Total
29864 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-1203 | 1 Ascend | 1 Multilink Ppp For Isdn | 2025-04-03 | 5.0 MEDIUM | N/A |
| Multilink PPP for ISDN dialup users in Ascend before 4.6 allows remote attackers to cause a denial of service via a spoofed endpoint identifier. | |||||
| CVE-2002-1505 | 1 Woltlab | 1 Burning Board | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in board.php for WoltLab Burning Board (wBB) 2.0 RC 1 and earlier allows remote attackers to modify the database and possibly gain privileges via the boardid parameter. | |||||
| CVE-2006-1397 | 2 Phpadsnew, Phppgads | 2 Phpadsnew, Phppgads | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in (a) phpAdsNew and (b) phpPgAds before 2.0.8 allow remote attackers to inject arbitrary web script or HTML via the (1) certain parameters to the banner delivery module, which is not properly handled in the administrator interface, or (2) certain parameters to the login form. | |||||
| CVE-1999-0219 | 1 Cat Soft | 1 Serv-u | 2025-04-03 | 7.8 HIGH | N/A |
| Buffer overflow in FTP Serv-U 2.5 allows remote authenticated users to cause a denial of service (crash) via a long (1) CWD or (2) LS (list) command. | |||||
| CVE-1999-1080 | 1 Sun | 1 Sunos | 2025-04-03 | 7.2 HIGH | N/A |
| rmmount in SunOS 5.7 may mount file systems without the nosuid flag set, contrary to the documentation and its use in previous versions of SunOS, which could allow local users with physical access to gain root privileges by mounting a floppy or CD-ROM that contains a setuid program and running volcheck, when the file systems do not have the nosuid option specified in rmmount.conf. | |||||
| CVE-2006-4940 | 1 Moodle | 1 Moodle | 2025-04-03 | 5.0 MEDIUM | N/A |
| login/forgot_password.php in Moodle before 1.6.2 allows remote attackers to obtain sensitive information (e-mail addresses and Moodle account names) via a find action. | |||||
| CVE-2000-0217 | 2 Openbsd, Ssh | 3 Openssh, Ssh, Ssh2 | 2025-04-03 | 5.1 MEDIUM | N/A |
| The default configuration of SSH allows X forwarding, which could allow a remote attacker to control a client's X sessions via a malicious xauth program. | |||||
| CVE-2005-1907 | 1 Microsoft | 1 Isa Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| The ISA Firewall service in Microsoft Internet Security and Acceleration (ISA) Server 2000 allows remote attackers to cause a denial of service (Wspsrv.exe crash) via a large amount of SecureNAT network traffic. | |||||
| CVE-1999-1074 | 1 Webmin | 1 Webmin | 2025-04-03 | 7.5 HIGH | N/A |
| Webmin before 0.5 does not restrict the number of invalid passwords that are entered for a valid username, which could allow remote attackers to gain privileges via brute force password cracking. | |||||
| CVE-2005-3163 | 1 Polipo | 1 Polipo | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Polipo 0.9.8 and earlier allows attackers to read files outside of the web root. | |||||
| CVE-2000-1084 | 1 Microsoft | 2 Data Engine, Sql Server | 2025-04-03 | 4.6 MEDIUM | N/A |
| The xp_updatecolvbm function in SQL Server and Microsoft SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows an attacker to cause a denial of service or execute arbitrary commands, aka the "Extended Stored Procedure Parameter Parsing" vulnerability. | |||||
| CVE-2005-1491 | 2 Icewarp, Merak | 2 Web Mail, Mail Server | 2025-04-03 | 4.6 MEDIUM | N/A |
| Merak Mail Server 8.0.3 with Icewarp Web Mail 5.4.2 allows remote authenticated users to (1) move their home directory via viewaction.html or (2) move arbitrary files via the importfile parameter to importaction.html. | |||||
| CVE-2006-4054 | 1 Ehmig | 1 Me Download System | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in ME Download System 1.3 allow remote attackers to execute arbitrary PHP code via a URL in the (1) Vb8878b936c2bd8ae0cab parameter to (a) inc/sett_style.php or (b) inc/sett_smilies.php; or the (2) Vb6c4d0e18a204a63b38f, (3) V18a78b93c3adaaae84e2, or (4) V9ae5d2ca9e9e787969ff parameters to (c) inc/datei.php. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | |||||
| CVE-2005-2817 | 1 Simple Machines | 1 Simple Machines Forum | 2025-04-03 | 5.0 MEDIUM | N/A |
| Simple Machines Forum (SMF) 1-0-5 and earlier supports the use of URLs for avatar images, which allows remote attackers to monitor sensitive information of forum visitors such as IP address and user agent, as demonstrated using a PHP script on a malicious server. | |||||
| CVE-2004-1208 | 1 21-6 Productions | 1 Orbz | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in Orbz 2.10 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long password field in a join request. | |||||
| CVE-2004-0571 | 1 Microsoft | 7 Windows 2000, Windows 2003 Server, Windows 98 and 4 more | 2025-04-03 | 10.0 HIGH | N/A |
| Microsoft Word for Windows 6.0 Converter does not properly validate certain data lengths, which allows remote attackers to execute arbitrary code via a .wri, .rtf, and .doc file sent by email or malicious web site, aka "Table Conversion Vulnerability," a different vulnerability than CVE-2004-0901. | |||||
| CVE-2004-1864 | 1 Xmb Forum | 1 Xmb | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Extreme Messageboard (XMB) 1.9 beta allows remote attackers to execute arbitrary SQL commands via the restrict parameter to (1) member.php, (2) misc.php, or (3) today.php. | |||||
| CVE-2004-0699 | 1 Checkpoint | 2 Firewall-1, Vpn-1 | 2025-04-03 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in ASN.1 decoding library in Check Point VPN-1 products, when Aggressive Mode IKE is implemented, allows remote attackers to execute arbitrary code by initiating an IKE negotiation and then sending an IKE packet with malformed ASN.1 data. | |||||
| CVE-2005-3801 | 1 Counterpane | 1 Passwordsafe | 2025-04-03 | 4.6 MEDIUM | N/A |
| CounterPane PasswordSafe 1.x and 2.x allows local users to test possible encryption keys against a subset of the stored key data without performing the more expensive key derivation function (KDF) function, which reduces the search time in brute force attacks. | |||||
| CVE-2001-0413 | 1 Bintec | 3 X1000, X1200, X4000 | 2025-04-03 | 5.0 MEDIUM | N/A |
| BinTec X4000 Access router, and possibly other versions, allows remote attackers to cause a denial of service via a SYN port scan, which causes the router to hang. | |||||