Total
29864 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-1431 | 1 Fusionzone | 1 Couponzone | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in local.cfm in fusionZONE couponZONE 4.2 allows remote attackers to inject arbitrary web script or HTML via URL-encoded (1) srchfor and (2) srchby parameters. | |||||
| CVE-2002-0502 | 1 Citrix | 1 Nfuse | 2025-04-03 | 5.0 MEDIUM | N/A |
| Citrix NFuse 1.6 may allow remote attackers to list applications without authentication by accessing the applist.asp page. | |||||
| CVE-1999-0352 | 2025-04-03 | 7.2 HIGH | N/A | ||
| ControlIT 4.5 and earlier (aka Remotely Possible) has weak password encryption. | |||||
| CVE-2006-2793 | 1 Aspsitem | 1 Aspsitem | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Anket.asp in ASPSitem 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the hid parameter. | |||||
| CVE-2005-4443 | 1 Gauche | 1 Gauche | 2025-04-03 | 7.2 HIGH | N/A |
| Untrusted search path vulnerability in Gauche before 0.8.6-r1 on Gentoo Linux allows local users in the portage group to gain privileges via a malicious shared object in the Portage temporary build directory, which is part of the RUNPATH. | |||||
| CVE-2006-3134 | 1 Gracenote | 1 Cddbcontrol Activex Control | 2025-04-03 | 9.3 HIGH | N/A |
| Buffer overflow in GraceNote CDDBControl ActiveX Control, as used by multiple products that use Gracenote CDDB, allows remote attackers to execute arbitrary code via a long option string. | |||||
| CVE-2002-0069 | 2 Redhat, Squid | 2 Linux, Squid | 2025-04-03 | 2.6 LOW | N/A |
| Memory leak in SNMP in Squid 2.4 STABLE3 and earlier allows remote attackers to cause a denial of service. | |||||
| CVE-2006-4096 | 1 Isc | 1 Bind | 2025-04-03 | 5.0 MEDIUM | N/A |
| BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service (crash) via a flood of recursive queries, which cause an INSIST failure when the response is received after the recursion queue is empty. | |||||
| CVE-2005-3423 | 1 Subdreamer | 1 Subdreamer | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Subdreamer 2.2.1 allow remote attackers to execute arbitrary SQL commands via (1) the loginusername parameter or (2) cookies to (a) subdreamer.php, (b) ipb2.php, (c) phpbb2.php, (d) vbulletin2.php, and (e) vbulletin3.php. | |||||
| CVE-2006-4613 | 1 Securecomputing | 4 Snapgear Sg560, Snapgear Sg565, Snapgear Sg580 and 1 more | 2025-04-03 | 7.8 HIGH | N/A |
| Multiple unspecified vulnerabilities in SnapGear before 3.1.4u1 allow remote attackers to cause a denial of service via unspecified vectors involving (1) IPSec replay windows and (2) the use of vulnerable versions of ClamAV before 0.88.4. NOTE: it is possible that vector 2 is related to CVE-2006-4018. | |||||
| CVE-2004-1289 | 1 Pcal | 1 Pcal | 2025-04-03 | 10.0 HIGH | N/A |
| Multiple buffer overflows in (1) the getline function in pcalutil.c and (2) the get_holiday function in readfile.c for pcal 4.7.1 allow remote attackers to execute arbitrary code via a crafted calendar file. | |||||
| CVE-2006-2320 | 1 Ideal Science | 1 Idealbb | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Ideal Science Ideal BB 1.5.4a and earlier allow remote attackers to execute arbitrary SQL commands via multiple unspecified vectors related to stored procedure calls. NOTE: due to lack of details from the researcher, it is not clear whether this overlaps CVE-2004-2209. | |||||
| CVE-2001-1064 | 1 Cisco | 1 Cbos | 2025-04-03 | 5.0 MEDIUM | N/A |
| Cisco 600 series routers running CBOS 2.0.1 through 2.4.2ap allows remote attackers to cause a denial of service via multiple connections to the router on the (1) HTTP or (2) telnet service, which causes the router to become unresponsive and stop forwarding packets. | |||||
| CVE-2005-1055 | 1 Towerblog | 1 Towerblog | 2025-04-03 | 7.5 HIGH | N/A |
| TowerBlog 0.6 and earlier stores the login data file under the web root, which allows remote attackers to obtain the MD5 checksums of the username and password via a direct request to the _dat/login file. | |||||
| CVE-1999-1423 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 2.1 LOW | N/A |
| ping in Solaris 2.3 through 2.6 allows local users to cause a denial of service (crash) via a ping request to a multicast address through the loopback interface, e.g. via ping -i. | |||||
| CVE-2004-0374 | 1 Interchange Development Group | 1 Interchange | 2025-04-03 | 6.4 MEDIUM | N/A |
| Interchange before 5.0.1 allows remote attackers to "expose the content of arbitrary variables" and read or modify sensitive SQL information via an HTTP request ending with the "__SQLUSER__" string. | |||||
| CVE-2005-1129 | 1 Egroupware | 1 Egroupware | 2025-04-03 | 2.1 LOW | N/A |
| eGroupWare 1.0.6 and earlier, when an e-mail is composed with an attachment but not sent, will send that attachment in the next e-mail, which may cause sensitive information to be sent to the wrong recipient. | |||||
| CVE-1999-0388 | 1 Datalynx | 1 Suguard | 2025-04-03 | 4.6 MEDIUM | N/A |
| DataLynx suGuard trusts the PATH environment variable to execute the ps command, allowing local users to execute commands as root. | |||||
| CVE-2005-0099 | 1 Abuse | 1 Abuse-sdl | 2025-04-03 | 2.1 LOW | N/A |
| The SDL port of abuse (abuse-SDL) before 2.00 does not properly drop privileges before creating certain files, which allows local users to create or overwrite arbitrary files. | |||||
| CVE-2005-0737 | 1 Yahoo | 1 Messenger | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in Yahoo! Messenger allows remote attackers to execute arbitrary code via the offline mode. | |||||