Total
29557 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-1410 | 2 Ben Chivers, Easy Scripts Archive | 2 Ben Chivers Guestbook, Easy Guestbook | 2025-04-03 | 7.5 HIGH | N/A |
| Easy Guestbook CGI programs do not authenticate the administrator, which allows remote attackers to (1) delete entries via direct access of admin.cgi, or (2) reconfigure Guestbook via direct access of config.cgi. | |||||
| CVE-2005-1302 | 1 Swsoft | 1 Confixx | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Confixx 3.08 and earlier allows remote attackers to execute arbitrary SQL commands via the "change user" field. | |||||
| CVE-2006-3653 | 1 Microsoft | 1 Works | 2025-04-03 | 2.6 LOW | N/A |
| wksss.exe 8.4.702.0 in Microsoft Works Spreadsheet 8.0 allows remote attackers to cause a denial of service (CPU consumption or crash) via crafted (1) Works, (2) Excel, and (3) Lotus 1-2-3 files. | |||||
| CVE-2005-1606 | 1 Positive Software | 1 H-sphere Winbox | 2025-04-03 | 4.6 MEDIUM | N/A |
| H-Sphere Winbox 2.4.2 and 2.4.3 RC1 stores sensitive information such as username and password in plaintext in world-readable log files, which allows local users to gain privileges. | |||||
| CVE-2001-1451 | 1 Microsoft | 1 Windows 2000 | 2025-04-03 | 5.0 MEDIUM | N/A |
| Memory leak in the SNMP LAN Manager (LANMAN) MIB extension for Microsoft Windows 2000 before SP3, when the Print Spooler is not running, allows remote attackers to cause a denial of service (memory consumption) via a large number of GET or GETNEXT requests. | |||||
| CVE-2003-0424 | 1 Apple | 1 Darwin Streaming Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Apple QuickTime / Darwin Streaming Server before 4.1.3f allows remote attackers to obtain the source code for scripts by appending encoded space (%20) or . (%2e) characters to an HTTP request for the script, e.g. view_broadcast.cgi. | |||||
| CVE-2005-3628 | 1 Xpdf | 1 Xpdf | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the JBIG2Bitmap::JBIG2Bitmap function in JBIG2Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to modify memory and possibly execute arbitrary code via unknown attack vectors. | |||||
| CVE-2001-0359 | 2 Sierra, Valve Software | 2 Half-life, Half-life Dedicated Server | 2025-04-03 | 7.5 HIGH | N/A |
| Format string vulnerability in Sierra Half-Life build 1573 and earlier allows a remote attacker to execute arbitrary code via the map command. | |||||
| CVE-2002-0150 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in Internet Information Server (IIS) 4.0, 5.0, and 5.1 allows remote attackers to spoof the safety check for HTTP headers and cause a denial of service or execute arbitrary code via HTTP header field values. | |||||
| CVE-2006-4043 | 1 Mywebland | 1 Mybloggie | 2025-04-03 | 5.0 MEDIUM | N/A |
| index.php in myWebland myBloggie 2.1.4 and earlier allows remote attackers to obtain sensitive information via a query that only specifies the viewdate mode, which reveals the table prefix in a SQL error message. | |||||
| CVE-2002-1278 | 1 Jacques Gelinas | 1 Linuxconf | 2025-04-03 | 7.5 HIGH | N/A |
| The mailconf module in Linuxconf 1.24, and other versions before 1.28, on Conectiva Linux 6.0 through 8, and possibly other distributions, generates the Sendmail configuration file (sendmail.cf) in a way that configures Sendmail to run as an open mail relay, which allows remote attackers to send Spam email. | |||||
| CVE-1999-1381 | 1 Dbadmin | 1 Dbadmin | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in dbadmin CGI program 1.0.1 on Linux allows remote attackers to execute arbitrary commands. | |||||
| CVE-2006-0617 | 1 Sun | 2 Jdk, Jre | 2025-04-03 | 4.0 MEDIUM | N/A |
| Multiple unspecified vulnerabilities in Sun Java JDK and JRE 5.0 Update 5 and earlier allow remote attackers to bypass Java sandbox security and obtain privileges via unspecified vectors involving the reflection APIs, aka the "fifth, sixth, and seventh issues." | |||||
| CVE-2003-0213 | 1 Poptop | 1 Pptp Server | 2025-04-03 | 7.5 HIGH | N/A |
| ctrlpacket.c in PoPToP PPTP server before 1.1.4-b3 allows remote attackers to cause a denial of service via a length field of 0 or 1, which causes a negative value to be fed into a read operation, leading to a buffer overflow. | |||||
| CVE-2002-2098 | 1 Axspawn | 1 Axspawn | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in axspawn.c in Axspawn-pam before 0.2.1a allows remote attackers to execute arbitrary code via large packets. | |||||
| CVE-2006-1110 | 1 Aztek Forum | 1 Aztek Forum | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Aztek Forum 4.0 allows remote attackers to inject arbitrary web script or HTML via the message body in a new message. | |||||
| CVE-2006-0609 | 1 Hinton Design | 1 Phphd | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in add.php in Hinton Design phphd 1.0 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | |||||
| CVE-2006-3852 | 1 Phptoys | 1 Micro Guestbook | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Micro GuestBook allows remote attackers to execute arbitrary SQL commands via the (1) name or (2) comment ("text") fields. | |||||
| CVE-2004-1744 | 1 Efs Software | 1 Efs Web Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Easy File Sharing (EFS) Webserver 1.25 allows remote attackers to cause a denial of service (CPU consumption or crash) via many large HTTP requests. | |||||
| CVE-2002-0286 | 1 Sitenews | 1 Sitenews | 2025-04-03 | 7.5 HIGH | N/A |
| The GetPassword function in function.php of SiteNews 0.10 and 0.11 allows remote attackers to gain privileges and add users by providing a non-existent user name and the MD5 checksum for an empty password to add_user.php, which causes GetPassword to produce and compare a blank password for the non-existent user. | |||||