Total
29805 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-1919 | 1 Crackalaka | 1 Crackalaka | 2025-04-03 | 5.0 MEDIUM | N/A |
| The hash_strcmp function in hasch.c in Crackalaka 1.0.8 allows remote attackers to cause a denial of service (crash) via large malformed strings. | |||||
| CVE-2002-0484 | 1 Php | 1 Php | 2025-04-03 | 5.0 MEDIUM | N/A |
| move_uploaded_file in PHP does not does not check for the base directory (open_basedir), which could allow remote attackers to upload files to unintended locations on the system. | |||||
| CVE-2005-4318 | 1 Limbo Cms | 1 Limbo Cms | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Limbo CMS 1.0.4.2 and earlier, with register_globals off, allows remote attackers to execute arbitrary SQL commands via the _SERVER[REMOTE_ADDR] parameter, which modifies the underlying $_SERVER variable. | |||||
| CVE-1999-0722 | 1 Sun | 1 Cobalt Raq 2 | 2025-04-03 | 10.0 HIGH | N/A |
| The default configuration of Cobalt RaQ2 servers allows remote users to install arbitrary software packages. | |||||
| CVE-2005-2159 | 1 Planetdns | 1 Planetfileserver | 2025-04-03 | 5.0 MEDIUM | N/A |
| mshftp.dll in PlanetDNS PlanetFileServer 2.0.1.3 allows remote attackers to cause a denial of service (application crash) via a long request. | |||||
| CVE-2002-1492 | 1 Cisco | 1 Vpn 5000 Client | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflows in the Cisco VPN 5000 Client before 5.2.7 for Linux, and VPN 5000 Client before 5.2.8 for Solaris, allow local users to gain root privileges via (1) close_tunnel and (2) open_tunnel. | |||||
| CVE-2005-1206 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the Server Message Block (SMB) functionality for Microsoft Windows 2000, XP SP1 and SP2, and Server 2003 and SP1 allows remote attackers to execute arbitrary code via unknown vectors, aka the "Server Message Block Vulnerability." | |||||
| CVE-2006-1980 | 1 W2b | 1 Online Banking | 2025-04-03 | 2.6 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in W2B Online Banking allows remote attackers to inject arbitrary web script or HTML via the (1) query string, (2) SID parameter, or (3) ilang parameter. | |||||
| CVE-2001-0466 | 1 Microburst | 1 Ustorekeeper Online Shopping System | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in ustorekeeper 1.61 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | |||||
| CVE-2005-0588 | 1 Mozilla | 2 Firefox, Mozilla | 2025-04-03 | 5.0 MEDIUM | N/A |
| Firefox before 1.0.1 and Mozilla before 1.7.6 does not restrict xsl:include and xsl:import tags in XSLT stylesheets to the current domain, which allows remote attackers to determine the existence of files on the local system. | |||||
| CVE-2001-1108 | 1 Snapstream | 1 Pvs | 2025-04-03 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in SnapStream PVS 1.2a allows remote attackers to read arbitrary files via a .. (dot dot) attack in the requested URL. | |||||
| CVE-2001-0095 | 1 Sun | 1 Sunos | 2025-04-03 | 1.2 LOW | N/A |
| catman in Solaris 2.7 and 2.8 allows local users to overwrite arbitrary files via a symlink attack on the sman_PID temporary file. | |||||
| CVE-2001-0564 | 1 Apc | 1 Ap9606 | 2025-04-03 | 5.0 MEDIUM | N/A |
| APC Web/SNMP Management Card prior to Firmware 310 only supports one telnet connection, which allows a remote attacker to create a denial of service via repeated failed logon attempts which temporarily locks the card. | |||||
| CVE-2002-1822 | 1 Ibm | 1 Http Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| IBM HTTP Server 1.0 on AS/400 allows remote attackers to obtain the path to the web root directory and other sensitive information, which is leaked in an error mesage when a request is made for a non-existent Java Server Page (JSP). | |||||
| CVE-2006-3383 | 1 Mads | 1 Mads | 2025-04-03 | 5.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in mAds 1.0 allows remote attackers to inject arbitrary web script or HTML via Javascript events such as onmouseover within a URL. NOTE: the provenance of this information is unknown; the details are obtained solely from third party reports. | |||||
| CVE-2005-3919 | 1 Pblang | 1 Pblang | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in PBLang 4.65 allows remote attackers to inject arbitrary web script or HTML via multiple fields in (1) UCP.php and (2) SendPm.php. | |||||
| CVE-2005-3728 | 1 Revize Cms | 1 Revize Cms | 2025-04-03 | 5.0 MEDIUM | N/A |
| Idetix Software Systems Revize CMS stores conf/revize.xml under the web document root with insufficient access control, which allows remote attackers to obtain sensitive configuration information. | |||||
| CVE-2005-0847 | 1 Code Ocean | 1 Ocean Ftp Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Code Ocean FTP server 1.0 allows remote attackers to cause a denial of service via a large number of connections. | |||||
| CVE-2006-0429 | 1 Bea | 1 Weblogic Server | 2025-04-03 | 2.1 LOW | N/A |
| BEA WebLogic Server and WebLogic Express 9.0 causes new security providers to appear active even if they have not been activated by a server reboot, which could cause an administrator to perform inappropriate, security-relevant actions. | |||||
| CVE-2002-0259 | 1 Instantservers Inc. | 1 Miniportal | 2025-04-03 | 4.6 MEDIUM | N/A |
| InstantServers MiniPortal 1.1.5 and earlier stores sensitive login and account data in plaintext in (1) .pwd files in the miniportal/apache directory, or (2) mplog.txt, which could allow local users to gain privileges. | |||||