Total
29864 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-1548 | 1 Advanced Guestbook | 1 Advanced Guestbook | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Advanced Guestbook 2.3.1 allows remote attackers to execute arbitrary SQL commands via the entry parameter. | |||||
| CVE-2006-0640 | 1 Orbicule | 1 Undercover | 2025-04-03 | 2.1 LOW | N/A |
| Orbicule Undercover allows attackers with physical or root access to disable the protection by using the chmod command to change the permissions of the /private/etc/uc.app/Contents/MacOS/uc file, which prevents the service from being started in LaunchDaemon. | |||||
| CVE-2000-0016 | 1 True North | 1 Internet Anywhere Mail Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Buffer overflow in Internet Anywhere POP3 Mail Server allows remote attackers to cause a denial of service or execute commands via a long username. | |||||
| CVE-2005-0618 | 2 Nexland, Symantec | 4 Pro800turbo, Firewall Vpn Appliance 200r, Gateway Security 360 and 1 more | 2025-04-03 | 6.4 MEDIUM | N/A |
| The SMTP binding function in Symantec Firewall/VPN Appliance 200/200R firmware after 1.5Z and before 1.68, Gateway Security 360/360R and 460/460R firmware before vuild 858, and Nexland Pro800turbo, when configured for load balancing between two WANs, might send SMTP traffic to a trusted network through an untrusted network. | |||||
| CVE-2004-1643 | 1 Progress | 1 Ws Ftp Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| WS_FTP 5.0.2 allows remote authenticated users to cause a denial of service (CPU consumption) via a CD command that contains an invalid path with a "../" sequence. | |||||
| CVE-2000-0136 | 1 Mcmurtrey Whitaker And Associates | 1 Cart32 | 2025-04-03 | 7.5 HIGH | N/A |
| The Cart32 shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. | |||||
| CVE-2004-0064 | 1 Suse | 1 Suse Linux | 2025-04-03 | 2.1 LOW | N/A |
| The SuSEconfig.gnome-filesystem script for YaST in SuSE 9.0 allows local users to overwrite arbitrary files via a symlink attack on files within the tmp.SuSEconfig.gnome-filesystem.$RANDOM temporary directory. | |||||
| CVE-2006-3278 | 1 Positive Software | 1 H-sphere | 2025-04-03 | 2.6 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in H-Sphere 2.5.1 Beta 1 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) next_template, (2) start, (3) curr_menu_id, and (4) arid parameters in psoft/servlet/resadmin/psoft.hsphere.CP when using the mailman/massmail.html template_name. | |||||
| CVE-2006-0499 | 1 Yourboard | 1 Rlink | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in rlink.php in Rlink 1.0.0 module for phpBB allows remote attackers to inject arbitrary web script or HTML via the url parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2000-1048 | 1 Qbik | 1 Wingate | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the logfile service of Wingate 4.1 Beta A and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack via an HTTP GET request that uses encoded characters in the URL. | |||||
| CVE-2004-1347 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 5.0 MEDIUM | N/A |
| X Display Manager (XDM) on Solaris 8 allows remote attackers to cause a denial of service (XDM crash) via an invalid X Display Manager Control Protocol (XDMCP) request. | |||||
| CVE-2000-0956 | 1 Carnegie Mellon University | 1 Cyrus-sasl | 2025-04-03 | 4.6 MEDIUM | N/A |
| cyrus-sasl before 1.5.24 in Red Hat Linux 7.0 does not properly verify the authorization for a local user, which could allow the users to bypass specified access restrictions. | |||||
| CVE-2006-4358 | 1 Dieselscripts | 1 Diesel Pay | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Diesel Pay allows remote attackers to inject arbitrary web script or HTML via the read parameter. | |||||
| CVE-2004-1538 | 1 Phpkit | 1 Phpkit | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in include.php in PHPKIT 1.6.03 through 1.6.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2005-3012 | 1 Simplecdr-x | 1 Simplecdr-x | 2025-04-03 | 2.1 LOW | N/A |
| The MasterDataCD::createImage function in masterdatacd.cpp for SimpleCDR-X 1.3.3 creates the .temp temporary directory with insecure permissions, which allows local users to read sensitive ISO images. | |||||
| CVE-2001-1079 | 1 Ibm | 1 Aix | 2025-04-03 | 3.6 LOW | N/A |
| create_keyfiles in PSSP 3.2 with DCE 3.1 authentication on AIX creates keyfile directories with world-writable permissions, which could allow a local user to delete key files and cause a denial of service. | |||||
| CVE-2005-2809 | 1 Silc | 1 Secure Internet Live Conferencing | 2025-04-03 | 2.1 LOW | N/A |
| silc daemon (silcd.c) in Secure Internet Live Conferencing (SILC) 1.0 and earlier allows local users to overwrite arbitrary files via a symlink attack on the silcd.[PID].stats temporary file. | |||||
| CVE-2006-1140 | 1 Redblog | 1 Redblog | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in rss.php in RedBLoG 0.5 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter. | |||||
| CVE-2000-1041 | 1 Swen Thuemmler | 1 Ypbind | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in ypbind 3.3 possibly allows an attacker to gain root privileges. | |||||
| CVE-2004-1402 | 1 Iwebnegar | 1 Iwebnegar | 2025-04-03 | 10.0 HIGH | N/A |
| SQL injection vulnerability in iWebNegar allows remote attackers to execute arbitrary SQL commands via (1) the string parameter for index.php, (2) comments.php, or (3) the administrator login page. | |||||