Total
29864 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-0234 | 1 Juniper | 1 Netscreen Screenos | 2025-04-03 | 2.1 LOW | N/A |
| NetScreen ScreenOS before 2.6.1 does not support a maximum number of concurrent sessions for a system, which allows an attacker on the trusted network to cause a denial of service (resource exhaustion) via a port scan to an external network, which consumes all available connections. | |||||
| CVE-2006-3490 | 1 F-secure | 3 F-secure Anti-virus, F-secure Internet Security, F-secure Service Platform For Service Providers | 2025-04-03 | 5.0 MEDIUM | N/A |
| F-Secure Anti-Virus 2003 through 2006 and other versions, Internet Security 2003 through 2006, and Service Platform for Service Providers 6.x and earlier does not scan files contained on removable media when "Scan network drives" is disabled, which allows remote attackers to bypass anti-virus controls. | |||||
| CVE-2001-0139 | 5 Caldera, Debian, Immunix and 2 more | 7 Openlinux Desktop, Openlinux Edesktop, Openlinux Eserver and 4 more | 2025-04-03 | 1.2 LOW | N/A |
| inn 2.2.3 allows local users to overwrite arbitrary files via a symlink attack in some configurations. | |||||
| CVE-2002-0549 | 1 Anthill | 1 Anthill | 2025-04-03 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerabilities in Anthill allow remote attackers to execute script as other Anthill users. | |||||
| CVE-2001-0547 | 1 Microsoft | 1 Isa Server | 2025-04-03 | 2.1 LOW | N/A |
| Memory leak in the proxy service in Microsoft Internet Security and Acceleration (ISA) Server 2000 allows local attackers to cause a denial of service (resource exhaustion). | |||||
| CVE-2006-2882 | 1 Aspscriptz | 1 Aspscriptz Guest Book | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities submit.asp in ASPScriptz Guest Book 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) GBOOK_UNAME, (2) GBOOK_EMAIL, (3) GBOOK_CITY, (4) GBOOK_COU, (5) GBOOK_WWW, and (6) GBOOK_MESS form fields. | |||||
| CVE-2000-1234 | 1 Phorum | 1 Phorum | 2025-04-03 | 5.0 MEDIUM | N/A |
| violation.php3 in Phorum 3.0.7 allows remote attackers to send e-mails to arbitrary addresses and possibly use Phorum as a "spam proxy" by setting the Mod and ForumName parameters. | |||||
| CVE-2005-1299 | 1 Inserter.cgi | 1 Inserter.cgi | 2025-04-03 | 10.0 HIGH | N/A |
| The inserter.cgi script allows remote attackers to execute arbitrary commands via shell metacharacters in the argument. | |||||
| CVE-2006-1948 | 1 Ibm | 1 Lotus Notes | 2025-04-03 | 4.0 MEDIUM | N/A |
| The "Add Sender to Address Book" operation (AddSenderToAddressBook.lss) and NameHelper.lss in IBM Lotus Notes 6.0 and 6.5 before 20060331 do not properly store information in the Personal Address Book when multiple messages are checked and a message uses AltFrom, which might allow user-assisted remote attackers to trick a user into sending e-mail to an unauthorized recipient. | |||||
| CVE-2006-3089 | 1 Phpmyfactures | 1 Phpmyfactures | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in PhpMyFactures 1.0, and possibly 1.2 and earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) prefixe_dossier parameter in (a) /inc/header.php; (2) msg parameter in (b) /remises/ajouter_remise.php, (c) /tva/ajouter_tva.php, (d) /stocks/ajouter.php, (e) /pays/ajouter_pays.php, (f) /produits/ajouter_cat.php, (g) /produits/ajouter_produit.php and (h) /produits/modifier_cat.php; (3) tire parameter in /remises/ajouter_remise.php; (4) quantite, (5) taux and (6) date parameter in /stocks/ajouter.php; and (7) pays and (8) prefixe parameter in /pays/ajouter_pays.php. | |||||
| CVE-2001-0093 | 1 Freebsd | 1 Freebsd | 2025-04-03 | 7.2 HIGH | N/A |
| Vulnerability in telnetd in FreeBSD 1.5 allows local users to gain root privileges by modifying critical environmental variables that affect the behavior of telnetd. | |||||
| CVE-2000-0274 | 1 Bray Systems | 1 Linux Trustees | 2025-04-03 | 2.1 LOW | N/A |
| The Linux trustees kernel patch allows attackers to cause a denial of service by accessing a file or directory with a long name. | |||||
| CVE-2005-3103 | 1 Six Apart | 1 Movable Type | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Movable Type before 3.2 allows remote attackers to inject arbitrary web script or HTML via the (1) title, (2) category, (3) body, (4) extended body, and (5) excerpt form fields in new blog entries. | |||||
| CVE-2006-0575 | 1 Thibault Godouet | 1 Fcron | 2025-04-03 | 5.0 MEDIUM | N/A |
| convert-fcrontab in Fcron 2.9.5 and 3.0.0 allows remote attackers to create or overwrite arbitrary files via ".." sequences and a symlink attack on the temporary file that is used during conversion. | |||||
| CVE-2002-1588 | 1 Sun | 1 Openwindows | 2025-04-03 | 5.0 MEDIUM | N/A |
| Mailtool for OpenWindows 3.6, 3.6.1, and 3.6.2 allows remote attackers to cause a denial of service (mailtool segmentation violation and crash) via a malformed mail attachment. | |||||
| CVE-2002-0120 | 1 Palm | 1 Palm Desktop | 2025-04-03 | 2.1 LOW | N/A |
| Apple Palm Desktop 4.0b76 and 4.0b77 creates world-readable backup files and folders when a hotsync is performed, which could allow a local user to obtain sensitive information. | |||||
| CVE-2004-2113 | 1 Herberlin | 1 Bremsserver | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in BremsServer 1.2.4 allows remote attackers to inject arbitrary web script or HTML via the URL. | |||||
| CVE-2006-2334 | 1 Microsoft | 2 Windows 2000, Windows Xp | 2025-04-03 | 2.1 LOW | N/A |
| The RtlDosPathNameToNtPathName_U API function in NTDLL.DLL in Microsoft Windows 2000 SP4 and XP SP2 does not properly convert DOS style paths with trailing spaces into NT style paths, which allows context-dependent attackers to create files that cannot be accessed through the expected DOS path or prevent access to other similarly named files in the same directory, which prevents those files from being detected or disinfected by certain anti-virus and anti-spyware software. | |||||
| CVE-2005-1660 | 1 Htmljunction | 1 Ezguestbook | 2025-04-03 | 7.5 HIGH | N/A |
| HTMLJunction EZGuestbook stores the guestbook.mdb file under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as the administrative password. | |||||
| CVE-2005-3315 | 1 Novell | 1 Zenworks Patch Management Server | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Novell ZENworks Patch Management 6.x before 6.2.2.181 allow remote attackers to execute arbitrary SQL commands via the (1) Direction parameter to computers/default.asp, and the (2) SearchText, (3) StatusFilter, and (4) computerFilter parameters to reports/default.asp. | |||||