Total
29864 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-3784 | 1 Symantec | 1 Pcanywhere | 2025-04-03 | 7.2 HIGH | N/A |
| Symantec pcAnywhere 12.5 uses weak default permissions for the "Symantec\pcAnywhere\Hosts" folder, which allows local users to gain privileges by inserting a superuser .cif (aka caller or CallerID) file into the folder, and then using a pcAnywhere client to login as a local administrator. | |||||
| CVE-2006-2466 | 1 Bea | 1 Weblogic Server | 2025-04-03 | 2.6 LOW | N/A |
| BEA WebLogic Server 8.1 up to SP4 and 7.0 up to SP6 allows remote attackers to obtain the source code of JSP pages during certain circumstances related to a "timing window" when a compilation error occurs, aka the "JSP showcode vulnerability." | |||||
| CVE-2000-0696 | 1 Sun | 1 Solaris Answerbook2 | 2025-04-03 | 7.5 HIGH | N/A |
| The administration interface for the dwhttpd web server in Solaris AnswerBook2 does not properly authenticate requests to its supporting CGI scripts, which allows remote attackers to add user accounts to the interface by directly calling the admin CGI script. | |||||
| CVE-2001-1092 | 1 Compaq | 1 Tru64 | 2025-04-03 | 2.1 LOW | N/A |
| msgchk in Digital UNIX 4.0G and earlier allows a local user to read the first line of arbitrary files via a symlink attack on the .mh_profile file. | |||||
| CVE-2003-0927 | 1 Ethereal Group | 1 Ethereal | 2025-04-03 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in Ethereal 0.9.15 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the SOCKS dissector. | |||||
| CVE-2005-3472 | 1 Sun | 1 Java System Communications Express | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Sun Java System Communications Express 2005Q1 and 2004Q2 allows local and remote attackers to read sensitive information from configuration files. | |||||
| CVE-2001-0091 | 1 Microsoft | 1 Internet Explorer | 2025-04-03 | 2.6 LOW | N/A |
| The ActiveX control for invoking a scriptlet in Internet Explorer 5.0 through 5.5 renders arbitrary file types instead of HTML, which allows an attacker to read arbitrary files, aka a variant of the "Scriptlet Rendering" vulnerability. | |||||
| CVE-2004-0050 | 1 Verity | 1 Ultraseek | 2025-04-03 | 5.0 MEDIUM | N/A |
| Verity Ultraseek before 5.2.2 allows remote attackers to obtain the full pathname of the document root via an MS-DOS device name in the web search option, such as (1) NUL, (2) CON, (3) AUX, (4) COM1, (5) COM2, and others. | |||||
| CVE-2002-1039 | 1 Michael Dean | 1 Double Choco Latte | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Double Choco Latte (DCL) before 20020706 allows remote attackers to read arbitrary files via .. (dot dot) sequences when downloading files from the Projects: Attachments feature. | |||||
| CVE-2005-0071 | 1 Vdr | 1 Vdr | 2025-04-03 | 5.0 MEDIUM | N/A |
| vdr before 1.2.6 does not securely create files, which allows attackers to overwrite arbitrary files. | |||||
| CVE-2005-3323 | 2 Debian, Zope | 2 Debian Linux, Zope | 2025-04-03 | 7.5 HIGH | N/A |
| docutils in Zope 2.6, 2.7 before 2.7.8, and 2.8 before 2.8.2 allows remote attackers to include arbitrary files via include directives in RestructuredText functionality. | |||||
| CVE-2006-0825 | 1 Xerox | 6 Workcentre 232, Workcentre 238, Workcentre 245 and 3 more | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple unspecified vulnerabilities in ESS/ Network Controller and MicroServer Web Server in Xerox WorkCentre Pro and Xerox WorkCentre running software 13.027.24.015 and 14.027.24.015 allow remote attackers to bypass authentication or gain "unauthorized network access" via unknown attack vectors. | |||||
| CVE-2006-0227 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 2.6 LOW | N/A |
| Multiple unspecified vulnerabilities in lpsched in Sun Solaris 8, 9, and 10 allow local users to delete arbitrary files or disable the LP print service via unknown attack vectors. | |||||
| CVE-2001-0691 | 1 University Of Washington | 1 Imapd | 2025-04-03 | 4.6 MEDIUM | N/A |
| Buffer overflows in Washington University imapd 2000a through 2000c could allow local users without shell access to execute code as themselves in certain configurations. | |||||
| CVE-2003-1284 | 1 Sambar | 1 Sambar Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Sambar Server before 6.0 beta 6 allows remote attackers to obtain sensitive information via direct requests to the default scripts (1) environ.pl and (2) testcgi.exe. | |||||
| CVE-1999-1032 | 1 Digital | 1 Ultrix | 2025-04-03 | 10.0 HIGH | N/A |
| Vulnerability in LAT/Telnet Gateway (lattelnet) on Ultrix 4.1 and 4.2 allows attackers to gain root privileges. | |||||
| CVE-1999-1028 | 1 Symantec | 1 Pcanywhere | 2025-04-03 | 5.0 MEDIUM | N/A |
| Symantec pcAnywhere 8.0 allows remote attackers to cause a denial of service (CPU utilization) via a large amount of data to port 5631. | |||||
| CVE-2004-2278 | 1 Chaogic Systems | 1 Vhost | 2025-04-03 | 4.3 MEDIUM | N/A |
| Unknown cross-site scripting (XSS) vulnerability in the web GUI in vHost before 3.10r1 has unknown impact and attack vectors. | |||||
| CVE-2002-0948 | 1 Scripts For Educators | 1 Makebook | 2025-04-03 | 7.5 HIGH | N/A |
| Scripts For Educators MakeBook 2.2 CGI program allows remote attackers to execute script as other visitors, or execute server-side includes (SSI) as the web server, via the (1) Name or (2) Email parameters, which are not properly filtered. | |||||
| CVE-2004-1692 | 1 Mambo | 1 Mambo Open Source | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Mambo 4.5 (1.0.9) allows remote attackers to inject arbitrary web script or HTML via the (1) Itemid, (2) mosmsg, or (3) limit parameters. | |||||