Total
29805 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-1593 | 1 Sct Corporation | 1 Campus Pipeline | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in render.UserLayoutRootNode.uP in SCT Campus Pipeline allows remote attackers to inject arbitrary web script or HTML via the utf parameter. | |||||
| CVE-1999-0657 | 2025-04-03 | N/A | N/A | ||
| WinGate is being used. | |||||
| CVE-2006-2659 | 1 Double Precision Incorporated | 1 Courier Mta | 2025-04-03 | 7.8 HIGH | N/A |
| libs/comverp.c in Courier MTA before 0.53.2 allows attackers to cause a denial of service (CPU consumption) via unknown vectors involving usernames that contain the "=" (equals) character, which is not properly handled during encoding. | |||||
| CVE-2006-2737 | 1 Nukedit | 1 Nukedit | 2025-04-03 | 7.5 HIGH | N/A |
| utilities/register.asp in Nukedit 4.9.6 and earlier allows remote attackers to create new users as part of arbitrary groups, including the administrative group, via a modified groupid parameter when creating a user via the addDB action. | |||||
| CVE-2005-0600 | 1 Cisco | 10 Application And Content Networking Software, Content Delivery Manager, Content Distribution Manager 4630 and 7 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| Cisco devices running Application and Content Networking System (ACNS) 5.0, 5.1 before 5.1.13.7, or 5.2 before 5.2.3.9 allow remote attackers to cause a denial of service (bandwidth consumption) via "crafted IP packets" that are continuously forwarded. | |||||
| CVE-2005-0661 | 1 Woltlab | 1 Burning Board | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the getwbbuserdata function in session.php for Woltlab Burning Board 2.0.3 through 2.3.0 allows remote attackers to execute arbitrary SQL commands via the (1) userid or (2) lastvisit cookie. | |||||
| CVE-2004-0003 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 4.6 MEDIUM | N/A |
| Unknown vulnerability in Linux kernel before 2.4.22 allows local users to gain privileges, related to "R128 DRI limits checking." | |||||
| CVE-2002-1782 | 1 University Of Washington | 1 Uw-imap | 2025-04-03 | 2.1 LOW | N/A |
| The default configuration of University of Washington IMAP daemon (wu-imapd), when running on a system that does not allow shell access, allows a local user with a valid IMAP account to read arbitrary files as that user. | |||||
| CVE-2006-1592 | 2 X-doom, Zdaemon | 2 X-doom, Zdaemon | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the is_client_wad_ok function in w_wad.cpp for (1) Zdaemon 1.08.01 and (2) X-Doom allows remote attackers to execute arbitrary code via a long filename argument. | |||||
| CVE-2001-1117 | 1 Linksys | 1 Befsr41 | 2025-04-03 | 5.0 MEDIUM | N/A |
| LinkSys EtherFast BEFSR41 Cable/DSL routers running firmware before 1.39.3 Beta allows a remote attacker to view administration and user passwords by connecting to the router and viewing the HTML source for (1) index.htm and (2) Password.htm. | |||||
| CVE-2004-0588 | 1 Usermin | 1 Usermin | 2025-04-03 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the web mail module for Usermin 1.070 allows remote attackers to insert arbitrary HTML and script via e-mail messages. | |||||
| CVE-2005-1469 | 1 Ethereal Group | 1 Ethereal | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in the GSM dissector in Ethereal before 0.10.11 allows remote attackers to cause the dissector to access an invalid pointer. | |||||
| CVE-2001-0915 | 1 Berkeley | 1 Pmake | 2025-04-03 | 7.2 HIGH | N/A |
| Format string vulnerability in Berkeley parallel make (pmake) 2.1.33 and earlier allows a local user to gain root privileges via format specifiers in the check argument of a shell definition. | |||||
| CVE-2005-4452 | 1 Information Call Center | 1 Information Call Center | 2025-04-03 | 5.0 MEDIUM | N/A |
| Information Call Center stores the CallCenterData.mdb database under the web root with insufficient access control, which allows remote attackers to obtain sensitive information such as usernames and passwords. | |||||
| CVE-2001-0524 | 1 Eeye Digital Security | 1 Securells | 2025-04-03 | 7.5 HIGH | N/A |
| eEye SecureIIS versions 1.0.3 and earlier does not perform length checking on individual HTTP headers, which allows a remote attacker to send arbitrary length strings to IIS, contrary to an advertised feature of SecureIIS versions 1.0.3 and earlier. | |||||
| CVE-2006-0946 | 1 Thomson | 1 Speedtouch | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Thomson SpeedTouch modems running firmware 5.3.2.6.0 allows remote attackers to inject arbitrary web script or HTML via the name parameter to the LocalNetwork page. | |||||
| CVE-2005-4028 | 1 Amember | 1 Amember | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in aMember allow remote attackers to inject arbitrary web script or HTML via the (1) lamember_login parameter to sendpass.php and (2) login parameter to member.php. | |||||
| CVE-2002-1604 | 1 Hp | 2 Hp-ux, Tru64 | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple buffer overflows in HP Tru64 UNIX allow local and possibly remote attackers to execute arbitrary code via a long NLSPATH environment variable to (1) csh, (2) dtsession, (3) dxsysinfo, (4) imapd, (5) inc, (6) uucp, (7) uux, (8) rdist, or (9) deliver. | |||||
| CVE-1999-0580 | 2025-04-03 | 10.0 HIGH | N/A | ||
| The HKEY_LOCAL_MACHINE key in a Windows NT system has inappropriate, system-critical permissions. | |||||
| CVE-1999-0162 | 1 Cisco | 1 Ios | 2025-04-03 | 5.0 MEDIUM | N/A |
| The "established" keyword in some Cisco IOS software allowed an attacker to bypass filtering. | |||||