Total
29862 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-2531 | 1 Gnu | 1 Gnutls | 2025-04-03 | 7.8 HIGH | N/A |
| X.509 Certificate Signature Verification in Gnu transport layer security library (GnuTLS) 1.0.16 allows remote attackers to cause a denial of service (CPU consumption) via certificates containing long chains and signed with large RSA keys. | |||||
| CVE-2004-2599 | 1 Id Software | 1 Quake Ii Server | 2025-04-03 | 2.1 LOW | N/A |
| Multiple buffer overflows in Quake II server before R1Q2, as used in multiple products, allow local users to cause a denial of service (application crash) via the server console or rcon. | |||||
| CVE-2005-3016 | 1 Francisco Burzi | 1 Php-nuke | 2025-04-03 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in the WYSIWYG editor in PHP-Nuke before 7.9 Final have unknown impact and attack vectors. | |||||
| CVE-2006-1004 | 1 Cactusoft | 1 Parodia | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in agencyprofile.asp in Parodia 6.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the AG_ID parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | |||||
| CVE-1999-1316 | 1 Microsoft | 1 Windows Nt | 2025-04-03 | 7.5 HIGH | N/A |
| Passfilt.dll in Windows NT SP2 allows users to create a password that contains the user's name, which could make it easier for an attacker to guess. | |||||
| CVE-1999-0441 | 1 Qbik | 1 Wingate | 2025-04-03 | 5.0 MEDIUM | N/A |
| Remote attackers can perform a denial of service in WinGate machines using a buffer overflow in the Winsock Redirector Service. | |||||
| CVE-2005-4002 | 1 Esi Products | 1 Webeoc | 2025-04-03 | 4.0 MEDIUM | N/A |
| WebEOC before 6.0.2 uses the same secret key for all installations, which allows attackers with the key to decrypt data from any WebEOC installation. | |||||
| CVE-2005-2178 | 1 Probe.cgi | 1 Probe.cgi | 2025-04-03 | 7.5 HIGH | N/A |
| probe.cgi allows remote attackers to execute arbitrary commands via shell metacharacters in the olddat parameter. NOTE: it is unclear which product or vendor this program is associated with, if any. | |||||
| CVE-2005-2869 | 1 Phpmyadmin | 1 Phpmyadmin | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.6.4 allow remote attackers to inject arbitrary web script or HTML via (1) the Username to libraries/auth/cookie.auth.lib.php or (2) the error parameter to error.php. | |||||
| CVE-2003-0823 | 1 Microsoft | 2 Ie, Internet Explorer | 2025-04-03 | 7.5 HIGH | N/A |
| Internet Explorer 6 SP1 and earlier allows remote attackers to direct drag and drop behaviors and other mouse click actions to other windows by calling the window.moveBy method, aka HijackClick, a different vulnerability than CVE-2003-1027. | |||||
| CVE-2002-1972 | 1 Sebastian Dehne | 1 Pp Powerswitch | 2025-04-03 | 4.6 MEDIUM | N/A |
| Unknown vulnerability in Parallel port powerSwitch (aka pp_powerSwitch) 0.1 does not properly enforce access controls, which allows local users to access arbitrary ports. | |||||
| CVE-2004-0182 | 1 Gnu | 1 Mailman | 2025-04-03 | 5.0 MEDIUM | N/A |
| Mailman before 2.0.13 allows remote attackers to cause a denial of service (crash) via an email message with an empty subject field. | |||||
| CVE-2004-1529 | 1 Rob Sutton | 1 Php-nuke Event Calendar | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Event Calendar module 2.13 for PHP-Nuke allows remote attackers to execute arbitrary web script via the (1) type, (2) day, (3) month, or (4) year parameters in a Preview operation, or (5) event comments. | |||||
| CVE-2005-0296 | 1 Novell | 2 Groupwise, Groupwise Webaccess | 2025-04-03 | 5.0 MEDIUM | N/A |
| NOTE: this issue has been disputed by the vendor. The error module in Novell GroupWise WebAccess allows remote attackers who have not authenticated to read potentially sensitive information, such as the version, via an incorrect login and a modified (1) error or (2) modify parameter that returns template files or the "about" information page. NOTE: the vendor has disputed this issue | |||||
| CVE-2005-2312 | 1 Realnode | 1 Emilda | 2025-04-03 | 7.5 HIGH | N/A |
| management.php in Realnode Emilda 1.2.2 and earlier allows remote attackers to perform actions as other users by modifying the user_id parameter. | |||||
| CVE-2000-0074 | 1 Powerscripts | 1 Plusmail | 2025-04-03 | 7.5 HIGH | N/A |
| PowerScripts PlusMail CGI program allows remote attackers to execute commands via a password file with improper permissions. | |||||
| CVE-2000-0321 | 1 Icradius | 1 Icradius | 2025-04-03 | 5.0 MEDIUM | N/A |
| Buffer overflow in IC Radius package allows a remote attacker to cause a denial of service via a long user name. | |||||
| CVE-2005-1414 | 1 Exoticsoft | 1 Filepocket | 2025-04-03 | 4.6 MEDIUM | N/A |
| ExoticSoft FilePocket 1.2 stores sensitive proxy information, including proxy passwords, in plaintext in the registry, which allows local users to gain privileges. | |||||
| CVE-2005-3509 | 1 Jportal | 1 Jportal Web Portal | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in JPortal allow remote attackers to execute arbitrary SQL commands via (1) banner.php or the id parameter to (2) print.php, (3) comment.php, and (4) news.php. | |||||
| CVE-2001-1484 | 1 Alcatel | 2 Adsl Modem 1000, Speed Touch Adsl Modem | 2025-04-03 | 7.5 HIGH | N/A |
| Alcatel ADSL modems allow remote attackers to access the Trivial File Transfer Protocol (TFTP) to modify firmware and configuration via a bounce attack from a system on the local area network (LAN) side, which is allowed to access TFTP without authentication. | |||||