Total
29559 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-2983 | 1 Enterprise Payroll Systems | 1 Enterprise Payroll Systems | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in Enterprise Timesheet and Payroll Systems (EPS) 1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the absolutepath parameter in cal.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2003-0223 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2025-04-03 | 6.8 MEDIUM | N/A |
| Cross-site scripting vulnerability (XSS) in the ASP function responsible for redirection in Microsoft Internet Information Server (IIS) 4.0, 5.0, and 5.1 allows remote attackers to embed a URL containing script in a redirection message. | |||||
| CVE-1999-0004 | 3 Hp, Sco, University Of Washington | 3 Dtmail, Unixware, Pine | 2025-04-03 | 5.0 MEDIUM | N/A |
| MIME buffer overflow in email clients, e.g. Solaris mailtool and Outlook. | |||||
| CVE-2002-1950 | 1 Phprank | 1 Phprank | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in phpRank 1.8 allows remote attackers to inject arbitrary web script or HTML via the (1) the email parameter of add.php or (2) the banner URL (banurl parameter) in the main list. | |||||
| CVE-2005-3280 | 1 Paros | 1 Paros | 2025-04-03 | 7.5 HIGH | N/A |
| Paros 3.2.5 uses a default password for the "sa" account in the underlying HSQLDB database and does not restrict access to the local machine, which allows remote attackers to gain privileges. | |||||
| CVE-2004-2350 | 1 Phpbb Group | 1 Phpbb | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in search.php for phpBB 1.0 through 2.0.6 allows remote attackers to execute arbitrary SQL and gain privileges via the search_results parameter. | |||||
| CVE-2003-0009 | 1 Microsoft | 2 Windows Me, Windows Xp | 2025-04-03 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Help and Support Center for Microsoft Windows Me allows remote attackers to execute arbitrary script in the Local Computer security context via an hcp:// URL with the malicious script in the topic parameter. | |||||
| CVE-2006-3692 | 1 Silentweb | 1 Listmessenger | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in enduser/listmessenger.php in ListMessenger 0.9.3 allows remote attackers to execute arbitrary PHP code via a URL in the lm_path parameter. NOTE: the vendor has disputed this issue to SecurityTracker, stating that the $lm_path variable is set to a constant value. As of 20060726, CVE concurs with the vendor based on SecurityTracker's post-disclosure analysis | |||||
| CVE-1999-0800 | 1 Allaire | 1 Forums | 2025-04-03 | 5.0 MEDIUM | N/A |
| The GetFile.cfm file in Allaire Forums allows remote attackers to read files through a parameter to GetFile.cfm. | |||||
| CVE-2000-0374 | 1 Caldera | 1 Openlinux | 2025-04-03 | 10.0 HIGH | N/A |
| The default configuration of kdm in Caldera and Mandrake Linux, and possibly other distributions, allows XDMCP connections from any host, which allows remote attackers to obtain sensitive information or bypass additional access restrictions. | |||||
| CVE-2006-3123 | 1 Matt Blaze | 1 Cryptographic File System | 2025-04-03 | 2.1 LOW | N/A |
| Multiple integer overflows in the (1) dodecrypt and (2) doencrypt functions in cfs_fh.c in cfsd in Matt Blaze Cryptographic File System (CFS) 1.4.1 before Debian GNU/Linux package 1.4.1-17 allow local users to cause a denial of service (daemon crash) by appending data to a file that is larger than 2 Gb. | |||||
| CVE-2003-0834 | 1 Sco | 2 Open Unix, Unixware | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in CDE libDtHelp library allows local users to execute arbitrary code via (1) a modified DTHELPUSERSEARCHPATH environment variable and the Help feature, (2) DTSEARCHPATH, or (3) LOGNAME. | |||||
| CVE-2004-1517 | 1 Zonelabs | 1 Imsecure | 2025-04-03 | 7.5 HIGH | N/A |
| Zone Labs IMsecure and IMsecure Pro before 1.5 allow remote attackers to bypass Active Link Filtering via an instant message containing a URL with hex encoded file extensions. | |||||
| CVE-2002-1916 | 1 Pirch | 2 Pirch Irc, Ruspirch | 2025-04-03 | 5.0 MEDIUM | N/A |
| Pirch and RusPirch, when auto-log is enabled, allows remote attackers to cause a denial of service (crash) via a nickname containing an MS-DOS device name such as AUX, which is inserted into a filename for saving queries. | |||||
| CVE-2003-0255 | 1 Gnu | 1 Privacy Guard | 2025-04-03 | 10.0 HIGH | N/A |
| The key validation code in GnuPG before 1.2.2 does not properly determine the validity of keys with multiple user IDs and assigns the greatest validity of the most valid user ID, which prevents GnuPG from warning the encrypting user when a user ID does not have a trusted path. | |||||
| CVE-2003-0647 | 1 Cisco | 1 Ios | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the HTTP server for Cisco IOS 12.2 and earlier allows remote attackers to execute arbitrary code via an extremely long (2GB) HTTP GET request. | |||||
| CVE-2001-1365 | 1 Osi Codes Inc. | 1 Intragnat | 2025-04-03 | 7.5 HIGH | N/A |
| Vulnerability in IntraGnat before 1.4. | |||||
| CVE-2002-1125 | 1 Freebsd | 1 Freebsd | 2025-04-03 | 2.1 LOW | N/A |
| FreeBSD port programs that use libkvm for FreeBSD 4.6.2-RELEASE and earlier, including (1) asmon, (2) ascpu, (3) bubblemon, (4) wmmon, and (5) wmnet2, leave open file descriptors for /dev/mem and /dev/kmem, which allows local users to read kernel memory. | |||||
| CVE-2006-4238 | 1 Wtcom | 1 Web Torrent | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in torrents.php in WebTorrent (WTcom) 0.2.4 and earlier allows remote attackers to execute arbitrary SQL commands via the cat parameter in category mode. | |||||
| CVE-2006-0168 | 1 Myphpim | 1 Myphpim | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in MyPhPim 01.05 allows remote attackers to inject arbitrary web script or HTML via the description field on the "Create New todo" page. | |||||