Total
29864 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-0348 | 1 Microsoft | 1 Windows 2000 | 2025-04-03 | 5.0 MEDIUM | N/A |
| Microsoft Windows 2000 telnet service allows attackers to cause a denial of service (crash) via a long logon command that contains a backspace. | |||||
| CVE-2002-1768 | 1 Cisco | 1 Ios | 2025-04-03 | 5.0 MEDIUM | N/A |
| Cisco IOS 11.1 through 12.2, when HSRP support is not enabled, allows remote attackers to cause a denial of service (CPU consumption) via randomly sized UDP packets to the Hot Standby Routing Protocol (HSRP) port 1985. | |||||
| CVE-2005-4197 | 1 Nortel | 1 Ssl Vpn | 2025-04-03 | 7.5 HIGH | N/A |
| tunnelform.yaws in Nortel SSL VPN 4.2.1.6 allows remote attackers to execute arbitrary commands via a link in the a parameter, which is executed with extra privileges in a cryptographically signed Java Applet. | |||||
| CVE-2004-2174 | 1 Early Impact | 1 Productcart | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Custva.asp in EarlyImpact ProductCart allows remote attackers to inject arbitrary Javascript via the redirectUrl parameter. | |||||
| CVE-2003-1163 | 1 Ganglia | 1 Gmond | 2025-04-03 | 5.0 MEDIUM | N/A |
| hash.c in Ganglia gmond 2.5.3 allows remote attackers to cause a denial of service (segmentation fault) via a UDP packet that contains a single-byte name string, which is used as an out-of-bounds array index. | |||||
| CVE-2005-2500 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the xdr_xcode_array2 function in xdr.c in Linux kernel 2.6.12, as used in SuSE Linux Enterprise Server 9, might allow remote attackers to cause a denial of service and possibly execute arbitrary code via crafted XDR data for the nfsacl protocol. | |||||
| CVE-2004-1614 | 1 Mozilla | 1 Mozilla | 2025-04-03 | 5.0 MEDIUM | N/A |
| Mozilla allows remote attackers to cause a denial of service (application crash from invalid memory access) via an "unusual combination of visual elements," including several large MARQUEE tags with large height parameters, as demonstrated by mangleme. | |||||
| CVE-2005-4305 | 1 Edgewall Software | 1 Trac | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Edgewall Trac 0.9, 0.9.1, and 0.9.2 allows remote attackers to inject arbitrary web script or HTML via the URL, which is not properly sanitized before it is returned in an error page. | |||||
| CVE-2000-0960 | 1 Netscape | 1 Messaging Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| The POP3 server in Netscape Messaging Server 4.15p1 generates different error messages for incorrect user names versus incorrect passwords, which allows remote attackers to determine valid users on the system and harvest email addresses for spam abuse. | |||||
| CVE-2002-1458 | 1 Leszek Krupinski | 1 L-forum | 2025-04-03 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerability in L-Forum 2.40 and earlier, when the "Enable HTML in messages" option is on, allows remote attackers to insert arbitrary script or HTML via message fields including (1) From, (2) E-Mail, (3) Subject and (4) Body. | |||||
| CVE-2002-0998 | 1 Care 2002 | 1 Care 2002 | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in cafenews.php for CARE 2002 before beta 1.0.02 allows remote attackers to read arbitrary files via .. (dot dot) sequences and null characters in the lang parameter, which is processed by a call to the include function. | |||||
| CVE-2005-4387 | 1 Contenite | 1 Contenite | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in home.php in contenite 0.11 and earlier allows remote attackers to inject arbitrary web script or HTML via the id parameter. | |||||
| CVE-2006-2948 | 1 Alan Ward | 1 A-cart | 2025-04-03 | 5.0 MEDIUM | N/A |
| A-CART 2.0 stores the acart2_0.mdb file under the web document root with insufficient access control, which allows remote attackers to obtain username and password information. | |||||
| CVE-2002-0909 | 1 Matsushita Research | 1 Mnews | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple buffer overflows in mnews 1.22 and earlier allow (1) a remote NNTP server to execute arbitrary code via long responses, or local users can gain privileges via long command line arguments (2) -f, (3) -n, (4) -D, (5) -M, or (6) -P, or via long environment variables (7) JNAMES or (8) MAILSERVER. | |||||
| CVE-2001-0432 | 1 Trend Micro | 1 Interscan Viruswall | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflows in various CGI programs in the remote administration service for Trend Micro Interscan VirusWall 3.01 allow remote attackers to execute arbitrary commands. | |||||
| CVE-2003-0549 | 2 Gnome, Redhat | 4 Gdm, Enterprise Linux, Kdebase and 1 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| The X Display Manager Control Protocol (XDMCP) support for GDM before 2.4.1.6 allows attackers to cause a denial of service (daemon crash) via a short authorization key name. | |||||
| CVE-2002-0385 | 1 Vignette | 2 Storyserver, Vignette | 2025-04-03 | 5.0 MEDIUM | N/A |
| Vignette Story Server 4.1 and 6.0 allows remote attackers to obtain sensitive information via a request that contains a large number of '"' (double quote) and and '>' characters, which causes the TCL interpreter to crash and include stack data in the output. | |||||
| CVE-2004-1834 | 1 Apache | 1 Http Server | 2025-04-03 | 2.1 LOW | N/A |
| mod_disk_cache in Apache 2.0 through 2.0.49 stores client headers, including authentication information, on the hard disk, which could allow local users to gain sensitive information. | |||||
| CVE-1999-1489 | 1 Slackware | 1 Slackware Linux | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in TestChip function in XFree86 SuperProbe in Slackware Linux 3.1 allows local users to gain root privileges via a long -nopr argument. | |||||
| CVE-2005-3395 | 1 Invision Power Services | 1 Invision Gallery | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Invision Gallery 2.0.3 allows remote attackers to execute arbitrary SQL commands via the st parameter. | |||||