Total
29802 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-2563 | 1 Serena Software | 1 Serena Teamtrack | 2025-04-03 | 5.8 MEDIUM | N/A |
| Serena TeamTrack 6.1.1 allows remote attackers to obtain sensitive information such as user names, versions, and database information, and conduct cross-site scripting (XSS) attacks, via a direct request to tmtrack.dll with modified LoginPage and Template parameters. | |||||
| CVE-2002-1406 | 1 Hp | 1 Hp-ux | 2025-04-03 | 7.2 HIGH | N/A |
| Unknown vulnerability in passwd for VVOS HP-UX 11.04, with unknown impact, related to "Unexpected behavior." | |||||
| CVE-2002-2073 | 1 Microsoft | 3 Site Server, Site Server Commerce, Windows Nt | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the default ASP pages on Microsoft Site Server 3.0 on Windows NT 4.0 allows remote attackers to inject arbitrary web script or HTML via the (1) ctr parameter in Default.asp and (2) the query string to formslogin.asp. | |||||
| CVE-2005-1946 | 1 Invision Power Services | 1 Invision Community Blog | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Invision Blog before 1.1.2 Final allow remote attackers to execute arbitrary SQL commands via the (1) eid parameter to an editentry, replyentry, or editcomment action, or (2) the mid parameter to an aboutme action. | |||||
| CVE-2005-2617 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 3.6 LOW | N/A |
| The syscall32_setup_pages function in syscall32.c for Linux kernel 2.6.12 and later, on the 64-bit x86 platform, does not check the return value of the insert_vm_struct function, which allows local users to trigger a memory leak via a 32-bit application with crafted ELF headers. | |||||
| CVE-2005-3549 | 1 Invision Power Services | 1 Invision Board | 2025-04-03 | 6.5 MEDIUM | N/A |
| Direct code injection vulnerability in Task Manager in Invision Power Board 2.0.1 allows limited remote attackers to execute arbitrary code by referencing the file in "Task PHP File To Run" field and selecting "Run Task Now". | |||||
| CVE-1999-0164 | 1 Sun | 1 Sunos | 2025-04-03 | 6.2 MEDIUM | N/A |
| A race condition in the Solaris ps command allows an attacker to overwrite critical files. | |||||
| CVE-2006-1412 | 1 Tft Gallery | 1 Tft Gallery | 2025-04-03 | 5.0 MEDIUM | N/A |
| TFT Gallery 0.10 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the admin password file and obtain password hashes via a direct request to admin/passwd. | |||||
| CVE-2006-4504 | 1 Nx5 | 1 Nx5linx | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in NX5Linx 1.0 allows remote attackers to execute arbitrary SQL commands via the (1) c and (2) l parameters. | |||||
| CVE-2006-0418 | 1 Topcmm Computing | 1 123 Flash Chat Server | 2025-04-03 | 7.5 HIGH | N/A |
| Eval injection vulnerability in 123 Flash Chat Server 5.0 and 5.1 allows attackers to execute arbitrary code via a crafted username. | |||||
| CVE-2005-0379 | 1 Zeroboard | 1 Zeroboard | 2025-04-03 | 5.0 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in ZeroBoard 4.1pl5 and earlier allow remote attackers to read arbitrary files via a .. (dot dot) in the _zb_path parameter to (1) _head.php or (2) outlogin.php, or the dir parameter to (3) write.php. | |||||
| CVE-2002-1947 | 1 Webmin | 1 Webmin | 2025-04-03 | 6.4 MEDIUM | N/A |
| Webmin 0.21 through 1.0 uses the same built-in SSL key for all installations, which allows remote attackers to eavesdrop or highjack the SSL session. | |||||
| CVE-2005-3338 | 1 Mantis | 1 Mantis | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Mantis before 0.19.3, when using reminders, causes Mantis to display the real email addresses of users. | |||||
| CVE-1999-1321 | 1 Mit | 1 Kerberos | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in ssh 1.2.26 client with Kerberos V enabled could allow remote attackers to cause a denial of service or execute arbitrary commands via a long DNS hostname that is not properly handled during TGT ticket passing. | |||||
| CVE-2005-0484 | 1 Gproftpd | 1 Gproftpd | 2025-04-03 | 7.5 HIGH | N/A |
| Format string vulnerability in gprostats for GProFTPD before 8.1.9 may allow remote attackers to execute arbitrary code via an FTP transfer with a crafted filename that causes format string specifiers to be inserted into the ProFTPD transfer log. | |||||
| CVE-2002-0797 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in the MIB parsing component of mibiisa for Solaris 5.6 through 8 allows remote attackers to gain root privileges. | |||||
| CVE-2002-0614 | 1 Php-survey | 1 Php-survey | 2025-04-03 | 5.0 MEDIUM | N/A |
| PHP-Survey 20000615 and earlier stores the global.inc file under the web root, which allows remote attackers to obtain sensitive information, including database credentials, if .inc files are not preprocessed by the server. | |||||
| CVE-2004-2342 | 1 Burton Sang | 1 Chatterbox | 2025-04-03 | 5.0 MEDIUM | N/A |
| ChatterBox 2.0 allows remote attackers to cause a denial of service (server crash) via a malformed request to the server, as demonstrated using "aaaaaa". | |||||
| CVE-2003-0220 | 1 Kerio | 1 Personal Firewall 2 | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the administrator authentication process for Kerio Personal Firewall (KPF) 2.1.4 and earlier allows remote attackers to execute arbitrary code via a handshake packet. | |||||
| CVE-2002-1838 | 1 Steve Sachs | 1 Charities.cron | 2025-04-03 | 5.0 MEDIUM | N/A |
| Charities.cron 1.0.2 through 1.6.0 allows local users to write to arbitrary files via a symlink attack on temporary files. | |||||