Total
29864 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-1557 | 1 Pixysoft | 1 Guestbook Pro | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in WebApp Guestbook PRO 3.2.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) title or (2) content of a message. | |||||
| CVE-2001-0753 | 1 Cisco | 1 Cbos | 2025-04-03 | 7.5 HIGH | N/A |
| Cisco CBOS 2.3.8 and earlier stores the passwords for (1) exec and (2) enable in cleartext in the NVRAM and a configuration file, which could allow unauthorized users to obtain the passwords and gain privileges. | |||||
| CVE-2005-1936 | 1 Xerox | 20 Document Centre 220, Document Centre 230, Document Centre 240 and 17 more | 2025-04-03 | 7.5 HIGH | N/A |
| Unknown vulnerability in the web server for the ESS/ Network Controller for Xerox Document Centre 240 through 555 running System Software 27.18.017 and earlier allows attackers to "gain unauthorized access." | |||||
| CVE-1999-1139 | 1 Hp | 1 Hp-ux | 2025-04-03 | 7.2 HIGH | N/A |
| Character-Terminal User Environment (CUE) in HP-UX 11.0 and earlier allows local users to overwrite arbitrary files and gain root privileges via a symlink attack on the IOERROR.mytty file. | |||||
| CVE-2006-0919 | 1 Oi | 1 Email Marketing System | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php (aka the login page) in Oi! Email Marketing System 3.0 (aka Oi! 3) allows remote attackers to execute arbitrary SQL commands via the (1) Username and (2) Password fields. | |||||
| CVE-2000-1228 | 1 Phorum | 1 Phorum | 2025-04-03 | 5.0 MEDIUM | N/A |
| Phorum 3.0.7 allows remote attackers to change the administrator password without authentication via an HTTP request for admin.php3 that sets step, option, confirm and newPssword variables. | |||||
| CVE-2002-1672 | 1 Webmin | 1 Webmin | 2025-04-03 | 2.1 LOW | N/A |
| Webmin 0.92, when installed from an RPM, creates /var/webmin with insecure permissions (world readable), which could allow local users to read the root user's cookie-based authentication credentials and possibly hijack the root user's session using the credentials. | |||||
| CVE-2000-0280 | 1 Realnetworks | 1 Realplayer | 2025-04-03 | 2.6 LOW | N/A |
| Buffer overflow in the RealNetworks RealPlayer client versions 6 and 7 allows remote attackers to cause a denial of service via a long Location URL. | |||||
| CVE-2001-1209 | 1 Abe Timmerman | 1 Zml.cgi | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in zml.cgi allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | |||||
| CVE-2005-2689 | 1 Postnuke Software Foundation | 1 Postnuke | 2025-04-03 | 2.6 LOW | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in PostNuke 0.760-RC4b allows remote attackers to inject arbitrary web script or HTML via (1) the moderate parameter to the Comments module or (2) htmltext parameter to html/user.php. | |||||
| CVE-2000-0011 | 1 Analogx | 1 Simpleserver Www | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in AnalogX SimpleServer:WWW HTTP server allows remote attackers to execute commands via a long GET request. | |||||
| CVE-2004-1892 | 1 Emule | 1 Emule | 2025-04-03 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in DecodeBase16 function, as used in the (1) IRC module and (2) web server in eMule 0.42d, allows remote attackers to execute arbitrary code via a long string. | |||||
| CVE-2005-0418 | 1 Sun | 1 J2se | 2025-04-03 | 7.5 HIGH | N/A |
| Argument injection vulnerability in Java Web Start for J2SE 1.4.2 up to 1.4.2_06, on Mac OS X, allows untrusted applications to gain privileges via the value parameter of a property tag in a JNLP file. NOTE: it is highly likely that this item will be MERGED with CVE-2005-0836. | |||||
| CVE-2005-0191 | 1 Realnetworks | 2 Realone Player, Realplayer | 2025-04-03 | 5.1 MEDIUM | N/A |
| Off-by-one buffer overflow in the processing of tags in Real Metadata Package (RMP) files in RealPlayer 10.5 (6.0.12.1040) and earlier could allow remote attackers to execute arbitrary code via a long tag. | |||||
| CVE-2005-2629 | 1 Realnetworks | 3 Helix Player, Realone Player, Realplayer | 2025-04-03 | 5.1 MEDIUM | N/A |
| Integer overflow in RealNetworks RealPlayer 8, 10, and 10.5, RealOne Player 1 and 2, and Helix Player 10.0.0 allows remote attackers to execute arbitrary code via an .rm movie file with a large value in the length field of the first data packet, which leads to a stack-based buffer overflow, a different vulnerability than CVE-2004-1481. | |||||
| CVE-2001-1029 | 2 Freebsd, Openbsd | 2 Freebsd, Openssh | 2025-04-03 | 2.1 LOW | N/A |
| libutil in OpenSSH on FreeBSD 4.4 and earlier does not drop privileges before verifying the capabilities for reading the copyright and welcome files, which allows local users to bypass the capabilities checks and read arbitrary files by specifying alternate copyright or welcome files. | |||||
| CVE-2005-0179 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 2.1 LOW | N/A |
| Linux kernel 2.4.x and 2.6.x allows local users to cause a denial of service (CPU and memory consumption) and bypass RLIM_MEMLOCK limits via the mlockall call. | |||||
| CVE-2000-0985 | 1 Nevis Systems | 1 All-mail | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in All-Mail 1.1 allows remote attackers to execute arbitrary commands via a long "MAIL FROM" or "RCPT TO" command. | |||||
| CVE-2003-0941 | 1 Sap | 1 Sap Db | 2025-04-03 | 7.5 HIGH | N/A |
| web-tools in SAP DB before 7.4.03.30 allows remote attackers to access the Web Agent Administration pages and modify configuration via a direct request to waadmin.wa. | |||||
| CVE-2006-0864 | 1 Hauri | 1 Virobot | 2025-04-03 | 10.0 HIGH | N/A |
| filescan in Global Hauri ViRobot 2.0 20050817 does not verify the Cookie HTTP header, which allows remote attackers to gain administrative privileges via an arbitrary cookie value. | |||||