Total
29802 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-1735 | 1 Davin Mccall | 1 Dlogin | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in dlogin 1.0a could allow local users to gain privileges via unknown attack vectors. | |||||
| CVE-2002-2016 | 1 User-mode Linux | 1 User-mode Linux | 2025-04-03 | 7.2 HIGH | N/A |
| User-mode Linux (UML) 2.4.17-8 does not restrict access to kernel address space, which allows local users to execute arbitrary code. | |||||
| CVE-2005-1551 | 1 Sophos | 1 Sophos Anti-virus | 2025-04-03 | 5.1 MEDIUM | N/A |
| Sophos Anti-Virus 3.93 does not check downloaded files for viruses when they have only been written, which creates a race condition and may allow remote attackers to bypass virus protection if the file is executed before the antivirus starts on system reboot. | |||||
| CVE-2001-0998 | 1 Ibm | 2 Aix, Hacmp | 2025-04-03 | 5.0 MEDIUM | N/A |
| IBM HACMP 4.4 allows remote attackers to cause a denial of service via a completed TCP connection to HACMP ports (e.g., using a port scan) that does not send additional data, which causes a failure in snmpd. | |||||
| CVE-2002-1773 | 1 Mirabilis | 1 Icq For Macos X | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in ICQ 2.6x for MacOS X 10.0 through 10.1.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long request. | |||||
| CVE-2002-1424 | 1 John G. Myers | 1 Mpack | 2025-04-03 | 5.0 MEDIUM | N/A |
| Buffer overflow in munpack in mpack 1.5 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code. | |||||
| CVE-2003-0628 | 1 Peoplesoft | 1 Peopletools | 2025-04-03 | 5.0 MEDIUM | N/A |
| PeopleSoft Gateway Administration servlet (gateway.administration) in PeopleTools 8.43 and earlier allows remote attackers to obtain the full pathnames for server-side include (SSI) files via an HTTP request with an invalid value. | |||||
| CVE-2004-1503 | 1 Sun | 1 Jre | 2025-04-03 | 5.0 MEDIUM | N/A |
| Integer overflow in the InitialDirContext in Java Runtime Environment (JRE) 1.4.2, 1.5.0 and possibly other versions allows remote attackers to cause a denial of service (Java exception and failed DNS requests) via a large number of DNS requests, which causes the xid variable to wrap around and become negative. | |||||
| CVE-2001-0271 | 1 Mailnews.cgi | 1 Mailnews.cgi | 2025-04-03 | 10.0 HIGH | N/A |
| mailnews.cgi 1.3 and earlier allows remote attackers to execute arbitrary commands via a user name that contains shell metacharacters. | |||||
| CVE-2005-1596 | 1 Fusion | 1 Sbx | 2025-04-03 | 10.0 HIGH | N/A |
| index.php in Fusion SBX 1.2 and earlier does not properly use the extract function, which allows remote attackers to bypass authentication by setting the is_logged parameter or execute arbitrary code via the maxname2 parameter. | |||||
| CVE-2005-1937 | 1 Mozilla | 2 Firefox, Mozilla | 2025-04-03 | 2.6 LOW | N/A |
| A regression error in Firefox 1.0.3 and Mozilla 1.7.7 allows remote attackers to inject arbitrary Javascript from one page into the frameset of another site, aka the frame injection spoofing vulnerability, a re-introduction of a vulnerability that was originally identified and addressed by CVE-2004-0718. | |||||
| CVE-2001-0555 | 1 Screaming Media | 1 Siteware | 2025-04-03 | 10.0 HIGH | N/A |
| ScreamingMedia SITEWare versions 2.5 through 3.1 allows a remote attacker to read world-readable files via a .. (dot dot) attack through (1) the SITEWare Editor's Desktop or (2) the template parameter in SWEditServlet. | |||||
| CVE-2001-0792 | 1 Xchat | 1 Xchat | 2025-04-03 | 7.5 HIGH | N/A |
| Format string vulnerability in XChat 1.2.x allows remote attackers to execute arbitrary code via a malformed nickname. | |||||
| CVE-1999-0526 | 1 X.org | 1 X11 | 2025-04-03 | 10.0 HIGH | N/A |
| An X server's access control is disabled (e.g. through an "xhost +" command) and allows anyone to connect to the server. | |||||
| CVE-1999-1341 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 4.6 MEDIUM | N/A |
| Linux kernel before 2.3.18 or 2.2.13pre15, with SLIP and PPP options, allows local unprivileged users to forge IP packets via the TIOCSETD option on tty devices. | |||||
| CVE-2006-3531 | 1 Pivot | 1 Pivot | 2025-04-03 | 7.5 HIGH | N/A |
| includes/editor/insert_image.php in Pivot 1.30 RC2 and earlier creates the authentication credentials from parameters, which allows remote attackers to obtain privileges and upload arbitrary files via modified (1) pass and (2) session parameters, and (3) pass and (4) userlevel indices of the (a) Pivot_Vars[] or (b) Users[] array parameters. | |||||
| CVE-2005-1524 | 1 The Cacti Group | 1 Cacti | 2025-04-03 | 5.0 MEDIUM | N/A |
| PHP file inclusion vulnerability in top_graph_header.php in Cacti 0.8.6d and possibly earlier versions allows remote attackers to execute arbitrary PHP code via the config[library_path] parameter. | |||||
| CVE-2006-2968 | 1 Php Labware | 1 Labwiki | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in search.php in PHP Labware LabWiki 1.0 allows remote attackers to inject arbitrary web script or HTML via the search input box (query parameter). | |||||
| CVE-2005-0523 | 1 Prozilla | 1 Prozilla Download Accelerator | 2025-04-03 | 7.5 HIGH | N/A |
| Format string vulnerability in ProZilla 1.3.7.3 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the Location header. | |||||
| CVE-2005-2195 | 1 Apple | 1 Darwin Streaming Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Apple Darwin Streaming Server 5.5 and earlier allows remote attackers to cause a denial of service (application crash) via a URL with a filename containing a .cgi extension and an MS-DOS device name such as AUX, CON, PRN, COM1, or LPT1, a different vulnerability than CVE-2003-0421 and CVE-2003-0502. | |||||