Total
29867 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0014 | 1 Michael Lamont | 1 Savant Webserver | 2025-04-03 | 5.0 MEDIUM | N/A |
| Denial of service in Savant web server via a null character in the requested URL. | |||||
| CVE-2002-1988 | 1 Caucho Technology | 1 Resin | 2025-04-03 | 5.0 MEDIUM | N/A |
| Resin 2.1.1 allows remote attackers to cause a denial of service (memory consumption and hang) via a URL with long variables for non-existent resources. | |||||
| CVE-2001-0825 | 1 Xinetd | 1 Xinetd | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in internal string handling routines of xinetd before 2.1.8.8 allows remote attackers to execute arbitrary commands via a length argument of zero or less, which disables the length check. | |||||
| CVE-1999-0404 | 1 Smartmax Software | 1 Mailmax | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the Mail-Max SMTP server for Windows systems allows remote command execution. | |||||
| CVE-2004-1524 | 1 New Media Generation | 1 Hired Team Trial | 2025-04-03 | 5.0 MEDIUM | N/A |
| Hired Team: Trial 2.0 and earlier and 2.200 allows remote attackers to cause a denial of service (game interruption) via a malformed UDP packet sent to a game port, such as port 29200. | |||||
| CVE-2005-1057 | 1 Cisco | 1 Ios | 2025-04-03 | 7.5 HIGH | N/A |
| Cisco IOS 12.2T, 12.3 and 12.3T, when using Easy VPN Server XAUTH version 6 authentication, allows remote attackers to bypass authentication via a "malformed packet." | |||||
| CVE-2001-0378 | 1 Openbsd | 1 Openbsd | 2025-04-03 | 2.1 LOW | N/A |
| readline prior to 4.1, in OpenBSD 2.8 and earlier, creates history files with insecure permissions, which allows a local attacker to recover potentially sensitive information via readline history files. | |||||
| CVE-2002-0783 | 1 Opera Software | 1 Opera Web Browser | 2025-04-03 | 7.5 HIGH | N/A |
| Opera 6.01, 6.0, and 5.12 allows remote attackers to execute arbitrary JavaScript in the security context of other sites by setting the location of a frame or iframe to a Javascript: URL. | |||||
| CVE-1999-0754 | 1 Isc | 1 Inn | 2025-04-03 | 10.0 HIGH | N/A |
| The INN inndstart program allows local users to gain privileges by specifying an alternate configuration file using the INNCONF environmental variable. | |||||
| CVE-2005-3448 | 1 Oracle | 1 Application Server | 2025-04-03 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the OC4J Module in Oracle Application Server 9.0 up to 10.1.2.0.2 has unknown impact and attack vectors, as identified by Oracle Vuln# AS01. | |||||
| CVE-1999-0464 | 1 Tripwire | 1 Tripwire | 2025-04-03 | 2.1 LOW | N/A |
| Local users can perform a denial of service in Tripwire 1.2 and earlier using long filenames. | |||||
| CVE-2000-0964 | 1 Siemens | 1 Hinet Lp | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in the web administration service for the HiNet LP5100 IP-phone allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long GET request. | |||||
| CVE-2005-4304 | 1 Indexcor | 1 Ezdatabase | 2025-04-03 | 5.0 MEDIUM | N/A |
| index.php in ezDatabase 2.1.2 and earlier allows remote attackers to obtain sensitive information via an invalid cat_id parameter, which leaks the full pathname in an error message. NOTE: these details are uncertain because the original report has terminology problems and lack of relevant details. The description is based partially on feedback comments. | |||||
| CVE-2004-2273 | 1 Evan Sims | 1 Effingerd | 2025-04-03 | 5.0 MEDIUM | N/A |
| efFingerD 0.2.12 allows remote attackers to cause a denial of service (daemon crash) via a packet with a single byte, which triggers a "Wrong protocol or connection state" error. | |||||
| CVE-2005-4409 | 1 Mmbase | 1 Mmbase | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in MMBase 1.7.4 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters. | |||||
| CVE-2006-2842 | 1 Squirrelmail | 1 Squirrelmail | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in functions/plugin.php in SquirrelMail 1.4.6 and earlier, if register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary PHP code via a URL in the plugins array parameter. NOTE: this issue has been disputed by third parties, who state that Squirrelmail provides prominent warnings to the administrator when register_globals is enabled. Since the varieties of administrator negligence are uncountable, perhaps this type of issue should not be included in CVE. However, the original developer has posted a security advisory, so there might be relevant real-world environments under which this vulnerability is applicable | |||||
| CVE-2006-2211 | 1 321soft | 1 Php-gallery | 2025-04-03 | 5.0 MEDIUM | N/A |
| Absolute path traversal vulnerability in index.php in 321soft PhP-Gallery 0.9 allows remote attackers to browse arbitrary directories via the path parameter. | |||||
| CVE-2001-1261 | 1 Avaya | 1 Argent Office | 2025-04-03 | 5.0 MEDIUM | N/A |
| Avaya Argent Office 2.1 may allow remote attackers to change hold music by spoofing a legitimate server's response to a TFTP broadcast and providing an alternate HoldMusic file. | |||||
| CVE-2005-3096 | 1 Avi Alkalay | 1 Nslookup.cgi | 2025-04-03 | 7.5 HIGH | N/A |
| Avi Alkalay nslookup.cgi program, dated 16 June 2002, allows remote attackers to execute arbitrary commands via shell metacharacters in the query parameter. | |||||
| CVE-2004-0355 | 1 Invision Power Services | 1 Invision Board | 2025-04-03 | 5.0 MEDIUM | N/A |
| Invision Power Board 1.3 Final allows remote attackers to gain sensitive information by selecting a file for "Personal Photo" that is not an image file, which displays the installation path in an error message. | |||||