Total
29870 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-1490 | 1 Redhat | 1 Linux | 2025-04-03 | 7.2 HIGH | N/A |
| xosview 1.5.1 in Red Hat 5.1 allows local users to gain root access via a long HOME environmental variable. | |||||
| CVE-2001-0129 | 1 Tinyproxy | 1 Tinyproxy | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in Tinyproxy HTTP proxy 1.3.3 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long connect request. | |||||
| CVE-1999-1393 | 1 Apple | 1 Macos | 2025-04-03 | 4.6 MEDIUM | N/A |
| Control Panel "Password Security" option for Apple Powerbooks allows attackers with physical access to the machine to bypass the security by booting it with an emergency startup disk and using a disk editor to modify the on/off toggle or password in the aaaaaaaAPWD file, which is normally inaccessible. | |||||
| CVE-2003-0079 | 1 Hanterm | 1 Hanterm-xf | 2025-04-03 | 2.1 LOW | N/A |
| The DEC UDK processing feature in the hanterm (hanterm-xf) terminal emulator before 2.0.5 allows attackers to cause a denial of service via a certain character escape sequence that causes the terminal to enter a tight loop. | |||||
| CVE-2000-0050 | 1 Allaire | 1 Spectra | 2025-04-03 | 4.6 MEDIUM | N/A |
| The Allaire Spectra Webtop allows authenticated users to access other Webtop sections by specifying explicit URLs. | |||||
| CVE-2003-0071 | 1 Xfree86 Project | 1 X11r6 | 2025-04-03 | 2.1 LOW | N/A |
| The DEC UDK processing feature in the xterm terminal emulator in XFree86 4.2.99.4 and earlier allows attackers to cause a denial of service via a certain character escape sequence that causes the terminal to enter a tight loop. | |||||
| CVE-2006-3481 | 1 Joomla | 1 Joomla | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Joomla! before 1.0.10 allow remote attackers to execute arbitrary SQL commands via unspecified parameters involving the (1) "Remember Me" function, (2) "Related Items" module, and the (3) "Weblinks submission". | |||||
| CVE-2002-0656 | 3 Apple, Openssl, Oracle | 5 Mac Os X, Openssl, Application Server and 2 more | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflows in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, allow remote attackers to execute arbitrary code via (1) a large client master key in SSL2 or (2) a large session ID in SSL3. | |||||
| CVE-2002-0932 | 1 Luis Bernardo | 1 Myhelpdesk | 2025-04-03 | 6.4 MEDIUM | N/A |
| SQL injection vulnerability in index.php for MyHelpDesk 20020509, and possibly other versions, allows remote attackers to conduct unauthorized activities via SQL code in the "id" parameter for the operations (1) detailticket, (2) editticket, or (3) updateticketlog. | |||||
| CVE-2005-3911 | 1 Bosdev | 1 Bosdates | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in calendar.php in BosDates 4.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) year and (2) category parameters. | |||||
| CVE-2002-2039 | 1 Qnx | 1 Rtos | 2025-04-03 | 2.1 LOW | N/A |
| /bin/su in QNX realtime operating system (RTOS) 4.25 and 6.1.0 allows local users to obtain sensitive information from core dump files by sending the SIGSERV (invalid memory reference) signal. | |||||
| CVE-2001-1283 | 1 Ipswitch | 1 Imail | 2025-04-03 | 7.5 HIGH | N/A |
| The webmail interface for Ipswitch IMail 7.04 and earlier allows remote authenticated users to cause a denial of service (crash) via a mailbox name that contains a large number of . (dot) or other characters to programs such as (1) readmail.cgi or (2) printmail.cgi, possibly due to a buffer overflow that may allow execution of arbitrary code. | |||||
| CVE-2002-2104 | 1 Ganglia | 1 Php Rrd Web Client | 2025-04-03 | 7.5 HIGH | N/A |
| graph.php in Ganglia PHP RRD Web Client 1.0.2 allows remote attackers to execute arbitrary commands via the command parameter, which is provided to the passthru function. | |||||
| CVE-1999-0911 | 1 Proftpd Project | 1 Proftpd | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in ProFTPD, wu-ftpd, and beroftpd allows remote attackers to gain root access via a series of MKD and CWD commands that create nested directories. | |||||
| CVE-2002-0027 | 1 Microsoft | 1 Internet Explorer | 2025-04-03 | 7.5 HIGH | N/A |
| Internet Explorer 5.5 and 6.0 allows remote attackers to read certain files and spoof the URL in the address bar by using the Document.open function to pass information between two frames from different domains, a new variant of the "Frame Domain Verification" vulnerability described in MS:MS01-058/CAN-2001-0874. | |||||
| CVE-2006-3205 | 1 Ultimate Php Board | 1 Ultimate Php Board | 2025-04-03 | 5.0 MEDIUM | N/A |
| Ultimate PHP Board (UPB) 1.9.6 and earlier allows remote attackers to gain access via modified user_env, pass_env, power_env, and id_env parameters in a cookie, which comprise a persistent logon that does not vary across sessions. | |||||
| CVE-2001-1117 | 1 Linksys | 1 Befsr41 | 2025-04-03 | 5.0 MEDIUM | N/A |
| LinkSys EtherFast BEFSR41 Cable/DSL routers running firmware before 1.39.3 Beta allows a remote attacker to view administration and user passwords by connecting to the router and viewing the HTML source for (1) index.htm and (2) Password.htm. | |||||
| CVE-2005-4039 | 1 Web4future | 1 Portal Solutions | 2025-04-03 | 7.8 HIGH | N/A |
| Directory traversal vulnerability in arhiva.php in Web4Future Portal Solutions News Portal allows remote attackers to read arbitrary files via the dir parameter. | |||||
| CVE-2001-1509 | 1 Hp | 1 Hp-ux | 2025-04-03 | 4.6 MEDIUM | N/A |
| geteuid in Itanium Architecture (IA) running on HP-UX 11.20 does not properly identify a user's effective user id, which could allow local users to gain privileges. | |||||
| CVE-2004-1385 | 1 Phpgroupware | 1 Phpgroupware | 2025-04-03 | 5.0 MEDIUM | N/A |
| phpGroupWare 0.9.16.003 and earlier allows remote attackers to gain sensitive information via (1) unexpected characters in the session ID such as shell metacharacters, (2) an invalid appname parameter to preferences.php or (3) an invalid menuaction parameter to index.php, which reveals the web server path in an error message. | |||||