Total
29559 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-1665 | 1 Psnews | 1 Psnews | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in PsNews 1.1 allows remote attackers to inject arbitrary web script or HTML via the no parameter. | |||||
| CVE-2002-0425 | 1 Khaled Mardam-bey | 1 Mirc | 2025-04-03 | 5.0 MEDIUM | N/A |
| mIRC DCC server protocol allows remote attackers to gain sensitive information such as alternate IRC nicknames via a "100 testing" message in a DCC connection request that cannot be ignored or canceled by the user, which may leak the alternate nickname in a response message. | |||||
| CVE-2005-1695 | 1 Postnuke Software Foundation | 1 Postnuke | 2025-04-03 | 2.6 LOW | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the RSS module in PostNuke 0.750 and 0.760RC2 and RC3 allow remote attackers to inject arbitrary web script or HTML via the (1) rss_url parameter to magpie_slashbox.php, or the url parameter to (2) magpie_simple.php or (3) magpie_debug.php. | |||||
| CVE-2006-4803 | 1 Netiq | 1 Identity Manager | 2025-04-03 | 7.2 HIGH | N/A |
| The Fan-Out Linux and UNIX receiver scripts in Novell Identity Manager (IDM) 3.0.1 allows local users to execute arbitrary commands via unspecified vectors involving certain environment variables and "code injection." | |||||
| CVE-2005-2987 | 1 Digital Scribe | 1 Digital Scribe | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in login.php in Digital Scribe 1.4 allows remote attackers to execute arbitrary SQL commands via the username parameter. | |||||
| CVE-2005-0974 | 1 Apple | 1 Mac Os X | 2025-04-03 | 7.2 HIGH | N/A |
| Unknown vulnerability in the nfs_mount call in Mac OS X 10.3.9 and earlier allows local users to gain privileges via crafted arguments. | |||||
| CVE-2002-1712 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2025-04-03 | 5.0 MEDIUM | N/A |
| Microsoft Windows 2000 allows remote attackers to cause a denial of service (memory consumption) by sending a flood of empty TCP/IP packets with the ACK and FIN bits set to the NetBIOS port (TCP/139), as demonstrated by stream3. | |||||
| CVE-2002-1735 | 1 Davin Mccall | 1 Dlogin | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in dlogin 1.0a could allow local users to gain privileges via unknown attack vectors. | |||||
| CVE-2002-2016 | 1 User-mode Linux | 1 User-mode Linux | 2025-04-03 | 7.2 HIGH | N/A |
| User-mode Linux (UML) 2.4.17-8 does not restrict access to kernel address space, which allows local users to execute arbitrary code. | |||||
| CVE-2005-1551 | 1 Sophos | 1 Sophos Anti-virus | 2025-04-03 | 5.1 MEDIUM | N/A |
| Sophos Anti-Virus 3.93 does not check downloaded files for viruses when they have only been written, which creates a race condition and may allow remote attackers to bypass virus protection if the file is executed before the antivirus starts on system reboot. | |||||
| CVE-2001-0998 | 1 Ibm | 2 Aix, Hacmp | 2025-04-03 | 5.0 MEDIUM | N/A |
| IBM HACMP 4.4 allows remote attackers to cause a denial of service via a completed TCP connection to HACMP ports (e.g., using a port scan) that does not send additional data, which causes a failure in snmpd. | |||||
| CVE-2002-1773 | 1 Mirabilis | 1 Icq For Macos X | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in ICQ 2.6x for MacOS X 10.0 through 10.1.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long request. | |||||
| CVE-2002-1424 | 1 John G. Myers | 1 Mpack | 2025-04-03 | 5.0 MEDIUM | N/A |
| Buffer overflow in munpack in mpack 1.5 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code. | |||||
| CVE-2003-0628 | 1 Peoplesoft | 1 Peopletools | 2025-04-03 | 5.0 MEDIUM | N/A |
| PeopleSoft Gateway Administration servlet (gateway.administration) in PeopleTools 8.43 and earlier allows remote attackers to obtain the full pathnames for server-side include (SSI) files via an HTTP request with an invalid value. | |||||
| CVE-2004-1503 | 1 Sun | 1 Jre | 2025-04-03 | 5.0 MEDIUM | N/A |
| Integer overflow in the InitialDirContext in Java Runtime Environment (JRE) 1.4.2, 1.5.0 and possibly other versions allows remote attackers to cause a denial of service (Java exception and failed DNS requests) via a large number of DNS requests, which causes the xid variable to wrap around and become negative. | |||||
| CVE-2001-0271 | 1 Mailnews.cgi | 1 Mailnews.cgi | 2025-04-03 | 10.0 HIGH | N/A |
| mailnews.cgi 1.3 and earlier allows remote attackers to execute arbitrary commands via a user name that contains shell metacharacters. | |||||
| CVE-2005-1596 | 1 Fusion | 1 Sbx | 2025-04-03 | 10.0 HIGH | N/A |
| index.php in Fusion SBX 1.2 and earlier does not properly use the extract function, which allows remote attackers to bypass authentication by setting the is_logged parameter or execute arbitrary code via the maxname2 parameter. | |||||
| CVE-2005-1937 | 1 Mozilla | 2 Firefox, Mozilla | 2025-04-03 | 2.6 LOW | N/A |
| A regression error in Firefox 1.0.3 and Mozilla 1.7.7 allows remote attackers to inject arbitrary Javascript from one page into the frameset of another site, aka the frame injection spoofing vulnerability, a re-introduction of a vulnerability that was originally identified and addressed by CVE-2004-0718. | |||||
| CVE-2001-0555 | 1 Screaming Media | 1 Siteware | 2025-04-03 | 10.0 HIGH | N/A |
| ScreamingMedia SITEWare versions 2.5 through 3.1 allows a remote attacker to read world-readable files via a .. (dot dot) attack through (1) the SITEWare Editor's Desktop or (2) the template parameter in SWEditServlet. | |||||
| CVE-2001-0792 | 1 Xchat | 1 Xchat | 2025-04-03 | 7.5 HIGH | N/A |
| Format string vulnerability in XChat 1.2.x allows remote attackers to execute arbitrary code via a malformed nickname. | |||||