Total
29868 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-2538 | 2 Ie Tab, Mozilla | 2 Ie Tab, Firefox | 2025-04-03 | 2.6 LOW | N/A |
| IE Tab 1.0.9 plugin for Mozilla Firefox 1.5.0.3 allows remote user-assisted attackers to cause a denial of service (application crash), possibly due to a null dereference, via certain Javascript, as demonstrated using a url parameter to the content/reloaded.html page in a chrome:// URI. Some third-party researchers claim that they are unable to reproduce this vulnerability. | |||||
| CVE-2005-1601 | 1 Mro Software | 1 Maximo Self Service | 2025-04-03 | 5.0 MEDIUM | N/A |
| MRO Maximo Self Service 4 and 5 stores certain information under the web document root using file extensions that are not processed by Tomcat, which allows remote attackers to obtain sensitive information via a direct request for the file, such as MXServer.properties. | |||||
| CVE-2005-4436 | 1 Extended Interior Gateway Routing Protocol | 1 Extended Interior Gateway Routing Protocol | 2025-04-03 | 7.8 HIGH | N/A |
| Extended Interior Gateway Routing Protocol (EIGRP) 1.2, as implemented in Cisco IOS after 12.3(2), 12.3(3)B, and 12.3(2)T and other products, allows remote attackers to cause a denial of service by sending a "spoofed neighbor announcement" with (1) mismatched k values or (2) "goodbye message" Type-Length-Value (TLV). | |||||
| CVE-2005-0151 | 1 Adobe | 3 Creative Suite, Photoshop, Premiere | 2025-04-03 | 7.5 HIGH | N/A |
| Unknown vulnerability in the installation of Adobe License Management Service, as used in Adobe Photoshop CS, Adobe Creative Suite 1.0, and Adobe Premiere Pro 1.5, allows attackers to gain administrator privileges. | |||||
| CVE-2005-3490 | 1 Asus | 1 Video Security Online | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the web server in Asus Video Security 3.5.0.0 and earlier allows remote attackers to read arbitrary files via "../" or "..\" sequences in the URL. | |||||
| CVE-2004-1085 | 1 Apple | 4 Darwin Streaming Server, Mac Os X, Mac Os X Server and 1 more | 2025-04-03 | 2.1 LOW | N/A |
| Human Interface Toolbox (HIToolBox) for Apple Mac 0S X 10.3.6 allows local users to exit applications via the force-quit key combination, even when the system is running in kiosk mode. | |||||
| CVE-2006-0402 | 1 Jason Geiger | 1 Zoph | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Zoph before 0.5pre1 allows remote attackers to execute arbitrary SQL commands. | |||||
| CVE-1999-1275 | 1 Ibm | 1 Lotus Cc Mail | 2025-04-03 | 4.6 MEDIUM | N/A |
| Lotus cc:Mail release 8 stores the postoffice password in plaintext in a hidden file which has insecure permissions, which allows local users to gain privileges. | |||||
| CVE-2006-2666 | 1 V-webmail | 1 V-webmail | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in includes/mailaccess/pop3.php in V-Webmail 1.5 through 1.6.4 allows remote attackers to execute arbitrary PHP code via a URL in the CONFIG[pear_dir] parameter. | |||||
| CVE-2006-2029 | 1 Simplog | 1 Simplog | 2025-04-03 | 6.4 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in Jeremy Ashcraft Simplog 0.9.3 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) tid parameter in (a) preview.php; the (2) cid, (3) pid, and (4) eid parameters in (b) archive.php; and the (5) pid parameter in (c) comments.php. | |||||
| CVE-1999-0900 | 1 Linux-nis | 1 Rpc.yppasswdd | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in rpc.yppasswdd allows a local user to gain privileges via MD5 hash generation. | |||||
| CVE-2000-0202 | 1 Microsoft | 2 Data Engine, Sql Server | 2025-04-03 | 7.5 HIGH | N/A |
| Microsoft SQL Server 7.0 and Microsoft Data Engine (MSDE) 1.0 allow remote attackers to gain privileges via a malformed Select statement in an SQL query. | |||||
| CVE-2006-3350 | 1 Cimmetry Systems | 1 Autovue Solidmodel Professional | 2025-04-03 | 5.1 MEDIUM | N/A |
| Stack-based buffer overflow in AutoVue SolidModel Professional Desktop Edition 19.1 Build 5993 allows user-assisted remote attackers to execute arbitrary code via a long filename in a (1) ARJ, (2) RAR, or (3) ZIP archive. | |||||
| CVE-2005-1151 | 1 Debian | 1 Qpopper | 2025-04-03 | 7.2 HIGH | N/A |
| qpopper 4.0.5 and earlier does not properly drop privileges before processing certain user-supplied files, which allows local users to overwrite or create arbitrary files as root. | |||||
| CVE-2001-1324 | 1 Paul Jarc | 1 Idtools | 2025-04-03 | 4.6 MEDIUM | N/A |
| cvmlogin and statfile in Paul Jarc idtools before 2001.06.27 do not properly check the return value of a call to the pathexec_env function, which could cause the setstate utility to setuid to the UID environment variable and allow local users to gain privileges. | |||||
| CVE-2002-0165 | 1 Logwatch | 1 Logwatch | 2025-04-03 | 7.2 HIGH | N/A |
| LogWatch 2.5 allows local users to gain root privileges via a symlink attack, a different vulnerability than CVE-2002-0162. | |||||
| CVE-2006-1347 | 1 Greg Neustaetter | 1 Gcards | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in loginfunction.php in Greg Neustaetter gCards 1.45 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter. | |||||
| CVE-2002-1047 | 1 Watchguard | 1 Soho Firewall | 2025-04-03 | 7.5 HIGH | N/A |
| The FTP service in Watchguard Soho Firewall 5.0.35a allows remote attackers to gain privileges with a correct password but an incorrect user name. | |||||
| CVE-2002-0516 | 1 Squirrelmail | 1 Squirrelmail | 2025-04-03 | 10.0 HIGH | N/A |
| SquirrelMail 1.2.5 and earlier allows authenticated SquirrelMail users to execute arbitrary commands by modifying the THEME variable in a cookie. | |||||
| CVE-2006-2148 | 1 Cgiirc | 1 Cgiirc | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple buffer overflows in client.c in CGI:IRC (CGIIRC) before 0.5.8 might allow remote attackers to execute arbitrary code via (1) cookies or (2) the query string. | |||||