Total
29864 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-1724 | 2 Debian, Mozilla | 5 Debian Linux, Firefox, Mozilla Suite and 2 more | 2025-04-03 | 7.5 HIGH | N/A |
| Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via attack vectors related to DHTML. | |||||
| CVE-2003-0135 | 1 Redhat | 1 Linux | 2025-04-03 | 7.5 HIGH | N/A |
| vsftpd FTP daemon in Red Hat Linux 9 is not compiled against TCP wrappers (tcp_wrappers) but is installed as a standalone service, which inadvertently prevents vsftpd from restricting access as intended. | |||||
| CVE-2001-0190 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in /usr/bin/cu in Solaris 2.8 and earlier, and possibly other operating systems, allows local users to gain privileges by executing cu with a long program name (arg0). | |||||
| CVE-2004-0017 | 1 Phpgroupware | 1 Phpgroupware | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in the (1) calendar and (2) infolog modules for phpgroupware 0.9.14 allow remote attackers to perform unauthorized database operations. | |||||
| CVE-2005-3454 | 1 Oracle | 1 Collaboration Suite | 2025-04-03 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in Oracle Collaboration Suite 10g Release 1 version 10.1.1 and 9i Release 2 9.0.4.2 have unknown impact and attack vectors, as identified by Oracle Vuln# (1) OCS01, (2) OCS02, (3) OCS03, and (4) OCS04 for Calendar; (5) OCS05, (6) OCS06, (7) OCS07, (8) OCS08, (9) OCS09, and (10) OCS10 for Email Server; and (11) OCS11, (12) OCS12, and (13) OCS13 for Oracle Files. | |||||
| CVE-2004-1825 | 1 Mambo | 1 Mambo Open Source | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Mambo Open Source 4.5 stable 1.0.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) return or (2) mos_change_template parameters. | |||||
| CVE-2005-1079 | 1 Mike De Boer | 1 Zoom Media Gallery | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php for zOOm Media Gallery 2.1.2 allows remote attackers to execute arbitrary SQL commands via the catid parameter. | |||||
| CVE-2002-2148 | 1 Lucent | 3 Ascend Max Router, Ascend Pipeline Router, Dslterminator | 2025-04-03 | 5.0 MEDIUM | N/A |
| Lucent Ascend MAX Router 5.0 and earlier, Lucent Ascend Pipeline Router 6.0.2 and earlier and Lucent DSLTerminator allows remote attackers to obtain sensitive information such as hostname, MAC, and IP address of the Ethernet interface via a discard (UDP port 9) packet, which causes the device to leak the information in the response. | |||||
| CVE-2005-2463 | 1 Kayako | 1 Liveresponse | 2025-04-03 | 6.4 MEDIUM | N/A |
| Kayako liveResponse 2.x allows remote attackers to obtain sensitive information via a direct request to addressbook.php and other include scripts, which reveals the path in an error message. | |||||
| CVE-2000-0272 | 1 Realnetworks | 1 Realserver | 2025-04-03 | 7.8 HIGH | N/A |
| RealNetworks RealServer allows remote attackers to cause a denial of service by sending malformed input to the server at port 7070. | |||||
| CVE-2000-1019 | 1 Inktomi | 1 Search Software | 2025-04-03 | 5.0 MEDIUM | N/A |
| Search engine in Ultraseek 3.1 and 3.1.10 (aka Inktomi Search) allows remote attackers to cause a denial of service via a malformed URL. | |||||
| CVE-2005-2393 | 1 Cutephp | 1 Cutenews | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in CuteNews 1.3.6 allows remote attackers to inject arbitrary web script or HTML via (1) the lastusername parameter to index.php or (2) selected_search_arch parameter to search.php. | |||||
| CVE-2006-0526 | 1 Aol | 1 Aol Client Software | 2025-04-03 | 7.2 HIGH | N/A |
| The default configuration of the America Online (AOL) client software allows all users to modify a certain registry value that specifies a DLL file name, which might allow local users to gain privileges via a Trojan horse program. | |||||
| CVE-2006-4056 | 2 The Address Book, The Address Book Reloaded | 2 The Address Book, The Address Book Reloaded | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in the authentication process in katzlbt (a) The Address Book 1.04e and earlier and (b) The Address Book Reloaded before 2.0-rc4 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameters. NOTE: portions of these details are obtained from third party information. | |||||
| CVE-1999-0197 | 2025-04-03 | 10.0 HIGH | N/A | ||
| finger 0@host on some systems may print information on some user accounts. | |||||
| CVE-2006-1625 | 1 Mybulletinboard | 1 Mybulletinboard | 2025-04-03 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in inc/functions_post.php in MyBB (aka MyBulletinBoard) 1.10 allows remote attackers to inject arbitrary web script or HTML via a JavaScript event in a BBCode email tag, as demonstrated using the onmousemove event. | |||||
| CVE-2002-1385 | 1 Open Webmail | 1 Open Webmail | 2025-04-03 | 7.2 HIGH | N/A |
| openwebmail_init in Open WebMail 1.81 and earlier allows local users to execute arbitrary code via .. (dot dot) sequences in a login name, such as the name provided in the sessionid parameter for openwebmail-abook.pl, which is used to find a configuration file that specifies additional code to be executed. | |||||
| CVE-2006-2195 | 1 Horde | 1 Horde | 2025-04-03 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in horde 3 (horde3) before 3.1.1 allows remote attackers to inject arbitrary web script or HTML via (1) templates/problem/problem.inc and (2) test.php. | |||||
| CVE-2005-4473 | 1 Macromedia | 1 Jrun | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Macromedia JRun 4 web server (JWS) allows remote attackers to view web application source code via "a malformed URL." | |||||
| CVE-2006-2336 | 1 Mybulletinboard | 1 Mybulletinboard | 2025-04-03 | 6.4 MEDIUM | N/A |
| SQL injection vulnerability in showthread.php in MyBB (aka MyBulletinBoard) 1.1.1 allows remote attackers to execute arbitrary SQL commands via the comma parameter. | |||||