Total
29864 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-1527 | 2 Ibm, Iss | 2 Internet Security Systems Blackice Defender, Blackice Server Protection | 2025-04-03 | 4.3 MEDIUM | N/A |
| BlackICE Defender 2.9.cap and Server Protection 3.5.cdf, when configured to automatically block attacks, allows remote attackers to block IP addresses and cause a denial of service via spoofed packets. | |||||
| CVE-2006-3843 | 1 Mambo | 1 Mambo Calendar | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in com_calendar.php in Calendar Mambo Module 1.5.7 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the absolute_path parameter. | |||||
| CVE-2006-2609 | 1 Artmedic Webdesign | 1 Artmedic Newsletter | 2025-04-03 | 5.1 MEDIUM | N/A |
| artmedic newsletter 4.1.2 and possibly other versions, when register_globals is enabled, allows remote attackers to modify arbitrary files and execute arbitrary PHP code via the email parameter to newsletter_log.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2006-2608 | 1 Artmedic Webdesign | 1 Artmedic Newsletter | 2025-04-03 | 5.1 MEDIUM | N/A |
| artmedic newsletter 4.1 and possibly other versions, when register_globals is enabled, allows remote attackers to modify arbitrary files and execute arbitrary PHP code via the logfile parameter in a direct request to log.php, which causes the $logfile variable to be redefined to an attacker-controlled value, as demonstrated by injecting PHP code into info.php. | |||||
| CVE-1999-0141 | 1 Netscape | 1 Navigator | 2025-04-03 | 3.7 LOW | N/A |
| Java Bytecode Verifier allows malicious applets to execute arbitrary commands as the user of the applet. | |||||
| CVE-2006-0669 | 1 Gasoft | 1 Gas Forum Light | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in archive.asp in GA's Forum Light allow remote attackers to execute arbitrary SQL commands via the (1) Forum and (2) pages parameter. NOTE: SecurityTracker says that the vendor has disputed this issue, saying that GA Forum Light does not use an SQL database. SecurityTracker's research indicates that the original problem could be due to a vbscript parsing error based on invalid arguments | |||||
| CVE-2004-0820 | 1 Nullsoft | 1 Winamp | 2025-04-03 | 4.6 MEDIUM | N/A |
| Winamp before 5.0.4 allows remote attackers to execute arbitrary script in the Local computer zone via script in HTML files that are referenced from XML files contained in a .wsz skin file. | |||||
| CVE-2005-1366 | 1 Pico Server | 1 Pico Server | 2025-04-03 | 7.5 HIGH | N/A |
| Pico Server (pServ) 3.2 and earlier allows remote attackers to obtain the source code for CGI scripts via "dirname/../cgi-bin" in a URL. | |||||
| CVE-2005-2114 | 1 Mozilla | 3 Camino, Firefox, Mozilla | 2025-04-03 | 5.0 MEDIUM | N/A |
| Mozilla 1.7.8, Firefox 1.0.4, Camino 0.8.4, Netscape 8.0.2, and K-Meleon 0.9, and possibly other products that use the Gecko engine, allow remote attackers to cause a denial of service (application crash) via JavaScript that repeatedly calls an empty function. | |||||
| CVE-2004-2565 | 1 Sambar | 1 Sambar Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in Sambar Server 6.1 Beta 2 on Windows, and possibly other versions on Linux, when the administrative IP address restrictions have been modified from the default, allow remote authenticated users to read arbitrary files via (1) a "..\" (dot dot backslash) in the file parameter to showini.asp, or (2) an absolute path with drive letter in the log parameter to showlog.asp. | |||||
| CVE-2006-1276 | 1 Himpfen Consulting | 1 Php Simplenews | 2025-04-03 | 10.0 HIGH | N/A |
| admin.php in Himpfen Consulting Company PHP SimpleNEWS 1.0.0 allows remote attackers to bypass authentication by setting the admin parameter in a cookie. | |||||
| CVE-1999-1370 | 1 Microsoft | 1 Internet Explorer | 2025-04-03 | 7.2 HIGH | N/A |
| The setup wizard (ie5setup.exe) for Internet Explorer 5.0 disables (1) the screen saver, which could leave the system open to users with physical access if a failure occurs during an unattended installation, and (2) the Task Scheduler Service, which might prevent the scheduled execution of security-critical programs. | |||||
| CVE-2003-1032 | 1 Pi3 | 1 Pi3web | 2025-04-03 | 5.0 MEDIUM | N/A |
| Pi3Web web server 2.0.2 Beta 1, when the Directory Index is configured to use the "Name" column and sort using the column title as a hyperlink, allows remote attackers to cause a denial of service (crash) via a malformed URL to the web server, possibly involving a buffer overflow. | |||||
| CVE-2005-2989 | 1 Deluxebb | 1 Deluxebb | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in DeluxeBB 1.0 and 1.0.5 allow remote attackers to execute arbitrary SQL commands via the (1) tid parameter to topic.php, the uid parameter to (2) misc.php or (3) pm.php, or the fid parameter to (3) forums.php or (4) newpost.php. | |||||
| CVE-2005-2838 | 1 Mywebland | 1 Mybloggie | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in login.php in myBloggie 2.1.3-beta and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter. | |||||
| CVE-2005-3436 | 1 Nuked-klan | 1 Nuked-klan | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Nuked-Klan 1.7 allows remote attackers to inject arbitrary web script or HTML via the (1) Search module, (2) certain edit fields in Guestbook, (3) the title in the Forum module, and (4) Textbox. | |||||
| CVE-2005-4812 | 1 Sisco | 4 Ax-s4 Iccp, Ax-s4 Mms, Iccp Toolkit For Mms-ease and 1 more | 2025-04-03 | 7.8 HIGH | N/A |
| The SISCO OSI stack for Windows, as used by MMS-EASE 7.10 and earlier, AX-S4 MMS 5.01 and earlier, AX-S4 ICCP 3.0103 and earlier, and the ICCP Toolkit for MMS-EASE 4.10 and earlier, allows remote attackers to cause a denial of service (process crash) via certain network traffic, as demonstrated using a Nessus scan. | |||||
| CVE-2000-0335 | 2 Gnu, Isc | 2 Glibc, Bind | 2025-04-03 | 7.5 HIGH | N/A |
| The resolver in glibc 2.1.3 uses predictable IDs, which allows a local attacker to spoof DNS query results. | |||||
| CVE-2004-0520 | 3 Open Webmail, Sgi, Squirrelmail | 3 Open Webmail, Propack, Squirrelmail | 2025-04-03 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in mime.php for SquirrelMail before 1.4.3 allows remote attackers to insert arbitrary HTML and script via the content-type mail header, as demonstrated using read_body.php. | |||||
| CVE-2001-0050 | 1 Colten Edwards | 1 Bitchx | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in BitchX IRC client allows remote attackers to cause a denial of service and possibly execute arbitrary commands via an IP address that resolves to a long DNS hostname or domain name. | |||||