Total
5476 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-2112 | 2 Dell, Fuji Xerox | 19 3000cn, 3010cn, 3100cn and 16 more | 2025-04-03 | 7.5 HIGH | N/A |
| Fuji Xerox Printing Systems (FXPS) print engine, as used in products including (1) Dell 3000cn through 5110cn and (2) Fuji Xerox DocuPrint firmware before 20060628 and Network Option Card firmware before 5.13, allows remote attackers to use the FTP printing interface as a proxy ("FTP bounce") by using arbitrary PORT arguments to connect to systems for which access would be otherwise restricted. | |||||
| CVE-2004-2694 | 1 Microsoft | 1 Outlook Express | 2025-04-03 | 5.8 MEDIUM | N/A |
| Microsoft Outlook Express 6.0 allows remote attackers to bypass intended access restrictions, load content from arbitrary sources into the Outlook context, and facilitate phishing attacks via a "BASE HREF" with the target set to "_top". | |||||
| CVE-2006-3733 | 1 Cisco | 1 Security Monitoring Analysis And Response System | 2025-04-03 | 7.5 HIGH | N/A |
| jmx-console/HtmlAdaptor in the jmx-console in the JBoss web application server, as shipped with Cisco Security Monitoring, Analysis and Response System (CS-MARS) before 4.2.1, allows remote attackers to gain privileges as the CS-MARS administrator and execute arbitrary Java code via an invokeOp action in the BSHDeployer jboss.scripts service name. | |||||
| CVE-2006-2530 | 1 Snitz Communications | 2 Avatar Mod, Snitz Forums 2000 | 2025-04-03 | 5.0 MEDIUM | N/A |
| avatar_upload.asp in Avatar MOD 1.3 for Snitz Forums 3.4, and possibly other versions, allows remote attackers to bypass file type checks and upload arbitrary files via a null byte in the file name, as discovered by the Codescan product. | |||||
| CVE-2003-1081 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 10.0 HIGH | N/A |
| Aspppls for Solaris 8 allows local users to overwrite arbitrary files via a symlink attack on the .asppp.fifo temporary file. | |||||
| CVE-2005-2959 | 1 Todd Miller | 1 Sudo | 2025-04-03 | 4.6 MEDIUM | N/A |
| Incomplete blacklist vulnerability in sudo 1.6.8 and earlier allows local users to gain privileges via the (1) SHELLOPTS and (2) PS4 environment variables before executing a bash script on behalf of another user, which are not cleared even though other variables are. | |||||
| CVE-2004-2743 | 1 Raditha Dissanayake | 1 Mega Upload Progress Bar | 2025-04-03 | 6.4 MEDIUM | N/A |
| upload.cgi in Mega Upload Progress Bar before 1.45 allows remote attackers to copy or overwrite arbitrary files via unspecified parameters related to names of uploaded files. | |||||
| CVE-2003-0857 | 1 Redhat | 1 Enterprise Linux | 2025-04-03 | 4.6 MEDIUM | N/A |
| The (1) ipq_read and (2) ipulog_read functions in iptables allow local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface. | |||||
| CVE-2006-2095 | 1 Phex | 1 Phex | 2025-04-03 | 5.0 MEDIUM | N/A |
| Phex before 2.8.6 allows remote attackers to cause a denial of service (application hang) by initiating multiple chat requests to a single user and then logging off. | |||||
| CVE-2004-2699 | 1 Aspdotnetstorefront | 1 Aspdotnetstorefront | 2025-04-03 | 4.3 MEDIUM | N/A |
| deleteicon.aspx in AspDotNetStorefront 3.3 allows remote attackers to delete arbitrary product images via a modified ProductID parameter. | |||||
| CVE-2002-2270 | 1 Hp | 1 Hp-ux | 2025-04-03 | 3.6 LOW | N/A |
| Unspecified vulnerability in the ied command in HP-UX 10.10, 10.20, and 11.0 allows local users to view "normally invisible data" via unknown attack vectors. | |||||
| CVE-2002-2320 | 1 Mysimplenews | 1 Mysimplenews | 2025-04-03 | 7.8 HIGH | N/A |
| MySimpleNews 1.0 allows remote attackers to delete arbitrary email messages via a direct request to vider.php3. | |||||
| CVE-2005-0735 | 1 Newsscript.co.uk | 1 Newsscript | 2025-04-03 | 10.0 HIGH | N/A |
| newsscript.pl for NewsScript allows remote attackers to gain privileges by setting the mode parameter to admin. | |||||
| CVE-2003-1552 | 1 Graeme | 1 Uploader | 2025-04-03 | 6.8 MEDIUM | N/A |
| Unrestricted file upload vulnerability in uploader.php in Uploader 1.1 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in uploads/. | |||||
| CVE-2004-2729 | 1 Hummingbird | 1 Connectivity | 2025-04-03 | 4.4 MEDIUM | N/A |
| Inetd32 Administration Tool of Hummingbird Connectivity 7.1 and 9.0 allows local users to execute arbitrary code by changing the program for handling incoming connections. | |||||
| CVE-2006-1735 | 1 Mozilla | 4 Firefox, Mozilla Suite, Seamonkey and 1 more | 2025-04-03 | 9.3 HIGH | N/A |
| Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to execute arbitrary code by using an eval in an XBL method binding (XBL.method.eval) to create Javascript functions that are compiled with extra privileges. | |||||
| CVE-2005-1753 | 1 Sun | 1 Javamail | 2025-04-03 | 5.0 MEDIUM | N/A |
| ReadMessage.jsp in JavaMail API 1.1.3 through 1.3, as used by Apache Tomcat 5.0.16, allows remote attackers to view other users' e-mail attachments via a direct request to /mailboxesdir/username@domainname. NOTE: Sun and Apache dispute this issue. Sun states: "The report makes references to source code and files that do not exist in the mentioned products. | |||||
| CVE-2002-2363 | 1 Hp | 1 Hp-ux | 2025-04-03 | 7.2 HIGH | N/A |
| VJE.VJE-RUN in HP-UX 11.00 adds bin to /etc/PATH, which could allow local users to gain privileges. | |||||
| CVE-1999-0496 | 1 Microsoft | 1 Windows Nt | 2025-04-03 | 7.2 HIGH | N/A |
| A Windows NT 4.0 user can gain administrative rights by forcing NtOpenProcessToken to succeed regardless of the user's permissions, aka GetAdmin. | |||||
| CVE-2005-2938 | 1 Apple | 1 Itunes | 2025-04-03 | 7.2 HIGH | N/A |
| Unquoted Windows search path vulnerability in iTunesHelper.exe in iTunes 4.7.1.30 and iTunes 5 for Windows might allow local users to gain privileges via a malicious C:\program.exe file. | |||||