Total
29867 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-0219 | 1 Hp | 1 Hp-ux | 2025-04-03 | 2.1 LOW | N/A |
| Vulnerability in Support Tools Manager (xstm,cstm,stm) in HP-UX 11.11 and earlier allows local users to cause a denial of service. | |||||
| CVE-2006-2255 | 1 Creative Software | 1 Community Portal | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Creative Community Portal 1.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) article_id parameter to (a) ArticleView.php, (2) forum_id parameter to (b) DiscView.php or (c) Discussions.php, (3) event_id parameter to (d) EventView.php, (4) AddVote and (5) answer_id parameter to (e) PollResults.php, or (7) mid parameter to (f) DiscReply.php. | |||||
| CVE-2002-1679 | 1 Jelsoft | 1 Vbulletin | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Jelsoft vBulletin 2.2.0 allows remote attackers to execute arbitrary script as other users by injecting script into a bulletin board message. | |||||
| CVE-2005-3508 | 1 Galerie | 1 Galerie | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in showGallery.php in Gallery (Galerie) 2.4 allows remote attackers to execute arbitrary SQL commands via the galid parameter. | |||||
| CVE-2005-4775 | 1 Michael Scholz | 1 Contineo | 2025-04-03 | 5.0 MEDIUM | N/A |
| Michael Scholz and Sebastian Stein Contineo 2.0, when the admin account lacks an e-mail address attribute, displays the password hash in a warning upon page reload, which might allow remote attackers to view the hash. | |||||
| CVE-2000-0610 | 1 Netwin | 2 Cwmail, Dmailweb | 2025-04-03 | 5.0 MEDIUM | N/A |
| NetWin dMailWeb and cwMail 2.6g and earlier allows remote attackers to bypass authentication and use the server for mail relay via a username that contains a carriage return. | |||||
| CVE-2004-0708 | 1 Moinmoin | 1 Moinmoin | 2025-04-03 | 7.5 HIGH | N/A |
| MoinMoin 1.2.1 and earlier allows remote attackers to gain privileges by creating a user with the same name as an existing group that has higher privileges. | |||||
| CVE-2006-0376 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2025-04-03 | 7.5 HIGH | N/A |
| The 802.11 wireless client in certain operating systems including Windows 2000, Windows XP, and Windows Server 2003 does not warn the user when (1) it establishes an association with a station in ad hoc (aka peer-to-peer) mode or (2) a station in ad hoc mode establishes an association with it, which allows remote attackers to put unexpected wireless communication into place. | |||||
| CVE-1999-0215 | 1 Sgi | 1 Irix | 2025-04-03 | 6.4 MEDIUM | N/A |
| Routed allows attackers to append data to files. | |||||
| CVE-2003-0686 | 2 Dave Airlie, Redhat | 2 Pam Smb, Pam Smb | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in PAM SMB module (pam_smb) 1.1.6 and earlier, when authenticating to a remote service, allows remote attackers to execute arbitrary code. | |||||
| CVE-2006-4107 | 1 Drupal | 1 Job Search | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Job Search module (job.module) 4.6 before revision 1.3.2.1 in Drupal allows remote attackers to execute arbitrary SQL commands via a job or resume search. | |||||
| CVE-2000-0519 | 1 Microsoft | 2 Ie, Internet Explorer | 2025-04-03 | 2.6 LOW | N/A |
| Internet Explorer 4.x and 5.x does not properly re-validate an SSL certificate if the user establishes a new SSL session with the same server during the same Internet Explorer session, aka one of two different "SSL Certificate Validation" vulnerabilities. | |||||
| CVE-2006-4645 | 1 Akarru | 1 Social Bookmarking Engine | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in akarru.gui/main_content.php in Akarru Social BookMarking Engine 0.4.3.34 and earlier, and possibly 0.4.4.120, allows remote attackers to execute arbitrary PHP code via a URL in the bm_content parameter. | |||||
| CVE-1999-0695 | 1 Sybase | 1 Powerdynamo | 2025-04-03 | 5.0 MEDIUM | N/A |
| The Sybase PowerDynamo personal web server allows attackers to read arbitrary files through a .. (dot dot) attack. | |||||
| CVE-2005-1997 | 1 Mcgallery | 1 Mcgallery | 2025-04-03 | 5.0 MEDIUM | N/A |
| show.php in McGallery 1.1 allows remote attackers to connect to arbitrary databases, or gain sensitive information by triggering an error, via a modified host parameter. | |||||
| CVE-2003-0796 | 1 Sgi | 1 Irix | 2025-04-03 | 7.5 HIGH | N/A |
| Unknown vulnerability in rpc.mountd SGI IRIX 6.5.18 through 6.5.22 allows remote attackers to mount from unprivileged ports even with the -n option disabled. | |||||
| CVE-2001-0770 | 1 Steve Poulsen | 1 Guildftpd | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in GuildFTPd Server 0.97 allows remote attacker to execute arbitrary code via a long SITE command. | |||||
| CVE-2006-4971 | 1 Mybulletinboard | 1 Mybulletinboard | 2025-04-03 | 5.0 MEDIUM | N/A |
| MyBB (aka MyBulletinBoard) allows remote attackers to obtain sensitive information via a direct request for inc/plugins/hello.php, which reveals the path in an error message. | |||||
| CVE-2006-3250 | 1 Microsoft | 1 Windows Live Messenger | 2025-04-03 | 5.1 MEDIUM | N/A |
| Heap-based buffer overflow in Windows Live Messenger 8.0 allows user-assisted attackers to execute arbitrary code via a crafted Contact List (.ctt) file, which triggers the overflow when it is imported by the user. | |||||
| CVE-2004-1454 | 1 Cisco | 1 Ios | 2025-04-03 | 5.0 MEDIUM | N/A |
| Cisco IOS 12.0S, 12.2, and 12.3, with Open Shortest Path First (OSPF) enabled, allows remote attackers to cause a denial of service (device reload) via a malformed OSPF packet. | |||||