Total
29868 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-0382 | 1 Broadcom | 1 Ccc Harvest | 2025-04-03 | 7.5 HIGH | N/A |
| Computer Associates CCC\Harvest 5.0 for Windows NT/2000 uses weak encryption for passwords, which allows a remote attacker to gain privileges on the application. | |||||
| CVE-1999-1042 | 1 Cisco | 1 Resource Manager | 2025-04-03 | 1.2 LOW | N/A |
| Cisco Resource Manager (CRM) 1.0 and 1.1 creates world-readable log files and temporary files, which may expose sensitive information, to local users such as user IDs, passwords and SNMP community strings. | |||||
| CVE-2005-0111 | 1 Mysql | 1 Maxdb | 2025-04-03 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the websql CGI program in MySQL MaxDB 7.5.00 allows remote attackers to execute arbitrary code via a long password parameter. | |||||
| CVE-2006-3347 | 1 Devilz Clanportal | 1 Devilz Clanportal | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in deV!Lz Clanportal DZCP 1.3.4 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2006-0917 | 1 Melange | 1 Melange Chat System | 2025-04-03 | 2.1 LOW | N/A |
| Melange Chat Server (aka M-Chat), when accessed via a web browser, automatically sends cookies and other sensitive information for a server to any port specified in the associated link, which allows local users on that server to read the cookies from HTTP headers and possibly gain sensitive information, such as credentials, by setting up a listening port and reading the credentials when the victim clicks on the link. | |||||
| CVE-2000-1165 | 1 Balabit | 1 Syslog-ng | 2025-04-03 | 5.0 MEDIUM | N/A |
| Balabit syslog-ng allows remote attackers to cause a denial of service (application crash) via a malformed log message that does not have a closing > in the priority specifier. | |||||
| CVE-1999-1333 | 1 Redhat | 1 Linux | 2025-04-03 | 7.5 HIGH | N/A |
| automatic download option in ncftp 2.4.2 FTP client in Red Hat Linux 5.0 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the names of files that are to be downloaded. | |||||
| CVE-2006-4103 | 1 Jason Alexander | 1 Phnntp | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in article-raw.php in Jason Alexander phNNTP 1.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the file_newsportal parameter. | |||||
| CVE-2000-0914 | 1 Openbsd | 1 Openbsd | 2025-04-03 | 5.0 MEDIUM | N/A |
| OpenBSD 2.6 and earlier allows remote attackers to cause a denial of service by flooding the server with ARP requests. | |||||
| CVE-2002-1878 | 1 W-agora | 1 W-agora | 2025-04-03 | 5.0 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in w-Agora 4.1.3 allows remote attackers to execute arbitrary PHP code via the inc_dir parameter. | |||||
| CVE-2005-4555 | 1 Dev | 1 Dev Web Management System | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in add.php in DEV web management system 1.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) ENTER_ARTICLE_TITLE, (2) SPECIFY_ZONE, (3) ENTER_ARTICLE_HEADER, and (4) ENTER_ARTICLE_BODY indices in the language array parameter. | |||||
| CVE-2005-4158 | 1 Todd Miller | 1 Sudo | 2025-04-03 | 4.6 MEDIUM | N/A |
| Sudo before 1.6.8 p12, when the Perl taint flag is off, does not clear the (1) PERLLIB, (2) PERL5LIB, and (3) PERL5OPT environment variables, which allows limited local users to cause a Perl script to include and execute arbitrary library files that have the same name as library files that are included by the script. | |||||
| CVE-2006-1166 | 1 Monotone | 1 Monotone | 2025-04-03 | 3.7 LOW | N/A |
| Monotone 0.25 and earlier, when a user creates a file in a directory called "mt", and when checking out that file on a case-insensitive file system such as Windows or Mac OS X, places the file into the "MT" bookkeeping directory, which could allow context-dependent attackers to execute arbitrary Lua programs as the user running monotone. | |||||
| CVE-2005-3918 | 1 Ovbb | 1 Ovbb | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in OvBB 0.08a allow remote attackers to execute arbitrary SQL commands via the (1) threadid parameter to thread.php and (2) userid parameter to profile.php. NOTE: the vendor disputes these issues, saying "these reports are completely unsubstantial. | |||||
| CVE-2005-0702 | 1 Phpmyfaq | 1 Phpmyfaq | 2025-04-03 | 5.0 MEDIUM | N/A |
| SQL injection vulnerability in phpMyFAQ 1.4 and 1.5 allows remote attackers to add FAQ records to the database via the username field in forum messages. | |||||
| CVE-2005-3153 | 1 Mywebland | 1 Mybloggie | 2025-04-03 | 7.5 HIGH | N/A |
| login.php in myBloggie 2.1.3 beta and earlier allows remote attackers to bypass a whitelist regular expression and conduct SQL injection attacks via a username parameter with SQL after a null character, which causes the whitelist check to succeed but injects the SQL into a query string, a different vulnerability than CVE-2005-2838. NOTE: it is possible that this is actually a bug in PHP code, in which case this should not be treated as a myBloggie vulnerability. | |||||
| CVE-2006-1700 | 1 Aweb | 1 Scripts Seller | 2025-04-03 | 7.5 HIGH | N/A |
| Buy.php in Aweb Scripts Seller uses predictable cookies for authentication based on the time and the script number, which allows remote attackers to bypass authentication. | |||||
| CVE-2003-0088 | 1 Apple | 1 Mac Os X | 2025-04-03 | 7.2 HIGH | N/A |
| TruBlueEnvironment for MacOS 10.2.3 and earlier allows local users to overwrite or create arbitrary files and gain root privileges by setting a certain environment variable that is used to write debugging information. | |||||
| CVE-2006-2836 | 1 Pineapple Technologies | 1 Lore | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in comment.php in Pineapple Technologies Lore 1.5.6 and earlier allows remote attackers to execute arbitrary SQL commands via the article_id parameter. | |||||
| CVE-1999-0711 | 1 Oracle | 1 Oracle8i | 2025-04-03 | 4.6 MEDIUM | N/A |
| The oratclsh interpreter in Oracle 8.x Intelligent Agent for Unix allows local users to execute Tcl commands as root. | |||||