Total
29868 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-2580 | 1 Hp | 1 Openview Network Node Manager | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple unspecified vulnerabilities in HP OpenView Network Node Manager (OV NNM) 6.20, 6.4x, 7.01, and 7.50 allow remote attackers to gain privileged access, execute arbitrary commands, or create arbitrary files via unknown vectors. | |||||
| CVE-2005-1794 | 1 Microsoft | 2 Remote Desktop Connection, Windows Terminal Services Using Rdp | 2025-04-03 | 6.4 MEDIUM | N/A |
| Microsoft Terminal Server using Remote Desktop Protocol (RDP) 5.2 stores an RSA private key in mstlsapi.dll and uses it to sign a certificate, which allows remote attackers to spoof public keys of legitimate servers and conduct man-in-the-middle attacks. | |||||
| CVE-2003-0935 | 1 Net-snmp | 1 Net-snmp | 2025-04-03 | 6.4 MEDIUM | N/A |
| Net-SNMP before 5.0.9 allows a user or community to access data in MIB objects, even if that data is not allowed to be viewed. | |||||
| CVE-2004-1199 | 1 Apple | 1 Safari | 2025-04-03 | 5.0 MEDIUM | N/A |
| Safari 1.2.4 on Mac OS X 10.3.6 allows remote attackers to cause a denial of service (application crash from memory exhaustion), as demonstrated using Javascript code that continuously creates nested arrays and then sorts the newly created arrays. | |||||
| CVE-2000-0690 | 1 Cgi Script Center | 1 Auction Weaver | 2025-04-03 | 10.0 HIGH | N/A |
| Auction Weaver CGI script 1.02 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the fromfile parameter. | |||||
| CVE-1999-0294 | 1 Microsoft | 1 Wins | 2025-04-03 | 5.0 MEDIUM | N/A |
| All records in a WINS database can be deleted through SNMP for a denial of service. | |||||
| CVE-1999-0691 | 4 Cde, Digital, Ibm and 1 more | 5 Cde, Unix, Aix and 2 more | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in the AddSuLog function of the CDE dtaction utility allows local users to gain root privileges via a long user name. | |||||
| CVE-2003-0488 | 1 Kerio | 1 Kerio Mailserver | 2025-04-03 | 5.1 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Kerio MailServer 5.6.3 allow remote attackers to insert arbitrary web script via (1) the add_name parameter in the add_acl module, or (2) the alias parameter in the do_map module. | |||||
| CVE-2001-1094 | 1 Crosstec Corporation | 1 Netop School | 2025-04-03 | 4.6 MEDIUM | N/A |
| NetOp School 1.5 allows local users to bypass access restrictions on the administration version by logging into the student version, closing the student version, then starting the administration version. | |||||
| CVE-2006-0360 | 1 Mpm | 1 Hp-180w Voip Wifi Phone | 2025-04-03 | 6.4 MEDIUM | N/A |
| MPM SIP HP-180W Wireless IP Phone WE.00.17 allows remote attackers to obtain sensitive information and possibly cause a denial of service via a direct connection to UDP port 9090, which is undocumented and does not require authentication. | |||||
| CVE-2006-1386 | 1 Twiki | 1 Twiki | 2025-04-03 | 7.5 HIGH | N/A |
| The (1) rdiff and (2) preview scripts in TWiki 4.0 and 4.0.1 ignore access control settings, which allows remote attackers to read restricted areas and access restricted content in TWiki topics. | |||||
| CVE-2002-0143 | 2 Enlightenment, Michael Jennings | 2 Imlib, Eterm | 2025-04-03 | 4.6 MEDIUM | N/A |
| Buffer overflow in Eterm of Enlightenment Imlib2 1.0.4 and earlier allows local users to execute arbitrary code via a long HOME environment variable. | |||||
| CVE-2000-1101 | 1 Texas Imperial Software | 1 Wftpd | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Winsock FTPd (WFTPD) 3.00 and 2.41 with the "Restrict to home directory" option enabled allows local users to escape the home directory via a "/../" string, a variation of the .. (dot dot) attack. | |||||
| CVE-2003-1010 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | 4.6 MEDIUM | N/A |
| Unknown vulnerability in fs_usage in Mac OS X 10.2.8 and 10.3.2 and Mac OS X Server 10.2.8 and 10.3.2 allows local users to gain privileges via unknown attack vectors. | |||||
| CVE-2002-0488 | 1 Linux Directory Penguin | 1 Linux Directory Penguin Traceroute | 2025-04-03 | 10.0 HIGH | N/A |
| Linux Directory Penguin traceroute.pl CGI script 1.0 allows remote attackers to execute arbitrary code via shell metacharacters in the host parameter. | |||||
| CVE-2002-1539 | 1 Alt-n | 1 Mdaemon | 2025-04-03 | 5.0 MEDIUM | N/A |
| Buffer overflow in MDaemon POP server 6.0.7 and earlier allows remote authenticated users to cause a denial of service via long (1) DELE or (2) UIDL arguments. | |||||
| CVE-2006-4427 | 1 Efiction | 1 Efiction | 2025-04-03 | 5.1 MEDIUM | N/A |
| index.php in eFiction before 2.0.7 allows remote attackers to bypass authentication and gain privileges by setting the (1) adminloggedin, (2) loggedin, and (3) level parameters to "1". | |||||
| CVE-2003-0357 | 1 Ethereal Group | 1 Ethereal | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple integer overflow vulnerabilities in Ethereal 0.9.11 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) Mount and (2) PPP dissectors. | |||||
| CVE-2005-3180 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 5.0 MEDIUM | N/A |
| The Orinoco driver (orinoco.c) in Linux kernel 2.6.13 and earlier does not properly clear memory from a previously used packet whose length is increased, which allows remote attackers to obtain sensitive information. | |||||
| CVE-2006-2871 | 1 Cyboards | 1 Cyboards Php Lite | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in include/common.php in CyBoards PHP Lite 1.25 allows remote attackers to execute arbitrary PHP code via a URL in the script_path parameter. NOTE: CVE disputes this issue, since $script_path is set to a constant value | |||||