Total
29863 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-0222 | 1 Cisco | 1 Router | 2025-04-03 | 5.0 MEDIUM | N/A |
| Denial of service in Cisco IOS web server allows attackers to reboot the router using a long URL. | |||||
| CVE-2002-0852 | 1 Cisco | 1 Vpn Client | 2025-04-03 | 5.0 MEDIUM | N/A |
| Buffer overflows in Cisco Virtual Private Network (VPN) Client 3.5.4 and earlier allows remote attackers to cause a denial of service via (1) an Internet Key Exchange (IKE) with a large Security Parameter Index (SPI) payload, or (2) an IKE packet with a large number of valid payloads. | |||||
| CVE-2001-0888 | 3 Atmel, Linksys, Netgear | 3 Firmware, Wap11, Me102 | 2025-04-03 | 5.0 MEDIUM | N/A |
| Atmel Firmware 1.3 Wireless Access Point (WAP) allows remote attackers to cause a denial of service via a SNMP request with (1) a community string other than "public" or (2) an unknown OID, which causes the WAP to deny subsequent SNMP requests. | |||||
| CVE-2003-0316 | 1 Fourelle Venturi Wireless | 1 Venturi Client | 2025-04-03 | 5.0 MEDIUM | N/A |
| Venturi Client before 2.2, as used in certain Fourelle and Venturi Wireless products, can be used as an open proxy for various protocols, including an open relay for SMTP, which allows it to be abused by spammers. | |||||
| CVE-2006-2117 | 1 Extrosoft | 1 Thyme | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Thyme 1.3 allows remote attackers to inject arbitrary web script or HTML via the search page. | |||||
| CVE-2005-3135 | 1 Virtools | 1 Web Player | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in Virtools Web Player 3.0.0.100 and earlier allows remote attackers to execute arbitrary code via a long filename. | |||||
| CVE-2006-2488 | 1 Spymac | 1 Spymac Web Os | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Spymac WebOS (WOS) 5.0 allow remote attackers to inject arbitrary web script or HTML via the (1) del_folder, (2) nick, or (3) action parameters to (a) notes/index.php, (4) curr parameter to (b) ipod/get_ipod.php, and in (c) login.php. | |||||
| CVE-2004-1418 | 1 Wirtualna Polska | 1 Wpkontakt | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in WPKontakt 3.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via an e-mail address, which is not quoted when a parsing error is generated. | |||||
| CVE-2004-0975 | 3 Gentoo, Mandrakesoft, Openssl | 5 Linux, Mandrake Linux, Mandrake Linux Corporate Server and 2 more | 2025-04-03 | 2.1 LOW | N/A |
| The der_chop script in the openssl package in Trustix Secure Linux 1.5 through 2.1 and other operating systems allows local users to overwrite files via a symlink attack on temporary files. | |||||
| CVE-2005-1118 | 1 Rsa | 1 Authentication Agent For Web | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in IISWebAgentIF.dll in the RSA Authentication Agent for Web 5.2 allows remote attackers to inject arbitrary web script or HTML via the postdata parameter. | |||||
| CVE-2006-2652 | 1 Wikini | 1 Wikini | 2025-04-03 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in WikiNi 0.4.2 and earlier allows remote attackers to inject arbitrary HTML and web script by editing a Wiki page to contain the script. | |||||
| CVE-1999-0880 | 2 Bsdi, Caldera | 2 Bsd Os, Openlinux | 2025-04-03 | 5.0 MEDIUM | N/A |
| Denial of service in WU-FTPD via the SITE NEWER command, which does not free memory properly. | |||||
| CVE-2005-3378 | 1 Norman | 1 Norman Virus Control | 2025-04-03 | 5.1 MEDIUM | N/A |
| Multiple interpretation error in Norman 5.81 with the 5.83.02 engine allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a dangerous file type by applications on the end system, as demonstrated by a "triple headed" program that contains EXE, EML, and HTML content, aka the "magic byte bug." | |||||
| CVE-2006-1292 | 1 Php Icalendar | 1 Php Icalendar | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Jim Hu and Chad Little PHP iCalendar 2.21 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences and a NUL (%00) character in the phpicalendar[cookie_language] and phpicalendar[cookie_style] cookies, as demonstrated by injecting PHP sequences into an Apache access_log file, which is then included by day.php. | |||||
| CVE-2006-4585 | 1 Tr Forum | 1 Tr Forum | 2025-04-03 | 9.0 HIGH | N/A |
| SQL injection vulnerability in admin/editer.php in Tr Forum 2.0 allows remote authenticated users to execute arbitrary SQL commands via the id2 parameter. NOTE: this can be leveraged with other Tr Forum vulnerabilities to allow unauthenticated attackers to gain privileges. | |||||
| CVE-2005-0213 | 1 Webtoolmaster Software | 1 Winhki | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in WinHKI 1.4d allows remote attackers to overwrite arbitrary files via a .. (dot dot) in a zip file. | |||||
| CVE-2005-2027 | 1 Enterasys | 1 Vertical Horizon-2402s | 2025-04-03 | 5.0 MEDIUM | N/A |
| Enterasys Vertical Horizon VH-2402S before firmware 2.05.05.09 does not properly restrict certain debugging commands to the ADMIN account, which could allow attackers to obtain sensitive information or modify the registry. | |||||
| CVE-2004-0569 | 1 Microsoft | 1 Windows Nt | 2025-04-03 | 7.5 HIGH | N/A |
| The RPC Runtime Library for Microsoft Windows NT 4.0 allows remote attackers to read active memory or cause a denial of service (system crash) via a malicious message, possibly related to improper length values. | |||||
| CVE-2006-4289 | 1 Sony | 1 Vaio Media Server | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in Sony VAIO Media Server 2.x, 3.x, 4.x, and 5.x before 20060626 allows remote attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2005-2192 | 1 Alexander Palmo | 1 Simple Php Blog | 2025-04-03 | 5.0 MEDIUM | N/A |
| SimplePHPBlog 0.4.0 stores password hashes in config/password.txt with insufficient access control, which allows remote attackers to obtain passwords via a brute force attack. | |||||