53 allows remote attackers to inject arbitrary web script or HTML via (1) Text Features in the DHTML UI or (2) the test parameter to the oracle.apps.cz.servlet.UiServlet servlet. | |||||
| CVE-2003-0348 | 1 Microsoft | 1 Windows Media Player | 2025-04-03 | 6.4 MEDIUM | N/A |
| A certain Microsoft Windows Media Player 9 Series ActiveX control allows remote attackers to view and manipulate the Media Library on the local system via HTML script. | |||||
| CVE-2005-3551 | 1 Toenda Software Development | 1 Toendacms | 2025-04-03 | 5.0 MEDIUM | N/A |
| toendaCMS before 0.6.2 stores user account and session data in the web root directory, which allows remote attackers to obtain sensitive information via a direct request to the appropriate XML file. | |||||
| CVE-2002-2308 | 1 Netscape | 1 Communicator | 2025-04-03 | 5.0 MEDIUM | N/A |
| Netscape Communicator 6.2.1 allows remote attackers to cause a denial of service in client browsers via a webpage containing a recursive META refresh tag where the content tag is blank and the URL tag references itself. | |||||
| CVE-2006-2231 | 1 Big Webmaster | 1 Big Webmaster Guestbook Script | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in addguest.cgi in Big Webmaster Guestbook Script 1.02 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) mail, (2) site, (3) city, (4) state, (5) country, and possibly (6) name fields, which are viewed via viewguest.cgi. | |||||
| CVE-2000-1035 | 1 Typsoft | 1 Typsoft | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflows in TYPSoft FTP Server 0.78 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long USER, PASS, or CWD command. | |||||
| CVE-2005-4690 | 1 Six Apart | 1 Movable Type | 2025-04-03 | 2.1 LOW | N/A |
| Six Apart Movable Type 3.16 allows local users with blog-creation privileges to create or overwrite arbitrary files of certain types (such as HTML and image files) by selecting an arbitrary directory as a blog's top-level directory. NOTE: this issue can be used in conjunction with CVE-2005-3102 to create or overwrite arbitrary files of all types. | |||||
| CVE-2005-2658 | 1 Softwolves Software | 1 Turquoise Superstat | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in utility.cpp in Turquoise SuperStat (turqstat) 2.2.4 and earlier might allow remote NNTP servers to execute arbitrary code via a date with a long month. | |||||
| CVE-2005-1752 | 1 Gforge | 1 Gforge | 2025-04-03 | 6.4 MEDIUM | N/A |
| viewFile.php in the scm component of Gforge before 4.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the file_name parameter. | |||||
| CVE-2004-0991 | 2 Mpg123, Suse | 2 Mpg123, Suse Linux | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in mpg123 before 0.59s-r9 allows remote attackers to execute arbitrary code via frame headers in MP2 or MP3 files. | |||||
| CVE-2002-1997 | 1 Zonelabs | 1 Zonealarm | 2025-04-03 | 7.5 HIGH | N/A |
| ZoneAlarm Pro 3.0 MailSafe allows remote attackers to bypass filtering and possibly execute arbitrary code via email attachments containing a trailing dot after the file extension. | |||||
| CVE-2001-1563 | 2 Apache, Hp | 2 Tomcat, Secure Os | 2025-04-03 | 7.5 HIGH | N/A |
| Unknown vulnerability in Tomcat 3.2.1 running on HP Secure OS for Linux 1.0 allows attackers to access servlet resources. NOTE: due to the vagueness of the vendor advisory, it is not clear whether this issue is already covered by other CVE identifiers. | |||||
| CVE-2001-0057 | 1 Cisco | 2 Broadband Operating System, Cisco 6xx Routers | 2025-04-03 | 5.0 MEDIUM | N/A |
| Cisco 600 routers running CBOS 2.4.1 and earlier allow remote attackers to cause a denial of service via a large ICMP echo (ping) packet. | |||||
| CVE-2006-4550 | 1 Chxo | 1 Feedsplitter | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in CHXO Feedsplitter 2006-01-21 allows remote attackers to read arbitrary XML files via .. (dot dot) sequences in the format parameter with a leading ".", which bypasses a security check. | |||||
| CVE-2004-2392 | 1 Mandrakesoft | 2 Mandrake Linux, Mandrake Linux Corporate Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| libuser 0.51.7 allows attackers to cause a denial of service (crash or disk consumption) via unknown attack vectors, related to read failures and other bugs. | |||||
| CVE-2002-0328 | 1 Ikonboard.com | 1 Ikonboard | 2025-04-03 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerability in Ikonboard 3.0.1 allows remote attackers to execute arbitrary script as other Ikonboard users and steal cookies via Javascript in an IMG tag. | |||||
| CVE-2006-0583 | 1 Clever Copy | 1 Clever Copy | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in mailarticle.php in Clever Copy 3.0 and earlier allows remote attackers to execute arbitrary SQL commands via the ID parameter. | |||||