Total
29867 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-1190 | 1 Suse | 1 Suse Linux | 2025-04-03 | 2.1 LOW | N/A |
| SUSE Linux before 9.1 and SUSE Linux Enterprise Server before 9 do not properly check commands sent to CD devices that have been opened read-only, which could allow local users to conduct unauthorized write activities to modify the firmware of associated SCSI devices. | |||||
| CVE-2004-1618 | 1 Vypress | 1 Tonecast | 2025-04-03 | 5.0 MEDIUM | N/A |
| Vypress Tonecast 1.3 and earlier allows remote attackers to cause a denial of service (application crash) via a malformed mp2 stream. | |||||
| CVE-2005-1081 | 1 Azerbaijan Development Group | 1 Azdgdating | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in view.php in AzDGDatingPlatinum 1.1.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter. | |||||
| CVE-2000-1152 | 1 Be | 1 Beos | 2025-04-03 | 5.0 MEDIUM | N/A |
| Browser IRC client in BeOS r5 pro and earlier allows remote attackers to conduct a denial of service via a message that contains a long URL. | |||||
| CVE-2005-4814 | 1 Middlebury College | 1 Segue Cms | 2025-04-03 | 7.5 HIGH | N/A |
| Unrestricted file upload vulnerability in Segue CMS before 1.3.6, when the Apache HTTP Server handles .phtml files with the PHP interpreter, allows remote attackers to upload and execute arbitrary PHP code by placing .phtml files in the userfiles/ directory. | |||||
| CVE-2002-0463 | 1 Arsc Really Simple Chat | 1 Arsc Really Simple Chat | 2025-04-03 | 5.0 MEDIUM | N/A |
| home.php in ARSC (Really Simple Chat) 1.0.1 and earlier allows remote attackers to determine the full pathname of the web server via an invalid language in the arsc_language parameter, which leaks the pathname in an error message. | |||||
| CVE-2002-0087 | 1 Lotus | 1 Domino | 2025-04-03 | 2.1 LOW | N/A |
| bindsock in Lotus Domino 5.07 on Solaris allows local users to create arbitrary files via a symlink attack on temporary files. | |||||
| CVE-2006-0826 | 1 Xerox | 6 Workcentre 232, Workcentre 238, Workcentre 245 and 3 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in ESS/ Network Controller and MicroServer Web Server in Xerox WorkCentre Pro and Xerox WorkCentre running software 13.027.24.015 and 14.027.24.015 allows remote attackers to cause a denial of service via a crafted Postscript request. | |||||
| CVE-2001-1488 | 1 Open Projects Network | 1 Open Projects Network Ircd | 2025-04-03 | 5.0 MEDIUM | N/A |
| Open Projects Network Internet Relay Chat (IRC) daemon u2.10.05.18 does not perform a double-reverse DNS lookup, which allows remote attackers to spoof any valid hostname on the Internet. NOTE: a followup post suggests that this is not an issue in the daemon. | |||||
| CVE-2003-1363 | 1 Aprelium Technologies | 1 Abyss Web Server | 2025-04-03 | 6.4 MEDIUM | N/A |
| The remote web management interface of Aprelium Technologies Abyss Web Server 1.1.2 and earlier does not log connection attempts to the web management port (9999), which allows remote attackers to mount brute force attacks on the administration console without detection. | |||||
| CVE-2006-1736 | 1 Mozilla | 4 Firefox, Mozilla Suite, Seamonkey and 1 more | 2025-04-03 | 2.6 LOW | N/A |
| Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to trick users into downloading and saving an executable file via an image that is overlaid by a transparent image link that points to the executable, which causes the executable to be saved when the user clicks the "Save image as..." option. NOTE: this attack is made easier due to a GUI truncation issue that prevents the user from seeing the malicious extension when there is extra whitespace in the filename. | |||||
| CVE-1999-1174 | 1 Iomega | 1 Zip 100 Mb Drive | 2025-04-03 | 4.6 MEDIUM | N/A |
| ZIP drive for Iomega ZIP-100 disks allows attackers with physical access to the drive to bypass password protection by inserting a known disk with a known password, waiting for the ZIP drive to power down, manually replacing the known disk with the target disk, and using the known password to access the target disk. | |||||
| CVE-2002-0616 | 1 Microsoft | 2 Excel, Office | 2025-04-03 | 5.1 MEDIUM | N/A |
| The Macro Security Model in Microsoft Excel 2000 and 2002 for Windows allows remote attackers to execute code by attaching an inline macro to an object within an Excel workbook, aka the "Excel Inline Macros Vulnerability." | |||||
| CVE-2006-0048 | 1 Francesco Stablum | 1 Tcpick | 2025-04-03 | 5.0 MEDIUM | N/A |
| Francesco Stablum tcpick 0.2.1 allows remote attackers to cause a denial of service (segmentation fault) via certain fragmented packets, possibly involving invalid headers and an attacker-controlled payload length. NOTE: this issue might be a buffer overflow or overread. | |||||
| CVE-2004-2654 | 1 Squid | 1 Squid | 2025-04-03 | 5.0 MEDIUM | N/A |
| The clientAbortBody function in client_side.c in Squid Web Proxy Cache before 2.6 STABLE6 allows remote attackers to cause a denial of service (segmentation fault) via unspecified vectors that trigger a null dereference. NOTE: in a followup advisory, a researcher claimed that the issue was a buffer overflow that was not fixed in STABLE6. However, the vendor's bug report clearly shows that the researcher later retracted this claim, because the tested product was actually STABLE5. | |||||
| CVE-2001-0162 | 1 Microsoft | 1 Windows Embedded Compact | 2025-04-03 | 7.5 HIGH | N/A |
| WinCE 3.0.9348 generates predictable TCP Initial Sequence Numbers (ISNs), which allows remote attackers to spoof or hijack TCP connections. | |||||
| CVE-2003-0335 | 1 Slackware | 1 Slackware Linux | 2025-04-03 | 7.5 HIGH | N/A |
| rc.M in Slackware 9.0 calls quotacheck with the -M option, which causes the filesystem to be remounted and possibly reset security-relevant mount flags such as nosuid, nodev, and noexec. | |||||
| CVE-1999-0922 | 1 Allaire | 1 Coldfusion Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| An example application in ColdFusion Server 4.0 allows remote attackers to view source code via the sourcewindow.cfm file. | |||||
| CVE-2002-1964 | 1 Wesmo | 1 Phpeventcalendar | 2025-04-03 | 7.5 HIGH | N/A |
| Unknown vulnerability in WesMo phpEventCalendar 1.1 allows remote attackers to execute arbitrary commands via unknown attack vectors. | |||||
| CVE-2005-2313 | 1 Checkpoint | 1 Secureclient Ng | 2025-04-03 | 7.2 HIGH | N/A |
| Check Point SecuRemote NG with Application Intelligence R54 allows attackers to obtain credentials and gain privileges via unknown attack vectors. | |||||