Total
29798 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-1725 | 1 John Bradley | 1 Xv | 2025-04-03 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in xvbmp.c in XV allows remote attackers to execute arbitrary code via a crafted image file. | |||||
| CVE-2006-2202 | 1 Invision Power Services | 1 Invision Gallery | 2025-04-03 | 6.4 MEDIUM | N/A |
| SQL injection vulnerability in post.php in Invision Gallery 2.0.6 allows remote attackers to execute arbitrary SQL commands via the album parameter. | |||||
| CVE-2005-3085 | 1 Riverdark Studios | 1 Rss Syndicator Module | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in rss.php in Riverdark Studios RSS Syndicator module 2.1.7 allow remote attackers to inject arbitrary web script or HTML via the (1) forum or (2) topic parameters. | |||||
| CVE-2005-4137 | 1 Fad Solutions | 1 Drzes Hms | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in viewinvoice.php in DRZES HMS 3.2 allows remote attackers to execute arbitrary SQL commands via the invoiceID parameter. | |||||
| CVE-2005-4085 | 1 Bluecoat | 2 Proxyav, Webproxy | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in BlueCoat (a) WinProxy before 6.1a and (b) the web console access functionality in ProxyAV before 2.4.2.3 allows remote attackers to execute arbitrary code via a long Host: header. | |||||
| CVE-2006-3155 | 1 Thinkfactory | 1 Ultimate Estate | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Ultimate Auction 1.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) item parameter in (a) emailtofriend.pl or (b) violation.pl, (2) seller parameter in (c) vsoa.pl, (3) user parameter in (d) userask.pl or (e) leavefeed.pl, (4) itemnum parameter in userask.pl, (5) category parameter in (f) itemlist.pl, and the (6) query parameter in (g) search.pl. | |||||
| CVE-2000-0377 | 1 Microsoft | 1 Windows Nt | 2025-04-03 | 5.0 MEDIUM | N/A |
| The Remote Registry server in Windows NT 4.0 allows local authenticated users to cause a denial of service via a malformed request, which causes the winlogon process to fail, aka the "Remote Registry Access Authentication" vulnerability. | |||||
| CVE-2006-3683 | 1 Flipper Poll | 1 Flipper Poll | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in poll.php in Flipper Poll 1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the root_path parameter. | |||||
| CVE-2006-0888 | 1 Invision Power Services | 1 Invision Power Board | 2025-04-03 | 2.6 LOW | N/A |
| index.php in Invision Power Board (IPB) 2.0.1, with Code Confirmation disabled, allows remote attackers to cause an unspecified denial of service by registering a large number of users. | |||||
| CVE-2001-0939 | 1 Lotus | 1 Domino | 2025-04-03 | 5.0 MEDIUM | N/A |
| Lotus Domino 5.08 and earlier allows remote attackers to cause a denial of service (crash) via a SunRPC NULL command to port 443. | |||||
| CVE-1999-1130 | 1 Netscape | 1 Enterprise Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Default configuration of the search engine in Netscape Enterprise Server 3.5.1, and possibly other versions, allows remote attackers to read the source of JHTML files by specifying a search command using the HTML-tocrec-demo1.pat pattern file. | |||||
| CVE-2004-2359 | 1 Dell | 1 Truemobile 1300 Wlan Mini-pci Card Util Trayapplet | 2025-04-03 | 10.0 HIGH | N/A |
| Dell TrueMobile 1300 WLAN Mini-PCI Card Util TrayApplet 3.10.39.0 does not properly drop SYSTEM privileges when started from the systray applet, which allows local users to gain privileges by accessing the Help functionality. | |||||
| CVE-2002-1966 | 1 My Postcards | 1 My Postcards Platinum | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in magiccard.cgi in My Postcards Platinum 5.0 and 6.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter. | |||||
| CVE-2006-0315 | 1 Indexcor | 1 Ezdatabase | 2025-04-03 | 5.8 MEDIUM | N/A |
| index.php in EZDatabase before 2.1.2 does not properly cleanse the p parameter before constructing and including a .php filename, which allows remote attackers to conduct directory traversal attacks, and produces resultant cross-site scripting (XSS) and path disclosure. | |||||
| CVE-2005-4252 | 1 Mcgallery | 1 Mcgallery Pro | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in mcGallery PRO 2.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search module parameters. | |||||
| CVE-2001-1399 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 2.1 LOW | N/A |
| Certain operations in Linux kernel before 2.2.19 on the x86 architecture copy the wrong number of bytes, which might allow attackers to modify memory, aka "User access asm bug on x86." | |||||
| CVE-2002-0861 | 1 Microsoft | 2 Office Web Components, Project | 2025-04-03 | 7.5 HIGH | N/A |
| Microsoft Office Web Components (OWC) 2000 and 2002 allows remote attackers to bypass the "Allow paste operations via script" setting, even when it is disabled, via the (1) Copy method of the Cell object or (2) the Paste method of the Range object. | |||||
| CVE-2005-2300 | 1 Skype Technologies | 1 Skype | 2025-04-03 | 2.1 LOW | N/A |
| Skype 1.1.0.20 and earlier allows local users to overwrite arbitrary files via a symlink attack on the skype_profile.jpg temporary file. | |||||
| CVE-2002-2033 | 1 Faqmanager | 1 Faqmanager.cgi | 2025-04-03 | 5.0 MEDIUM | N/A |
| faqmanager.cgi in FAQManager 2.2.5 and earlier allows remote attackers to read arbitrary files by specifying the filename in the toc parameter with a trailing null character (%00). | |||||
| CVE-2001-0769 | 1 Steve Poulsen | 1 Guildftpd | 2025-04-03 | 5.0 MEDIUM | N/A |
| Memory leak in GuildFTPd Server 0.97 allows remote attackers to cause a denial of service via a request containing a null character. | |||||