Total
29559 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-0069 | 1 Putty | 1 Putty | 2025-04-03 | 7.5 HIGH | N/A |
| The PuTTY terminal emulator 0.53 allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. | |||||
| CVE-2005-4155 | 1 Adaptive Technology Resource Centre | 1 Atutor | 2025-04-03 | 7.5 HIGH | N/A |
| registration.PHP in ATutor 1.5.1 pl2 allows remote attackers to execute arbitrary SQL commands via an e-mail address that ends in a NULL character, which bypasses the PHP regular expression check. NOTE: it is possible that this is actually a bug in PHP code, in which case this should not be treated as a vulnerability in ATutor. | |||||
| CVE-2005-3244 | 1 Ethereal Group | 1 Ethereal | 2025-04-03 | 5.0 MEDIUM | N/A |
| The BER dissector in Ethereal 0.10.3 to 0.10.12 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors. | |||||
| CVE-2005-4326 | 1 Apc | 1 Powerchute Network Shutdown | 2025-04-03 | 5.0 MEDIUM | N/A |
| The web interface for American Power Conversion (APC) PowerChute Network Shutdown performs all communication in cleartext (base64-encoded), which allows remote attackers to sniff authentication credentials. | |||||
| CVE-2004-1964 | 1 Freshmeat | 1 Network Query Tool | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in nqt.php in Network Query Tool (NQT) 1.6 allows remote attackers to inject arbitrary web script or HTML via the portNum parameter. | |||||
| CVE-2006-0142 | 1 Andromeda Software | 1 Andromeda | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in andromeda.php in Andromeda 1.9.3.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the s parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2006-2698 | 1 Geeklog | 1 Geeklog | 2025-04-03 | 7.8 HIGH | N/A |
| Geeklog 1.4.0sr2 and earlier allows remote attackers to obtain the full installation path via a direct request and possibly invalid arguments to (1) layout/professional/functions.php or (2) getimage.php. | |||||
| CVE-2002-1016 | 1 Adobe | 1 Digital Editions | 2025-04-03 | 4.6 MEDIUM | N/A |
| Adobe eBook Reader allows a user to bypass restrictions for copy, print, lend, and give operations by backing up key data files, performing the operations, and restoring the original data files. | |||||
| CVE-2006-0241 | 1 Webmobo | 1 Wbnews | 2025-04-03 | 5.0 MEDIUM | N/A |
| Cross-site scripting vulnerability in WBNews 1.1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the Name field. | |||||
| CVE-2003-1200 | 1 Alt-n | 1 Mdaemon | 2025-04-03 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in FORM2RAW.exe in Alt-N MDaemon 6.5.2 through 6.8.5 allows remote attackers to execute arbitrary code via a long From parameter to Form2Raw.cgi. | |||||
| CVE-2005-0393 | 1 Crip | 1 Crip | 2025-04-03 | 7.2 HIGH | N/A |
| The helper scripts for crip 3.5 do not properly use temporary files, which allows local users to have an unknown impact with unknown attack vectors. | |||||
| CVE-2001-1447 | 1 Apple | 1 Mac Os X | 2025-04-03 | 7.2 HIGH | N/A |
| NetInfo Manager for Mac OS X 10.0 through 10.1 allows local users to gain root privileges by opening applications using the (1) "recent items" and (2) "services" menus, which causes the applications to run with root privileges. | |||||
| CVE-2004-0502 | 1 Microsoft | 1 Outlook | 2025-04-03 | 5.0 MEDIUM | N/A |
| Outlook 2003, when replying to an e-mail message, stores certain files in a predictable location for the "src" of an img tag of the original message, which allows remote attackers to bypass zone restrictions and exploit other issues that rely on predictable locations, as demonstrated using a shell: URI. | |||||
| CVE-2000-0063 | 1 Nortel | 1 Contivity | 2025-04-03 | 5.0 MEDIUM | N/A |
| cgiproc CGI script in Nortel Contivity HTTP server allows remote attackers to read arbitrary files by specifying the filename in a parameter to the script. | |||||
| CVE-2003-1105 | 1 Microsoft | 2 Ie, Internet Explorer | 2025-04-03 | 2.6 LOW | N/A |
| Unknown vulnerability in Internet Explorer 5.01 SP3 through 6.0 SP1 allows remote attackers to cause a denial of service (browser or Outlook Express crash) via HTML with certain input tags that are not properly rendered. | |||||
| CVE-1999-1533 | 1 Trend Micro | 1 Interscan Viruswall | 2025-04-03 | 7.5 HIGH | N/A |
| Eicon Technology Diva LAN ISDN modem allows a remote attacker to cause a denial of service (hang) via a long password argument to the login.htm file in its HTTP service. | |||||
| CVE-1999-0640 | 2025-04-03 | 10.0 HIGH | N/A | ||
| The Gopher service is running. | |||||
| CVE-1999-1471 | 1 Bsd | 1 Bsd | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in passwd in BSD based operating systems 4.3 and earlier allows local users to gain root privileges by specifying a long shell or GECOS field. | |||||
| CVE-2005-1720 | 1 Apple | 1 Afp Server | 2025-04-03 | 2.1 LOW | N/A |
| AFP Server for Mac OS X 10.4.1, when using an ACL enabled volume, does not properly remove an ACL when a file is copied to a directory that does not use ACLs, which will override the POSIX file permissions for that ACL. | |||||
| CVE-2006-3126 | 1 Julian Pawlowski | 1 Capi4hylafax | 2025-04-03 | 7.5 HIGH | N/A |
| c2faxrecv in capi4hylafax 01.02.03 allows remote attackers to execute arbitrary commands via null (\0) and shell metacharacters in the TSI string, as demonstrated by a fax from an anonymous number. | |||||