Total
29866 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-0958 | 1 Todd Miller | 1 Sudo | 2025-04-03 | 7.2 HIGH | N/A |
| sudo 1.5.x allows local users to execute arbitrary commands via a .. (dot dot) attack. | |||||
| CVE-2006-3487 | 1 Virtuastore | 1 Virtuastore | 2025-04-03 | 5.0 MEDIUM | N/A |
| VirtuaStore 2.0 stores sensitive files under the web root with insufficient access control, which allows remote attackers to obtain local database information by directly accessing database/virtuastore.mdb. | |||||
| CVE-2005-4501 | 1 Mediawiki | 1 Mediawiki | 2025-04-03 | 4.3 MEDIUM | N/A |
| MediaWiki before 1.5.4 uses a hard-coded "internal placeholder string", which allows remote attackers to bypass protection against cross-site scripting (XSS) attacks and execute Javascript using inline style attributes, which are processed by Internet Explorer. | |||||
| CVE-2004-0833 | 1 Debian | 1 Debian Linux | 2025-04-03 | 7.5 HIGH | N/A |
| Sendmail before 8.12.3 on Debian GNU/Linux, when using sasl and sasl-bin, uses a Sendmail configuration script with a fixed username and password, which could allow remote attackers to use Sendmail as an open mail relay and send spam messages. | |||||
| CVE-2001-1239 | 1 Connect Inc. | 1 Powernet Ix | 2025-04-03 | 5.0 MEDIUM | N/A |
| PowerNet IX allows remote attackers to cause a denial of service via a port scan. | |||||
| CVE-2000-0130 | 1 Sco | 1 Unixware | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in SCO scohelp program allows remote attackers to execute commands. | |||||
| CVE-2006-1912 | 1 Mybulletinboard | 1 Mybulletinboard | 2025-04-03 | 5.8 MEDIUM | N/A |
| MyBB (MyBulletinBoard) 1.1.0 does not set the constant KILL_GLOBAL variable in (1) global.php and (2) inc/init.php, which allows remote attackers to initialize arbitrary variables that are processed by an @extract command, which could then be leveraged to conduct cross-site scripting (XSS) or SQL injection attacks. | |||||
| CVE-2000-0314 | 5 Debian, Digital, Netbsd and 2 more | 5 Debian Linux, Unix, Netbsd and 2 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| traceroute in NetBSD 1.3.3 and Linux systems allows local users to flood other systems by providing traceroute with a large waittime (-w) option, which is not parsed properly and sets the time delay for sending packets to zero. | |||||
| CVE-2004-1387 | 1 Apache | 1 Http Server | 2025-04-03 | 2.1 LOW | N/A |
| The check_forensic script in apache-utils package 1.3.31 allows local users to overwrite or create arbitrary files via a symlink attack on temporary files. | |||||
| CVE-2003-0210 | 1 Cisco | 1 Secure Access Control Server | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the administration service (CSAdmin) for Cisco Secure ACS before 3.1.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long user parameter to port 2002. | |||||
| CVE-2006-4910 | 1 Cisco | 2 Ids Sensor Software, Ips Sensor Software | 2025-04-03 | 5.0 MEDIUM | N/A |
| The web administration interface (mainApp) to Cisco IDS before 4.1(5c), and IPS 5.0 before 5.0(6p1) and 5.1 before 5.1(2) allows remote attackers to cause a denial of service (unresponsive device) via a crafted SSLv2 Client Hello packet. | |||||
| CVE-2005-4300 | 1 Libremail | 1 Libremail | 2025-04-03 | 7.5 HIGH | N/A |
| Format string vulnerability in the lire_pop function in pop.c in libremail 1.1.0 and earlier, with compiled with the debug option, allows remote attackers to execute arbitrary code via a crafted e-mail or POP server response. | |||||
| CVE-2005-0663 | 1 Mercuryboard | 1 Mercuryboard | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php for MercuryBoard 1.1.2 allows remote attackers to inject arbitrary SQL commands via the f parameter. | |||||
| CVE-2005-2287 | 1 Softiacom | 1 Wmailserver | 2025-04-03 | 5.0 MEDIUM | N/A |
| SoftiaCom wMailServer 1.0 and 2.0 allows remote attackers to cause a denial of service (application crash) via a large TCP packet with a leading space, possibly triggering a buffer overflow. | |||||
| CVE-2005-1231 | 1 Jaws | 1 Jaws | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the NewTerm function in GlossaryModel.php in JAWS 0.4 allows remote attackers to inject arbitrary web script or HTML via the (1) term or (2) description. | |||||
| CVE-2005-4771 | 1 Trust Digital | 1 Trusted Mobility Suite | 2025-04-03 | 4.6 MEDIUM | N/A |
| Trusted Mobility Agent PC Policy in Trust Digital Trusted Mobility Suite provides a cancel button that bypasses the domain-authentication prompt, which allows local users to sync a handheld (PDA) device despite a policy setting that sync is unauthorized. | |||||
| CVE-2000-0154 | 1 Sco | 1 Unixware | 2025-04-03 | 1.2 LOW | N/A |
| The ARCserve agent in UnixWare allows local attackers to modify arbitrary files via a symlink attack. | |||||
| CVE-2004-1687 | 1 Snitz Communications | 1 Snitz Forums 2000 | 2025-04-03 | 5.0 MEDIUM | N/A |
| CRLF injection vulnerability in down.asp for Snitz Forums 2000 3.4.04 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the location parameter. | |||||
| CVE-2006-0471 | 1 My Little Homepage | 1 My Little Forum | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the bbcode function in functions.php in my little homepage my little forum, as last modified in June 2005, allows remote attackers to inject arbitrary Javascript via a javascript URI in BBcode link tags. | |||||
| CVE-2006-2188 | 1 Cmscout | 1 Cmscout | 2025-04-03 | 6.8 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in CMScout 1.10 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the Body field of a private message (PM), (2) BBCode, or (3) a forum post. | |||||