Total
29866 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-2002 | 1 Compaq | 1 Tru64 | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in libc in Compaq Tru64 4.0F, 5.0, 5.1 and 5.1A allows attackers to execute arbitrary code via long (1) LANG and (2) LOCPATH environment variables. | |||||
| CVE-2005-2061 | 1 Ubbcentral | 1 Ubb.threads | 2025-04-03 | 5.0 MEDIUM | N/A |
| Infopop UBB.Threads before 6.5.2 Beta allows remote attackers to include arbitrary files via the language parameter in a cookie followed by a null (%00) byte. | |||||
| CVE-2006-3735 | 1 Mail2forum | 1 Mail2forum | 2025-04-03 | 5.1 MEDIUM | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Mail2Forum (module for phpBB) 1.2 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the m2f_root_path parameter to (1) m2f/m2f_phpbb204.php, (2) m2f/m2f_forum.php, (3) m2f/m2f_mailinglist.php or (4) m2f/m2f_cron.php. | |||||
| CVE-2004-1947 | 1 Softwin | 1 Bitdefender | 2025-04-03 | 5.0 MEDIUM | N/A |
| The AVXSCANONLINE.AvxScanOnlineCtrl.1 ActiveX control in BitDefender Scan Online allows remote attackers to (1) obtain sensitive information such as system drives and contents or (2) use the RequestFile method to download and execute arbitrary code via an object codebase that uses bitdefender.cab. | |||||
| CVE-2006-0198 | 1 Xoops | 1 Xoops Pool Module | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in a certain module, possibly poll or Pool, for XOOPS allows remote attackers to inject arbitrary web script or HTML via JavaScript in the SRC attribute of an IMG element in a comment. | |||||
| CVE-2002-1183 | 1 Microsoft | 3 Windows 98, Windows 98se, Windows Nt | 2025-04-03 | 7.5 HIGH | N/A |
| Microsoft Windows 98 and Windows NT 4.0 do not properly verify the Basic Constraints of digital certificates, allowing remote attackers to execute code, aka "New Variant of Certificate Validation Flaw Could Enable Identity Spoofing" (CAN-2002-0862). | |||||
| CVE-2006-3752 | 1 Professional Home Page Tools | 1 Professional Home Page Tools Guestbook | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in class.php in Professional Home Page Tools Guestbook allow remote attackers to execute arbitrary SQL commands via the (1) hidemail, (2) name, (3) mail, (4) ip, or (5) text parameters. | |||||
| CVE-2005-1792 | 1 Microsoft | 1 Windows Xp | 2025-04-03 | 5.0 MEDIUM | N/A |
| Memory leak in Windows Management Instrumentation (WMI) service allows attackers to cause a denial of service (memory consumption and crash) by creating security contexts more quickly than they can be cleared from the RPC cache. | |||||
| CVE-2005-4756 | 1 Bea | 1 Weblogic Server | 2025-04-03 | 7.5 HIGH | N/A |
| BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, and 7.0 SP5 and earlier, do not properly validate derived Principals with multiple PrincipalValidators, which might allow attackers to gain privileges. | |||||
| CVE-2000-0797 | 1 Sgi | 1 Irix | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in gr_osview in IRIX 6.2 and 6.3 allows local users to gain privileges via a long -D option. | |||||
| CVE-2003-0145 | 1 Lbl | 1 Tcpdump | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in tcpdump before 3.7.2 related to an inability to "Handle unknown RADIUS attributes properly," allows remote attackers to cause a denial of service (infinite loop), a different vulnerability than CAN-2003-0093. | |||||
| CVE-2004-1544 | 1 Jspwiki | 1 Jspwiki | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Search.jsp in JSPWiki 2.1.120-cvs and earlier allows remote attackers to execute arbitrary web script as other users via the query parameter. | |||||
| CVE-2006-0554 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 1.7 LOW | N/A |
| Linux kernel 2.6 before 2.6.15.5 allows local users to obtain sensitive information via a crafted XFS ftruncate call, which may return stale data. | |||||
| CVE-2002-0164 | 1 Caldera | 2 Openlinux Server, Openlinux Workstation | 2025-04-03 | 4.6 MEDIUM | N/A |
| Vulnerability in the MIT-SHM extension of the X server on Linux (XFree86) 4.2.1 and earlier allows local users to read and write arbitrary shared memory, possibly to cause a denial of service or gain privileges. | |||||
| CVE-2001-0562 | 1 Drummond Miles | 1 A1stats | 2025-04-03 | 7.5 HIGH | N/A |
| a1disp.cgi program in Drummond Miles A1Stats prior to 1.6 allows a remote attacker to execute commands via a specially crafted URL which includes shell metacharacters. | |||||
| CVE-2004-0636 | 1 Aol | 1 Instant Messenger | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in the goaway function in the aim:goaway URI handler for AOL Instant Messenger (AIM) 5.5, including 5.5.3595, allows remote attackers to execute arbitrary code via a long Away message. | |||||
| CVE-2003-1114 | 1 Mediatrix Telecom | 1 Voip Access Devices And Gateways | 2025-04-03 | 7.5 HIGH | N/A |
| The Session Initiation Protocol (SIP) implementation in Mediatrix Telecom VoIP Access Devices and Gateways running SIPv2.4 and SIPv4.3 firmware allows remote attackers to cause a denial of service or execute arbitrary code via crafted INVITE messages, as demonstrated by the OUSPG PROTOS c07-sip test suite. | |||||
| CVE-2005-1404 | 1 Myphp Forum | 1 Myphp Forum | 2025-04-03 | 5.0 MEDIUM | N/A |
| MyPHP Forum 1.0 allows remote attackers to spoof the username by modifying the (1) nbuser parameter to post.php or (2) sender parameter to privmsg.php. | |||||
| CVE-2006-3180 | 1 Swsoft | 1 Confixx | 2025-04-03 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in ftp_index.php in Confixx Pro 3.0 allows remote attackers to inject arbitrary web script or HTML via the path parameter. | |||||
| CVE-2005-0415 | 1 Ulrik Petersen | 1 Emdros Database Engine | 2025-04-03 | 5.0 MEDIUM | N/A |
| Multiple memory leaks in the MQL parser in Emdros before 1.1.22 allow remote attackers to cause a denial of service (memory consumption) via malformed MQL statements. | |||||