Total
29866 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-4385 | 1 Apple | 1 Quicktime | 2025-04-03 | 5.1 MEDIUM | N/A |
| Buffer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted SGI image. | |||||
| CVE-2002-0095 | 1 Fraunhofer Fit | 1 Bscw | 2025-04-03 | 7.5 HIGH | N/A |
| The default configuration of BSCW (Basic Support for Cooperative Work) 3.x and possibly version 4 enables user self registration, which could allow remote attackers to upload files and possibly join a user community that was intended to be closed. | |||||
| CVE-2004-0407 | 1 Macromedia | 1 Coldfusion | 2025-04-03 | 2.6 LOW | N/A |
| The HTML form upload capability in ColdFusion MX 6.1 does not reclaim disk space if an upload is interrupted, which allows remote attackers to cause a denial of service (disk consumption) by repeatedly uploading files and interrupting the uploads before they finish. | |||||
| CVE-1999-1497 | 1 Ipswitch | 1 Imail | 2025-04-03 | 7.2 HIGH | N/A |
| Ipswitch IMail 5.0 and 6.0 uses weak encryption to store passwords in registry keys, which allows local attackers to read passwords for e-mail accounts. | |||||
| CVE-2001-1087 | 1 Network Appliance | 1 Netcache | 2025-04-03 | 7.5 HIGH | N/A |
| The default configuration of the config.http.tunnel.allow_ports option on NetCache devices is set to +all, which allows remote attackers to connect to arbitrary ports on remote systems behind the device. | |||||
| CVE-2001-0434 | 1 Compaq | 1 Presario | 2025-04-03 | 6.4 MEDIUM | N/A |
| The LogDataListToFile ActiveX function used in (1) Knowledge Center and (2) Back web components of Compaq Presario computers allows remote attackers to modify arbitrary files and cause a denial of service. | |||||
| CVE-2000-0290 | 1 4d | 1 Webstar Http Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Buffer overflow in Webstar HTTP server allows remote attackers to cause a denial of service via a long GET request. | |||||
| CVE-2002-0286 | 1 Sitenews | 1 Sitenews | 2025-04-03 | 7.5 HIGH | N/A |
| The GetPassword function in function.php of SiteNews 0.10 and 0.11 allows remote attackers to gain privileges and add users by providing a non-existent user name and the MD5 checksum for an empty password to add_user.php, which causes GetPassword to produce and compare a blank password for the non-existent user. | |||||
| CVE-2002-1866 | 1 Sws | 1 Sws Simple Web Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Simple Web Server (SWS) 0.0.4 through 0.1.0 does not close file descriptors for 404 error messages, which could allow remote attackers to cause a denial of service (file descriptor exhaustion) via multiple requests for pages that do not exist. | |||||
| CVE-2006-3367 | 1 Mp3netbox | 1 Mp3netbox | 2025-04-03 | 5.0 MEDIUM | N/A |
| Mp3 JudeBox Server (Mp3NetBox) Beta 1 stores config.inc under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information, including the database configuration. | |||||
| CVE-2005-2025 | 1 Cisco | 8 Vpn 3000 Concentrator, Vpn 3000 Concentrator Series Software, Vpn 3005 Concentrator Software and 5 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| Cisco VPN 3000 Concentrator before 4.1.7.F allows remote attackers to determine valid groupnames by sending an IKE Aggressive Mode packet with the groupname in the ID field, which generates a response if the groupname is valid, but does not generate a response for an invalid groupname. | |||||
| CVE-1999-0992 | 1 Hp | 1 Vvos | 2025-04-03 | 10.0 HIGH | N/A |
| HP VirtualVault with the PHSS_17692 patch allows unprivileged processes to bypass access restrictions via the Trusted Gateway Proxy (TGP). | |||||
| CVE-2000-0289 | 3 Debian, Linux, Redhat | 3 Debian Linux, Linux Kernel, Linux | 2025-04-03 | 5.0 MEDIUM | N/A |
| IP masquerading in Linux 2.2.x allows remote attackers to route UDP packets through the internal interface by modifying the external source IP address and port number to match those of an established connection. | |||||
| CVE-2000-1032 | 1 Checkpoint | 1 Firewall-1 | 2025-04-03 | 5.0 MEDIUM | N/A |
| The client authentication interface for Check Point Firewall-1 4.0 and earlier generates different error messages for invalid usernames versus invalid passwords, which allows remote attackers to identify valid usernames on the firewall. | |||||
| CVE-2005-0331 | 1 Rarlab | 1 Winrar | 2025-04-03 | 2.6 LOW | N/A |
| Directory traversal vulnerability in WinRAR 3.42 and earlier, when the user clicks on the ZIP file to extract it, allows remote attackers to create arbitrary files via a ... (triple dot) in the filename of the ZIP file. | |||||
| CVE-2005-0448 | 1 Larry Wall | 1 Perl | 2025-04-03 | 1.2 LOW | N/A |
| Race condition in the rmtree function in File::Path.pm in Perl before 5.8.4 allows local users to create arbitrary setuid binaries in the tree being deleted, a different vulnerability than CVE-2004-0452. | |||||
| CVE-2002-0691 | 1 Microsoft | 1 Internet Explorer | 2025-04-03 | 7.5 HIGH | N/A |
| Microsoft Internet Explorer 5.01 and 5.5 allows remote attackers to execute scripts in the Local Computer zone via a URL that references a local HTML resource file, a variant of "Cross-Site Scripting in Local HTML Resource" as identified by CAN-2002-0189. | |||||
| CVE-2006-4784 | 1 Moodle | 1 Moodle | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Moodle 1.6.1 and earlier might allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to (1) doc/index.php or (2) files/index.php. | |||||
| CVE-2005-0212 | 1 Amp | 1 Amp Ii 3d Game Engine | 2025-04-03 | 5.0 MEDIUM | N/A |
| The Amp II engine as used by Gore: Ultimate Soldier 1.50 and earlier allows remote attackers to cause a denial of service (infinite loop) via a zero byte UDP packet. | |||||
| CVE-2004-1358 | 1 Sun | 1 Solaris | 2025-04-03 | 5.0 MEDIUM | N/A |
| The patches (1) 114332-08 and (2) 114929-06 for Sun Solaris 9 disable the auditing functionality of the Basic Security Module (BSM), which allows attackers to avoid having their activity logged. | |||||