Total
29867 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-1087 | 1 Hp | 1 Hp-ux | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in diagmond and possibly other applications in HP9000 Series 700/800 running HP-UX B.11.00, B.11.04, B.11.11, and B.11.22 allows remote attackers to cause a denial of service (program failure) via certain network traffic. | |||||
| CVE-2004-1525 | 1 New Media Generation | 1 Hired Team Trial | 2025-04-03 | 5.0 MEDIUM | N/A |
| Hired Team: Trial 2.0 and earlier and 2.200 allows remote attackers to cause a denial of service (application crash) via the status command. | |||||
| CVE-2004-1817 | 1 Francisco Burzi | 1 Php-nuke | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in modules.php in Php-Nuke 7.1.0 allows remote attackers to inject arbitrary web script or HTML via the (1) Your Name field, (2) e-mail field, (3) nicname field, (4) fname parameter, (5) ratenum parameter, or (6) search field. | |||||
| CVE-2005-2252 | 1 Gianluca Baldo | 1 Phpauction | 2025-04-03 | 7.5 HIGH | N/A |
| PhpAuction 2.5 allows remote attackers to bypass authentication and gain privileges as another user by setting the PHPAUCTION_RM_ID cookie to the user ID. | |||||
| CVE-2003-0590 | 1 Splatt | 1 Splatt Forum | 2025-04-03 | 7.1 HIGH | N/A |
| Cross-site scripting (XSS) vulnerability in Splatt Forum allows remote attackers to insert arbitrary HTML and web script via the post icon (image_subject) field. | |||||
| CVE-2004-2479 | 1 National Science Foundation | 1 Squid Web Proxy Cache | 2025-04-03 | 5.0 MEDIUM | N/A |
| Squid Web Proxy Cache 2.5 might allow remote attackers to obtain sensitive information via URLs containing invalid hostnames that cause DNS operations to fail, which results in references to previously used error messages. | |||||
| CVE-2006-0637 | 1 Qualcomm | 1 Eudora Worldmail | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in cram.dll in QUALCOMM Eudora WorldMail 3.0 allows remote attackers to execute arbitrary code via an IMAP APPEND command with a long message literal argument, as demonstrated by Worldmail.pl. NOTE: this is a different vector and a different manipulation than CVE-2005-4267, so it might be a different vulnerability than CVE-2005-4267. | |||||
| CVE-2005-1046 | 1 Kde | 1 Kde | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the kimgio library for KDE 3.4.0 allows remote attackers to execute arbitrary code via a crafted PCX image file. | |||||
| CVE-2005-2952 | 1 Subscribe Me Pro | 1 Subscribe Me Pro | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in s.pl in Subscribe Me Pro 2.044.09P and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the l parameter. | |||||
| CVE-2006-1116 | 1 Ncipher | 1 Ncore | 2025-04-03 | 5.0 MEDIUM | N/A |
| The CBC-MAC integrity functions in the nCipher nCore API before 2.18 transmit the initialization vector IV as part of a message when the implementation uses a non-zero IV, which allows remote attackers to bypass integrity checks and modify messages without being detected. | |||||
| CVE-2005-4062 | 1 Xcent | 1 Xcclassified | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in CPSearch.asp in XcClassified 3.x allows remote attackers to inject arbitrary web script or HTML via the search parameters. | |||||
| CVE-2005-3618 | 1 Vmware | 1 Esx | 2025-04-03 | 7.6 HIGH | N/A |
| Cross-site request forgery (CSRF) vulnerability in the management interface for VMware ESX Server 2.0.x before 2.0.2 patch 1, 2.1.x before 2.1.3 patch 1, and 2.x before 2.5.3 patch 2 allows allows remote attackers to perform unauthorized actions as the administrator via URLs, as demonstrated using the setUsr operation to change a password. NOTE: this issue can be leveraged with CVE-2005-3619 to automatically perform the attacks. | |||||
| CVE-2002-2087 | 1 Borland Software | 1 Interbase | 2025-04-03 | 4.6 MEDIUM | N/A |
| Buffer overflow in Borland InterBase 6.0 allows local users to execute arbitrary code via a long INTERBASE environment variable when calling (1) gds_drop, (2) gds_lock_mgr, or (3) gds_inet_server. | |||||
| CVE-2000-0830 | 1 Microsoft | 1 Webtv | 2025-04-03 | 5.0 MEDIUM | N/A |
| annclist.exe in webTV for Windows allows remote attackers to cause a denial of service by via a large, malformed UDP packet to ports 22701 through 22705. | |||||
| CVE-1999-1377 | 1 Matt Wright | 1 Download.cgi | 2025-04-03 | 5.0 MEDIUM | N/A |
| Matt Wright's download.cgi 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the f parameter. | |||||
| CVE-2003-1117 | 1 Realnetworks | 2 Realsystem Proxy, Realsystem Server | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in RealSystem Server 6.x, 7.x and 8.x, and RealSystem Proxy 8.x, related to URL error handling, allows remote attackers to cause a denial of service and possibly execute arbitrary code. | |||||
| CVE-1999-0167 | 1 Sun | 1 Sunos | 2025-04-03 | 4.6 MEDIUM | N/A |
| In SunOS, NFS file handles could be guessed, giving unauthorized access to the exported file system. | |||||
| CVE-2005-1810 | 1 Wordpress | 1 Wordpress | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in template-functions-category.php in WordPress 1.5.1 allows remote attackers to execute arbitrary SQL commands via the $cat_ID variable, as demonstrated using the cat parameter to index.php. | |||||
| CVE-2001-0286 | 1 A1webserver | 1 Http Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in A1 HTTP server 1.0a allows remote attackers to read arbitrary files via a .. (dot dot) in an HTTP GET request. | |||||
| CVE-2006-0655 | 1 Hinton Design | 1 Phpht Topsites | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in (1) link_edited.php and (2) link_added.php in Hinton Design phpht Topsites 1.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||