Total
29868 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0708 | 1 Pragma Systems | 1 Telnetserver | 2025-04-03 | 5.0 MEDIUM | N/A |
| Buffer overflow in Pragma Systems TelnetServer 2000 version 4.0 allows remote attackers to cause a denial of service via a long series of null characters to the rexec port. | |||||
| CVE-2003-1145 | 1 Openautoclassifieds | 1 Openautoclassifieds | 2025-04-03 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in friendmail.php in OpenAutoClassifieds 1.0 allows remote attackers to inject arbitrary web script or HTML via the listing parameter. | |||||
| CVE-2005-2039 | 1 Nanoblogger | 1 Nanoblogger | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in "various plugins" for NanoBlogger 3.2.1 and earlier allows remote attackers to execute arbitrary commands. | |||||
| CVE-2000-0942 | 1 Microsoft | 1 Indexing Service | 2025-04-03 | 5.1 MEDIUM | N/A |
| The CiWebHitsFile component in Microsoft Indexing Services for Windows 2000 allows remote attackers to conduct a cross site scripting (CSS) attack via a CiRestriction parameter in a .htw request, aka the "Indexing Services Cross Site Scripting" vulnerability. | |||||
| CVE-2006-2287 | 1 Vision Source | 1 Vision Source Cms | 2025-04-03 | 5.8 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Vision Source 0.6 and earlier allow remote attackers to inject arbitrary web script or HTML via the fields in a user's profile. | |||||
| CVE-2005-3085 | 1 Riverdark Studios | 1 Rss Syndicator Module | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in rss.php in Riverdark Studios RSS Syndicator module 2.1.7 allow remote attackers to inject arbitrary web script or HTML via the (1) forum or (2) topic parameters. | |||||
| CVE-2001-0457 | 1 Debian | 1 Debian Linux | 2025-04-03 | 5.0 MEDIUM | N/A |
| man2html before 1.5-22 allows remote attackers to cause a denial of service (memory exhaustion). | |||||
| CVE-2003-0491 | 1 Mytutorials | 1 Tutorials | 2025-04-03 | 7.5 HIGH | N/A |
| The Tutorials 2.0 module in XOOPS and E-XOOPS allows remote attackers to execute arbitrary code by uploading a PHP file without a MIME image type, then directly accessing the uploaded file. | |||||
| CVE-2004-2501 | 1 Mailenable | 2 Mailenable Enterprise, Mailenable Professional | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the IMAP service of MailEnable Professional Edition 1.52 and Enterprise Edition 1.01 allows remote attackers to execute arbitrary code via (1) a long command string or (2) a long string to the MEIMAP service and then terminating the connection. | |||||
| CVE-2006-1235 | 1 David Ravenscroft | 1 Hithost | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in admin/deleteuser.php in HitHost 1.0.0 might allow remote attackers to delete directories (possibly only empty directories) via the $deleteuser variable. NOTE: the initial disclosure for this issue indicated that the researcher was unable to prove this issue; however, this might have been due to certain behaviors of rmdir. | |||||
| CVE-2006-4981 | 1 Symantec | 1 Sygate Network Access Control | 2025-04-03 | 4.6 MEDIUM | N/A |
| Symantec Sygate NAC allows physically proximate attackers to bypass control methods and join a local network by selecting a forged MAC address associated with an exception rule that (1) permits all non-Windows devices or (2) whitelists certain sets of Organizationally Unique Identifiers (OUIs). | |||||
| CVE-2004-2506 | 1 Wikindx | 1 Wikindx | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unparsed web content delivery vulnerability in WIKINDX before 0.9.9g allows remote attackers to obtain sensitive information via a direct HTTP request to the config.inc file. | |||||
| CVE-2005-1839 | 1 Liberum | 1 Liberum Help Desk | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Doug Luxem Liberum Help Desk 0.97.3 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) view.asp or (2) print.asp or (3) edit parameter to register.asp. | |||||
| CVE-2002-0901 | 1 Amanda | 1 Amanda | 2025-04-03 | 10.0 HIGH | N/A |
| Multiple buffer overflows in Advanced Maryland Automatic Network Disk Archiver (AMANDA) 2.3.0.4 allow (1) remote attackers to execute arbitrary code via long commands to the amindexd daemon, or certain local users to execute arbitrary code via long command line arguments to the programs (2) amcheck, (3) amgetidx, (4) amtrmidx, (5) createindex-dump, or (6) createindex-gnutar. | |||||
| CVE-2001-1392 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 2.1 LOW | N/A |
| The Linux kernel before 2.2.19 does not have unregister calls for (1) CPUID and (2) MSR drivers, which could cause a DoS (crash) by unloading and reloading the drivers. | |||||
| CVE-2000-0371 | 1 Kde | 1 Kde | 2025-04-03 | 1.2 LOW | N/A |
| The libmediatool library used for the KDE mediatool allows local users to create arbitrary files via a symlink attack. | |||||
| CVE-2000-0160 | 1 Microsoft | 3 Ie, Internet Explorer, Outlook | 2025-04-03 | 7.6 HIGH | N/A |
| The Microsoft Active Setup ActiveX component in Internet Explorer 4.x and 5.x allows a remote attacker to install software components without prompting the user by stating that the software's manufacturer is Microsoft. | |||||
| CVE-2002-1783 | 1 Php | 1 Php | 2025-04-03 | 5.0 MEDIUM | N/A |
| CRLF injection vulnerability in PHP 4.2.1 through 4.2.3, when allow_url_fopen is enabled, allows remote attackers to modify HTTP headers for outgoing requests by causing CRLF sequences to be injected into arguments that are passed to the (1) fopen or (2) file functions. | |||||
| CVE-2005-3688 | 1 Xmb Forum | 1 Xmb | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in members.php in XMB 1.9.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the "Your Current Mood" field in the registration page. | |||||
| CVE-2004-2469 | 1 Brickhost | 1 Phpscheduleit | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Reservation.class.php for phpScheduleIt 1.01 and earlier allows attackers to modify or delete reservations. | |||||