Total
29864 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-1248 | 1 Positive Software | 1 H-sphere | 2025-04-03 | 7.5 HIGH | N/A |
| H-Sphere WebShell 2.3 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) mode and (2) zipfile parameters in a URL request. | |||||
| CVE-2003-0261 | 1 Fuzz | 1 Fuzz | 2025-04-03 | 4.6 MEDIUM | N/A |
| fuzz 0.6 and earlier creates temporary files insecurely, which could allow local users to gain root privileges. | |||||
| CVE-2002-0302 | 1 Symantec | 1 Enterprise Firewall | 2025-04-03 | 5.0 MEDIUM | N/A |
| The Notify daemon for Symantec Enterprise Firewall (SEF) 6.5.x drops large alerts when SNMP is used as the transport, which could prevent some alerts from being sent in the event of an attack. | |||||
| CVE-2003-1118 | 1 University Of California | 1 Seti At Home | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the SETI@home client 3.03 and other versions allows remote attackers to cause a denial of service (client crash) and execute arbitrary code via a spoofed server response containing a long string followed by a \n (newline) character. | |||||
| CVE-2002-0064 | 2 Bindview, Funk Software | 2 Netrc, Funk Software Proxy | 2025-04-03 | 7.2 HIGH | N/A |
| Funk Software Proxy Host 3.x is installed with insecure permissions for the registry and the file system. | |||||
| CVE-2005-0820 | 1 Microsoft | 1 Office Infopath | 2025-04-03 | 5.0 MEDIUM | N/A |
| Microsoft Office InfoPath 2003 SP1 includes sensitive information in the Manifest.xsf file in a custom .xsn form, which allows attackers to obtain printer and network information, obtain the database name, username, and password, or obtain the internal web server name. | |||||
| CVE-2006-1133 | 1 Vbzoom | 1 Vbzoom | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in vbzoom 1.11 allow remote attackers to inject arbitrary web script or HTML via the UserID parameter to (1) comment.php or (2) contact.php. NOTE: the profile.php/UserName vector is already covered by CVE-2005-2441. | |||||
| CVE-2006-0835 | 1 Mitridat | 1 Web Calendar Pro | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in dropbase.php in MitriDAT Web Calendar Pro allows remote attackers to modify internal SQL queries and cause a denial of service (inaccessible database) via the tabls parameter. | |||||
| CVE-2004-2038 | 1 Neocrome | 1 Land Down Under | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Land Down Under (LDU) before LDU 700 allows remote attackers to inject arbitrary web script or HTML via a BBcode img tag in (1) functions.php, (2) header.php or (3) auth.inc.php. | |||||
| CVE-1999-0724 | 1 Openbsd | 1 Openbsd | 2025-04-03 | 4.6 MEDIUM | N/A |
| Buffer overflow in OpenBSD procfs and fdescfs file systems via uio_offset in the readdir() function. | |||||
| CVE-2001-1294 | 1 Avtronics | 1 Inetserv | 2025-04-03 | 5.0 MEDIUM | N/A |
| Buffer overflow in A-V Tronics Inetserv 3.2.1 and earlier allows remote attackers to cause a denial of service (crash) in the Webmail interface via a long username and password. | |||||
| CVE-2006-1487 | 1 Activecampaign | 1 Supporttrio | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in ActiveCampaign SupportTrio 2.50.2 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters to the KnowledgeBase search module. | |||||
| CVE-2001-0123 | 1 Extropia | 1 Bbs Forum.cgi | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in eXtropia bbs_forum.cgi 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) attack on the file parameter. | |||||
| CVE-2002-0694 | 1 Microsoft | 7 Windows 2000, Windows 2000 Terminal Services, Windows 98 and 4 more | 2025-04-03 | 7.5 HIGH | N/A |
| The HTML Help facility in Microsoft Windows 98, 98 Second Edition, Millennium Edition, NT 4.0, NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP uses the Local Computer Security Zone when opening .chm files from the Temporary Internet Files folder, which allows remote attackers to execute arbitrary code via HTML mail that references or inserts a malicious .chm file containing shortcuts that can be executed, aka "Code Execution via Compiled HTML Help File." | |||||
| CVE-2006-2980 | 1 Viart Ltd | 1 Viart Shop Free | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in block_forum_topic_new.php in ViArt Shop Free 2.5.5, and possibly other distributions including Light, Standard, and Enterprise, might allow remote attackers to execute arbitrary SQL commands via unknown vectors, probably involving the forum_id parameter. | |||||
| CVE-2001-1144 | 1 Mcafee | 1 Asap Virusscan | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in McAfee ASaP VirusScan agent 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the HTTP request. | |||||
| CVE-2003-0347 | 1 Microsoft | 4 Office, Project, Visio and 1 more | 2025-04-03 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in VBE.DLL and VBE6.DLL of Microsoft Visual Basic for Applications (VBA) SDK 5.0 through 6.3 allows remote attackers to execute arbitrary code via a document with a long ID parameter. | |||||
| CVE-2005-1645 | 1 Keyvan1 | 1 Imagegallery | 2025-04-03 | 5.0 MEDIUM | N/A |
| Keyvan1 ImageGallery stores the image.mdb database under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information. | |||||
| CVE-2006-2709 | 1 Secure Elements | 1 Class 5 Enterprise Vulnerability Management | 2025-04-03 | 5.0 MEDIUM | N/A |
| Secure Elements Class 5 AVR (aka C5 EVM) before 2.8.1 do not validate the source address of a message, which allows remote attackers to (1) execute arbitrary code on a client or (2) forge messages to the server. | |||||
| CVE-2006-1400 | 1 Metisware | 1 Instructor | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in MyTasks/PersonalTaskEdit.asp in Metisware Instructor 1.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the Task parameter. | |||||