Total
29868 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-1367 | 1 Microsoft | 1 Internet Explorer | 2025-04-03 | 4.6 MEDIUM | N/A |
| Internet Explorer 5.0 does not properly reset the username/password cache for Web sites that do not use standard cache controls, which could allow users on the same system to access restricted web sites that were visited by other users. | |||||
| CVE-2001-1171 | 1 Checkpoint | 1 Firewall-1 | 2025-04-03 | 7.2 HIGH | N/A |
| Check Point Firewall-1 3.0b through 4.0 SP1 follows symlinks and creates a world-writable temporary .cpp file when compiling Policy rules, which could allow local users to gain privileges or modify the firewall policy. | |||||
| CVE-2006-1692 | 1 Manic Web | 1 Mwnewsletter | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in MWNewsletter 1.0.0b allow remote attackers to execute arbitrary SQL commands via the (1) user_email parameter to (a) unsubscribe.php or (b) subscribe.php; or the (2) user_name parameter to subscribe.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information, although it is likely that this was discovered during post-disclosure analysis. | |||||
| CVE-2006-2401 | 1 Outgun | 1 Outgun | 2025-04-03 | 7.8 HIGH | N/A |
| The leetnet functions (leetnet/rudp.cpp) in Outgun 1.0.3 bot 2 and earlier allow remote attackers to cause a denial of service (application crash) via packets with incorrect message sizes, which triggers a buffer over-read. | |||||
| CVE-2005-2918 | 1 Gtkdiskfree | 1 Gtkdiskfree | 2025-04-03 | 5.0 MEDIUM | N/A |
| The open_cmd_tube function in mount.c for gtkdiskfree 1.9.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on the gtkdiskfree temporary file. | |||||
| CVE-2002-0913 | 1 Stephen Hebditch | 1 Slurp | 2025-04-03 | 7.5 HIGH | N/A |
| Format string vulnerability in log_doit function of Slurp NNTP client 1.1.0 allows a malicious news server to execute arbitrary code on the client via format strings in a server response. | |||||
| CVE-2004-2337 | 1 Inlook | 1 Inlook | 2025-04-03 | 2.1 LOW | N/A |
| The /.inlook/.crypt file for inlook 0.7.3 and earlier is installed with world readable permissions, which allows local users to obtain user POP3 credentials. | |||||
| CVE-2004-0153 | 1 Emil | 1 Emil | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple format string vulnerabilities in emil 2.1.0 and earlier may allow remote attackers to execute arbitrary code by triggering certain error messages. | |||||
| CVE-2002-1289 | 1 Microsoft | 1 Java Virtual Machine | 2025-04-03 | 7.5 HIGH | N/A |
| The Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to read restricted process memory, cause a denial of service (crash), and possibly execute arbitrary code via the getNativeServices function, which creates an instance of the com.ms.awt.peer.INativeServices (INativeServices) class, whose methods do not verify the memory addresses that are passed as parameters. | |||||
| CVE-2005-0719 | 1 Hp | 1 Tru64 | 2025-04-03 | 2.1 LOW | N/A |
| Unknown vulnerability in the systems message queue in HP Tru64 Unix 4.0F PK8 through 5.1B-2/PK4 allows local users to cause a denial of service (process crash) for processes such as nfsstat, pfstat, arp, ogated, rarpd, route, sendmail, srconfig, strsetup, trpt, netstat, and xntpd. | |||||
| CVE-2003-1148 | 1 Les Visiteurs | 1 Les Visiteurs | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in J-Pierre DEZELUS Les Visiteurs 2.0.1, as used in phpMyConferences (phpMyConference) 8.0.2 and possibly other products, allow remote attackers to execute arbitrary PHP code via a URL in the lvc_include_dir parameter to (1) config.inc.php or (2) new-visitor.inc.php in common/visiteurs/include/. | |||||
| CVE-2005-1999 | 1 Php Arena | 1 Pafiledb | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in pafiledb.php in paFileDB 3.1 allow remote attackers to inject arbitrary web script or HTML via the (1) sortby or (2) filelist parameters to the category action (category.php), or (3) pages parameter in the viewall action (viewall.php). | |||||
| CVE-2006-4982 | 1 Cisco | 1 Network Access Control | 2025-04-03 | 4.6 MEDIUM | N/A |
| Cisco NAC maintains an exception list that does not record device properties other than MAC address, which allows physically proximate attackers to bypass control methods and join a local network by spoofing the MAC address of a different type of device, as demonstrated by using the MAC address of a disconnected printer. | |||||
| CVE-2004-1160 | 1 Netscape | 1 Navigator | 2025-04-03 | 7.5 HIGH | N/A |
| Netscape 7.x to 7.2, and possibly other versions, allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the "window injection" vulnerability. | |||||
| CVE-2005-3123 | 1 Gnu | 1 Gnump3d | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in GNUMP3D before 2.9.6 allows remote attackers to read arbitrary files via crafted sequences such as "/.//..//////././", which is collapsed into "/.././" after ".." and "//" sequences are removed. | |||||
| CVE-2005-2804 | 1 Novell | 1 Groupwise | 2025-04-03 | 5.0 MEDIUM | N/A |
| Integer overflow in the registry parsing code in GroupWise 6.5.3, and possibly earlier version, allows remote attackers to cause a denial of service (application crash) via a large TCP/IP port in the Windows registry key. | |||||
| CVE-2003-1256 | 1 E-theni | 1 E-theni | 2025-04-03 | 6.8 MEDIUM | N/A |
| aff_liste_langue.php in E-theni allows remote attackers to execute arbitrary PHP code by modifying the rep_include parameter to reference a URL on a remote web server that contains para_langue.php. | |||||
| CVE-2001-1277 | 1 Wolfram Schneider | 1 Makewhatis | 2025-04-03 | 2.1 LOW | N/A |
| makewhatis in the man package before 1.5i2 allows an attacker in group man to overwrite arbitrary files via a man page whose name contains shell metacharacters. | |||||
| CVE-2003-1053 | 1 Xshisen | 1 Xshisen | 2025-04-03 | 4.6 MEDIUM | N/A |
| Multiple buffer overflows in XShisen allow attackers to execute arbitrary code via a long (1) -KCONV command line option or (2) XSHISENLIB environment variable. | |||||
| CVE-2006-3950 | 1 X-scripts | 1 X-statistics | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in x-statistics.php in X-Scripts X-Statistics 1.20 allows remote attackers to execute arbitrary SQL commands via the User-Agent HTTP header. | |||||