Total
29868 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-1828 | 1 Belchior Foundry | 1 Vcard | 2025-04-03 | 5.0 MEDIUM | N/A |
| Vcard 2.9 and possibly other versions does not require authorization to run uninstall.php, which could allow remote attackers to uninstall Vcard and delete database tables via a direct request to uninstall.php. | |||||
| CVE-2006-3521 | 1 Simian Systems Inc | 1 Siteforge Collaborative Development Platform | 2025-04-03 | 5.8 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index/siteforge-bugs-action/proj.siteforge in SiteForge Collaborative Development Platform 1.0.4 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) _status, (2) _extra1, (3) _extra2, or (4) _extra3 parameters. | |||||
| CVE-2002-0092 | 1 Cvs | 1 Cvs | 2025-04-03 | 5.0 MEDIUM | N/A |
| CVS before 1.10.8 does not properly initialize a global variable, which allows remote attackers to cause a denial of service (server crash) via the diff capability. | |||||
| CVE-2003-0149 | 1 Mcafee | 1 Epolicy Orchestrator | 2025-04-03 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in ePO agent for McAfee ePolicy Orchestrator 2.0, 2.5, and 2.5.1 allows remote attackers to execute arbitrary code via a POST request containing long parameters. | |||||
| CVE-2004-2023 | 1 Zen Cart | 1 Zen Cart | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in login.php in Zen Cart 1.1.2d, 1.1.4 before patch 1, and possibly other versions allows remote attackers to execute arbitrary SQL via the (1) admin_name or (2) admin_pass parameters. | |||||
| CVE-1999-0784 | 1 Oracle | 1 Database Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Denial of service in Oracle TNSLSNR SQL*Net Listener via a malformed string to the listener port, aka NERP. | |||||
| CVE-2005-1240 | 1 Castlehill | 1 Secure Net | 2025-04-03 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in the third party tool from Castlehill, as used to secure the iSeries AS/400 FTP server, allows remote attackers to access arbitrary files, including those from qsys.lib, via ".." sequences in a GET request. | |||||
| CVE-2003-0108 | 1 Lbl | 1 Tcpdump | 2025-04-03 | 5.0 MEDIUM | N/A |
| isakmp_sub_print in tcpdump 3.6 through 3.7.1 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed ISAKMP packet to UDP port 500, which causes tcpdump to enter an infinite loop. | |||||
| CVE-2002-0655 | 3 Apple, Openssl, Oracle | 5 Mac Os X, Openssl, Application Server and 2 more | 2025-04-03 | 7.5 HIGH | N/A |
| OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, does not properly handle ASCII representations of integers on 64 bit platforms, which could allow attackers to cause a denial of service and possibly execute arbitrary code. | |||||
| CVE-2002-0976 | 1 Microsoft | 1 Internet Explorer | 2025-04-03 | 6.4 MEDIUM | N/A |
| Internet Explorer 4.0 and later allows remote attackers to read arbitrary files via a web page that accesses a legacy XML Datasource applet (com.ms.xml.dso.XMLDSO.class) and modifies the base URL to point to the local system, which is trusted by the applet. | |||||
| CVE-2005-3767 | 1 Exponent | 1 Exponent | 2025-04-03 | 5.0 MEDIUM | N/A |
| Exponent CMS 0.96.3 and later versions does not properly restrict the types of uploaded files, which allows remote attackers to upload and execute PHP files. | |||||
| CVE-2001-0233 | 3 Debian, Matthew Smith, Redhat | 3 Debian Linux, Micq, Linux | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in micq client 0.4.6 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long Description field. | |||||
| CVE-2000-0240 | 1 Vqsoft | 1 Vqserver | 2025-04-03 | 5.0 MEDIUM | N/A |
| vqSoft vqServer program allows remote attackers to read arbitrary files via a /........../ in the URL, a variation of a .. (dot dot) attack. | |||||
| CVE-2002-1557 | 1 Cisco | 1 Optical Networking Systems Software | 2025-04-03 | 5.0 MEDIUM | N/A |
| Cisco ONS15454 and ONS15327 running ONS before 3.4 allows attackers to cause a denial of service (reset to TCC, TCC+, TCCi or XTC) via a malformed HTTP request that does not contain a leading / (slash) character. | |||||
| CVE-2002-0814 | 1 Vmware | 1 Gsx Server | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in VMware Authorization Service for VMware GSX Server 2.0.0 build-2050 allows remote authenticated users to execute arbitrary code via a long GLOBAL argument. | |||||
| CVE-2005-4759 | 1 Bea | 1 Weblogic Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| BEA WebLogic Server and WebLogic Express 8.1 and 7.0, during a migration across operating system platforms, do not warn the administrative user about platform differences in URLResource case sensitivity, which might cause local users to inadvertently lose protection of Web Application pages. | |||||
| CVE-2004-2288 | 1 Jelsoft | 1 Vbulletin | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Jelsoft vBulletin allows remote attackers to spoof parts of a website via the loc parameter. | |||||
| CVE-2005-1814 | 1 Newmad Technologies | 1 Picowebserver | 2025-04-03 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in PicoWebServer 1.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long URL. | |||||
| CVE-2002-1834 | 1 Xerox | 2 Docutech 6110, Docutech 6115 | 2025-04-03 | 6.4 MEDIUM | N/A |
| The default configuration of Xerox DocuTech 6110 and DocuTech 6115 allows remote attackers to connect to the web server and (1) submit print jobs directly into the "print now" queue or (2) read the scanner job history. | |||||
| CVE-2004-1530 | 1 Rob Sutton | 1 Php-nuke Event Calendar | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Event Calendar module 2.13 for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the (1) eid or (2) cid parameters. | |||||