Total
29864 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-1477 | 1 Bea | 1 Tuxedo | 2025-04-03 | 4.6 MEDIUM | N/A |
| The Domain gateway in BEA Tuxedo 7.1 does not perform authorization checks for imported services and qspaces on remote domains, even when an ACL exists, which allows users to access services in a remote domain. | |||||
| CVE-2005-1710 | 1 Bluecoat | 1 Reporter | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Blue Coat Reporter before 7.1.2 allow remote attackers to inject arbitrary web script or HTML via (1) the username in an Add User window or (2) the license key (volatile.license_to_add parameter) in the Licensing page. | |||||
| CVE-2005-4213 | 1 Coinsoft Technologies | 1 Phpcoin | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in mod.php in phpCOIN 1.2.2 allows remote attackers to execute arbitrary SQL commands via the phpcoinsessid cookie. | |||||
| CVE-2004-0409 | 1 Xchat | 1 Xchat | 2025-04-03 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the Socks-5 proxy code for XChat 1.8.0 to 2.0.8, with socks5 traversal enabled, allows remote attackers to execute arbitrary code. | |||||
| CVE-2002-1629 | 1 Multi-tech | 1 Proxyserver | 2025-04-03 | 10.0 HIGH | N/A |
| Multi-Tech ProxyServer products MTPSR1-100, MTPSR1-120, MTPSR1-202ST, MTPSR2-201, and MTPSR3-200 ship with a null password, which allows remote attackers to gain administrative privileges via Telnet or HTTP. | |||||
| CVE-2002-2131 | 1 Perl-httpd | 1 Perl-httpd | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Perl-HTTPd before 1.0.2 allows remote attackers to view arbitrary files via a .. (dot dot) in an unknown argument. | |||||
| CVE-2006-4082 | 1 Barracuda Networks | 1 Barracuda Spam Firewall | 2025-04-03 | 7.2 HIGH | N/A |
| Barracuda Spam Firewall (BSF), possibly 3.3.03.053, contains a hardcoded password for the admin account for logins from 127.0.0.1 (localhost), which allows local users to gain privileges. | |||||
| CVE-2005-2032 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 2.1 LOW | N/A |
| Unknown vulnerability in lpadmin on Sun Solaris 7, 8, and 9 allows local users to overwrite arbitrary files. | |||||
| CVE-2002-1232 | 3 Debian, Hp, Redhat | 3 Debian Linux, Secure Os, Linux | 2025-04-03 | 5.0 MEDIUM | N/A |
| Memory leak in ypdb_open in yp_db.c for ypserv before 2.5 in the NIS package 3.9 and earlier allows remote attackers to cause a denial of service (memory consumption) via a large number of requests for a map that does not exist. | |||||
| CVE-2004-1564 | 1 W-agora | 1 W-agora | 2025-04-03 | 5.0 MEDIUM | N/A |
| CRLF injection vulnerability in subscribe_thread.php in w-Agora 4.1.6a allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the thread parameter. | |||||
| CVE-2002-0861 | 1 Microsoft | 2 Office Web Components, Project | 2025-04-03 | 7.5 HIGH | N/A |
| Microsoft Office Web Components (OWC) 2000 and 2002 allows remote attackers to bypass the "Allow paste operations via script" setting, even when it is disabled, via the (1) Copy method of the Cell object or (2) the Paste method of the Range object. | |||||
| CVE-2006-1798 | 1 Rateit | 1 Rateit | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in rateit.php in RateIt 2.2 allows remote attackers to execute arbitrary SQL commands via the rateit_id parameter. | |||||
| CVE-2004-1573 | 2 Aj-fork, Cutephp | 2 Aj-fork, Cutenews | 2025-04-03 | 7.2 HIGH | N/A |
| The documentation for AJ-Fork 167 implies that users should set permissions for users.db.php to 777, which allows local users to execute arbitrary PHP code and gain privileges as the administrator. | |||||
| CVE-2005-2205 | 1 Pngren | 1 Pngren | 2025-04-03 | 7.5 HIGH | N/A |
| The ReadLog function in kaiseki.cgi in pngren allows remote attackers to execute arbitrary commands via shell metacharacters in the query string. | |||||
| CVE-2000-0449 | 1 Omnis | 1 Studio | 2025-04-03 | 10.0 HIGH | N/A |
| Omnis Studio 2.4 uses weak encryption (trivial encoding) for encrypting database fields. | |||||
| CVE-2001-1525 | 1 Easyscripts | 1 Easynews | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the comments action in easyNews 1.5 and earlier allows remote attackers to modify news.dat, template.dat and possibly other files via a ".." in the cid parameter. | |||||
| CVE-2006-3043 | 1 Cfxe-cms | 1 Cfxe-cms | 2025-04-03 | 2.6 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in search.cfm in CreaFrameXe (CFXe) CMS 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the voltext_suche parameter. | |||||
| CVE-1999-1399 | 1 Sgi | 1 Irix | 2025-04-03 | 7.2 HIGH | N/A |
| spaceball program in SpaceWare 7.3 v1.0 in IRIX 6.2 allows local users to gain root privileges by setting the HOSTNAME environmental variable to contain the commands to be executed. | |||||
| CVE-2001-1467 | 1 Don Libes | 1 Expect | 2025-04-03 | 7.5 HIGH | N/A |
| mkpasswd in expect 5.2.8, as used by Red Hat Linux 6.2 through 7.0, seeds its random number generator with its process ID, which limits the space of possible seeds and makes it easier for attackers to conduct brute force password attacks. | |||||
| CVE-2004-2446 | 1 1st Class Internet Solutions | 1 1st Class Mail Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in 1st Class Mail Server 4.01 allows remote attackers to read arbitrary files via a ".." (dot dot) sequences in unknown vectors. | |||||