Total
29868 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-1349 | 1 Xlink Technology | 1 Omni-nfs X Enterprise | 2025-04-03 | 5.0 MEDIUM | N/A |
| NFS daemon (nfsd.exe) for Omni-NFS/X 6.1 allows remote attackers to cause a denial of service (resource exhaustion) via certain packets, possibly with the Urgent (URG) flag set, to port 111. | |||||
| CVE-2002-0295 | 1 Alcatel-lucent | 1 Omnipcx | 2025-04-03 | 4.6 MEDIUM | N/A |
| Alcatel OmniPCX 4400 installs files with world-writable permissions, which allows local users to reconfigure the system and possibly gain privileges. | |||||
| CVE-2004-1455 | 1 Xine | 1 Xine-lib | 2025-04-03 | 5.1 MEDIUM | N/A |
| Stack-based buffer overflow in Xine-lib-rc5 in xine-lib 1_rc5-r2 and earlier allows remote attackers to execute arbitrary code via crafted playlists that result in a long vcd:// URL. | |||||
| CVE-2001-1169 | 1 Bell Communications Research | 1 S Key | 2025-04-03 | 7.5 HIGH | N/A |
| keyinit in S/Key does not require authentication to initialize a one-time password sequence, which allows an attacker who has gained privileges to a user account to create new one-time passwords for use in other activities that may use S/Key authentication, such as sudo. | |||||
| CVE-2000-0364 | 1 Redhat | 1 Linux | 2025-04-03 | 4.6 MEDIUM | N/A |
| screen and rxvt in Red Hat Linux 6.0 do not properly set the modes of tty devices, which allows local users to write to other ttys. | |||||
| CVE-2003-0510 | 1 Ezbounce | 1 Ezbounce | 2025-04-03 | 7.5 HIGH | N/A |
| Format string vulnerability in ezbounce 1.0 through 1.50 allows remote attackers to execute arbitrary code via the "sessions" command. | |||||
| CVE-1999-1101 | 1 Kab Software | 1 Lydia | 2025-04-03 | 4.6 MEDIUM | N/A |
| Kabsoftware Lydia utility uses weak encryption to store user passwords in the lydia.ini file, which allows local users to easily decrypt the passwords and gain privileges. | |||||
| CVE-2004-0717 | 3 Linux, Microsoft, Opera | 3 Linux Kernel, Windows, Opera Browser | 2025-04-03 | 7.5 HIGH | N/A |
| Opera 7.51 for Windows and 7.50 for Linux does not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability. | |||||
| CVE-2006-1958 | 1 Wired Community Software | 1 Wwwthreads | 2025-04-03 | 6.4 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in WWWThreads RC 3 allow remote attackers to execute arbitrary SQL commands via (1) the forumreferrer cookie to register.php and (2) the messages parameter in message_list.php. | |||||
| CVE-2002-0217 | 1 Xoops | 1 Xoops | 2025-04-03 | 7.5 HIGH | N/A |
| Cross-site scripting (CSS) vulnerabilities in the Private Message System for XOOPS 1.0 RC1 allow remote attackers to execute Javascript on other web clients via (1) the Title field or a Private Message Box or (2) the image field parameter in pmlite.php. | |||||
| CVE-2000-0052 | 3 Mandrakesoft, Redhat, Turbolinux | 3 Mandrake Linux, Linux, Turbolinux | 2025-04-03 | 7.2 HIGH | N/A |
| Red Hat userhelper program in the usermode package allows local users to gain root access via PAM and a .. (dot dot) attack. | |||||
| CVE-2006-1801 | 1 Planet Concept | 1 Planetsearch\+ | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in planetsearchplus.php in planetSearch+ allows remote attackers to inject arbitrary web script or HTML via the search_exp parameter. | |||||
| CVE-2002-1349 | 1 Trend Micro | 2 Officescan, Pc-cillin | 2025-04-03 | 4.6 MEDIUM | N/A |
| Buffer overflow in pop3trap.exe for PC-cillin 2000, 2002, and 2003 allows local users to execute arbitrary code via a long input string to TCP port 110 (POP3). | |||||
| CVE-2004-1050 | 2 Avaya, Microsoft | 7 Definity One Media Server, Ip600 Media Servers, Modular Messaging Message Storage Server and 4 more | 2025-04-03 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in Internet Explorer 6 allows remote attackers to execute arbitrary code via long (1) SRC or (2) NAME attributes in IFRAME, FRAME, and EMBED elements, as originally discovered using the mangleme utility, aka "the IFRAME vulnerability" or the "HTML Elements Vulnerability." | |||||
| CVE-2002-1154 | 1 Stephen Turner | 1 Analog | 2025-04-03 | 5.0 MEDIUM | N/A |
| anlgform.pl in Analog before 5.23 does not restrict access to the PROGRESSFREQ progress update command, which allows remote attackers to cause a denial of service (disk consumption) by using the command to report updates more frequently and fill the web server error log. | |||||
| CVE-1999-0299 | 1 Freebsd | 1 Freebsd | 2025-04-03 | 9.3 HIGH | N/A |
| Buffer overflow in FreeBSD lpd through long DNS hostnames. | |||||
| CVE-2006-1575 | 1 Vscripts.pl | 1 Qlnews | 2025-04-03 | 6.8 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in news.php in QLnews 1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) autorx and (2) newsx parameters. | |||||
| CVE-2003-0446 | 1 Microsoft | 1 Internet Explorer | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) in Internet Explorer 5.5 and 6.0, possibly in a component that is also used by other Microsoft products, allows remote attackers to insert arbitrary web script via an XML file that contains a parse error, which inserts the script in the resulting error message. | |||||
| CVE-2006-1339 | 1 Cutephp | 1 Cutenews | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in inc/functions.inc.php in CuteNews 1.4.1 and possibly other versions, when register_globals is enabled, allows remote attackers to include arbitrary files via a .. (dot dot) sequence and trailing NULL (%00) byte in the archive parameter in an HTTP POST or COOKIE request, which bypasses a sanity check that is only applied to a GET request. | |||||
| CVE-2005-3884 | 1 Zainu | 1 Zainu | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in the search action in Zainu 2.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) term and (2) start parameters to index.php. | |||||