Total
29864 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-0633 | 1 Oracle | 2 Applications, E-business Suite | 2025-04-03 | 5.0 MEDIUM | N/A |
| Multiple vulnerabilities in aoljtest.jsp of Oracle Applications AOL/J Setup Test Suite in Oracle E-Business Suite 11.5.1 through 11.5.8 allow a remote attacker to obtain sensitive information without authentication, such as the GUEST user password and the application server security key. | |||||
| CVE-2005-2720 | 1 Hauri | 4 Livecall, Virobot Advanced Server, Virobot Expert and 1 more | 2025-04-03 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the ACE archive decompression library (vrAZace.dll) in HAURI Anti-Virus products including ViRobot Expert 4.0, Advanced Server, Linux Server 2.0, and LiveCall, when compressed file scanning is enabled, allows remote attackers to execute arbitrary code via an ACE archive that contains a file with a long filename. | |||||
| CVE-2002-0505 | 1 Cisco | 1 Call Manager | 2025-04-03 | 5.0 MEDIUM | N/A |
| Memory leak in the Call Telephony Integration (CTI) Framework authentication for Cisco CallManager 3.0 and 3.1 before 3.1(3) allows remote attackers to cause a denial of service (crash and reload) via a series of authentication failures, e.g. via incorrect passwords. | |||||
| CVE-2005-3580 | 1 Qdbm | 1 Qdbm | 2025-04-03 | 7.2 HIGH | N/A |
| QDBM before 1.8.33-r2 allows local users in the portage group to increase privileges via a shared object in the Portage temporary build directory, which is added to the search path allowing objects in it to be loaded at runtime. | |||||
| CVE-1999-0181 | 1 Rpc.walld | 1 Rpc.walld | 2025-04-03 | 6.8 MEDIUM | N/A |
| The wall daemon can be used for denial of service, social engineering attacks, or to execute remote commands. | |||||
| CVE-1999-0871 | 1 Microsoft | 1 Internet Explorer | 2025-04-03 | 2.6 LOW | N/A |
| Internet Explorer 4.0 and 4.01 allow a remote attacker to read files via IE's cross frame security, aka the "Cross Frame Navigate" vulnerability. | |||||
| CVE-2001-0671 | 1 Ibm | 1 Aix | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflows in (1) send_status, (2) kill_print, and (3) chk_fhost in lpd in AIX 4.3 and 5.1 allow remote attackers to gain root privileges. | |||||
| CVE-2004-2122 | 1 Intra Forum | 1 Intra Forum | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in intraforum_db.cgi in Intra Forum allows remote attackers to inject arbitrary web script or HTML via the (1) use_last_read or (2) forum parameters. | |||||
| CVE-2006-0506 | 1 Nuked-klan | 1 Nuked-klan | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Nuked-klaN 1.7 allows remote attackers to inject arbitrary web script or HTML via the letter parameter. | |||||
| CVE-2006-4836 | 1 Codeworx Technologies | 1 Dcp-portal | 2025-04-03 | 5.1 MEDIUM | N/A |
| SQL injection vulnerability in login.php in DCP-Portal SE 6.0 allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: The lostpassword.php and calendar.php vectors are already covered by CVE-2005-3365, and the search.php vector is already covered by CVE-2005-4227. | |||||
| CVE-2004-0089 | 1 Apple | 1 Mac Os X | 2025-04-03 | 4.6 MEDIUM | N/A |
| Buffer overflow in TruBlueEnvironment in Mac OS X 10.3.x and 10.2.x allows local users to gain privileges via a long environment variable. | |||||
| CVE-2006-0789 | 1 Kyocera | 1 Fs-3830n | 2025-04-03 | 10.0 HIGH | N/A |
| Certain unspecified Kyocera printers have a default "admin" account with a blank password, which allows remote attackers to access an administrative menu via a telnet session. | |||||
| CVE-2001-0138 | 4 Debian, Immunix, Mandrakesoft and 1 more | 5 Debian Linux, Immunix, Mandrake Linux and 2 more | 2025-04-03 | 1.2 LOW | N/A |
| privatepw program in wu-ftpd before 2.6.1-6 allows local users to overwrite arbitrary files via a symlink attack. | |||||
| CVE-2006-2229 | 1 Openvpn | 2 Openvpn, Openvpn Access Server | 2025-04-03 | 4.0 MEDIUM | N/A |
| OpenVPN 2.0.7 and earlier, when configured to use the --management option with an IP that is not 127.0.0.1, uses a cleartext password for TCP sessions to the management interface, which might allow remote attackers to view sensitive information or cause a denial of service. | |||||
| CVE-2003-0134 | 1 Apache | 1 Http Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in filestat.c for Apache running on OS2, versions 2.0 through 2.0.45, allows unknown attackers to cause a denial of service via requests related to device names. | |||||
| CVE-2003-0072 | 1 Mit | 2 Kerberos, Kerberos 5 | 2025-04-03 | 5.0 MEDIUM | N/A |
| The Key Distribution Center (KDC) in Kerberos 5 (krb5) 1.2.7 and earlier allows remote, authenticated attackers to cause a denial of service (crash) on KDCs within the same realm using a certain protocol request that causes an out-of-bounds read of an array (aka "array overrun"). | |||||
| CVE-2001-0573 | 1 Ibm | 1 Aix | 2025-04-03 | 4.6 MEDIUM | N/A |
| lsfs in AIX 4.x allows a local user to gain additional privileges by creating Trojan horse programs named (1) grep or (2) lslv in a certain directory that is under the user's control, which cause lsfs to access the programs in that directory. | |||||
| CVE-2005-0688 | 1 Microsoft | 2 Windows 2003 Server, Windows Xp | 2025-04-03 | 5.0 MEDIUM | N/A |
| Windows Server 2003 and XP SP2, with Windows Firewall turned off, allows remote attackers to cause a denial of service (CPU consumption) via a TCP packet with the SYN flag set and the same destination and source address and port, aka a reoccurrence of the "Land" vulnerability (CVE-1999-0016). | |||||
| CVE-2004-0839 | 3 Avaya, Microsoft, Nortel | 18 Definity One Media Server, Ip600 Media Servers, Modular Messaging Message Storage Server and 15 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| Internet Explorer in Windows XP SP2, and other versions including 5.01 and 5.5, allows remote attackers to install arbitrary programs via a web page that uses certain styles and the AnchorClick behavior, popup windows, and drag-and-drop capabilities to drop the program in the local startup folder, as demonstrated by "wottapoop.html". | |||||
| CVE-2004-2294 | 1 Francisco Burzi | 1 Php-nuke | 2025-04-03 | 4.3 MEDIUM | N/A |
| Canonicalize-before-filter error in the send_review function in the Reviews module for PHP-Nuke 6.0 to 7.3 allows remote attackers to inject arbitrary web script or HTML via hex-encoded XSS sequences in the text parameter, which is checked for dangerous sequences before it is canonicalized, leading to a cross-site scripting (XSS) vulnerability. | |||||