Total
29868 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-0290 | 1 Qbik | 1 Wingate | 2025-04-03 | 5.0 MEDIUM | N/A |
| The WinGate telnet proxy allows remote attackers to cause a denial of service via a large number of connections to localhost. | |||||
| CVE-2000-0077 | 1 Hp | 1 Hp-ux | 2025-04-03 | 7.2 HIGH | N/A |
| The October 1998 version of the HP-UX aserver program allows local users to gain privileges by specifying an alternate PATH which aserver uses to find the ps and grep commands. | |||||
| CVE-2000-0254 | 1 Craig Dansie | 1 Dansie Shopping Cart | 2025-04-03 | 5.0 MEDIUM | N/A |
| The dansie shopping cart application cart.pl allows remote attackers to obtain the shopping cart database and configuration information via a URL that references either the env, db, or vars form variables. | |||||
| CVE-2006-4292 | 1 Niels Provos | 1 Honeyd | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Niels Provos Honeyd before 1.5b allows remote attackers to cause a denial of service (application crash) via certain Address Resolution Protocol (ARP) packets. | |||||
| CVE-2006-0386 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | 1.7 LOW | N/A |
| FileVault in Mac OS X 10.4.5 and earlier does not properly mount user directories when creating a FileVault image, which allows local users to access protected files when FileVault is enabled. | |||||
| CVE-2004-1686 | 1 Microsoft | 1 Ie | 2025-04-03 | 5.0 MEDIUM | N/A |
| Internet Explorer 6.0 in Windows XP SP2 allows remote attackers to bypass the Information Bar prompt for ActiveX and Javascript via an XHTML page that contains an Internet Explorer formatted comment between the DOCTYPE tag and the HTML tag, as demonstrated using the DesignScience MathPlayer ActiveX plugin. | |||||
| CVE-1999-1436 | 1 Ray Chan | 1 Www Authorization Gateway | 2025-04-03 | 7.5 HIGH | N/A |
| Ray Chan WWW Authorization Gateway 0.1 CGI program allows remote attackers to execute arbitrary commands via shell metacharacters in the "user" parameter. | |||||
| CVE-1999-0539 | 2025-04-03 | 10.0 HIGH | N/A | ||
| A trust relationship exists between two Unix hosts. | |||||
| CVE-2004-2410 | 1 Samhain Labs | 1 Samhain | 2025-04-03 | 2.1 LOW | N/A |
| Unknown vulnerability in sh_hash_compdata for Samhain 1.8.9 through 2.0.1 might allow attackers to cause a denial of service (null pointer dereference). | |||||
| CVE-2006-1900 | 1 W3c | 1 Amaya | 2025-04-03 | 7.6 HIGH | N/A |
| Multiple buffer overflows in World Wide Web Consortium (W3C) Amaya 9.4, and possibly other versions including 8.x before 8.8.5, allow remote attackers to execute arbitrary code via a long value in (1) the COMPACT attribute of the COLGROUP element, (2) the ROWS attribute of the TEXTAREA element, and (3) the COLOR attribute of the LEGEND element; and via other unspecified attack vectors consisting of "dozens of possible snippets." | |||||
| CVE-1999-1424 | 1 Sun | 1 Solstice Adminsuite | 2025-04-03 | 6.2 MEDIUM | N/A |
| Solaris Solstice AdminSuite (AdminSuite) 2.1 uses unsafe permissions when adding new users to the NIS+ password table, which allows local users to gain root access by modifying their password table entries. | |||||
| CVE-2004-0129 | 1 Phpmyadmin | 1 Phpmyadmin | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in export.php in phpMyAdmin 2.5.5 and earlier allows remote attackers to read arbitrary files via .. (dot dot) sequences in the what parameter. | |||||
| CVE-2005-3885 | 1 Inkscape | 1 Inkscape | 2025-04-03 | 2.1 LOW | N/A |
| The ps2epsi extension shell script (ps2epsi.sh) in Inkscape before 0.41 allows local users to overwrite arbitrary files via a symlink attack on the tmpepsifile.epsi temporary file. | |||||
| CVE-2005-4338 | 1 Blackboard | 1 Academic Suite | 2025-04-03 | 10.0 HIGH | N/A |
| announcement.pl in Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions before 6 allows remote attackers to gain administrator privileges by setting the context parameter to "admin". | |||||
| CVE-2001-1243 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2025-04-03 | 5.0 MEDIUM | N/A |
| Scripting.FileSystemObject in asp.dll for Microsoft IIS 4.0 and 5.0 allows local or remote attackers to cause a denial of service (crash) via (1) creating an ASP program that uses Scripting.FileSystemObject to open a file with an MS-DOS device name, or (2) remotely injecting the device name into ASP programs that internally use Scripting.FileSystemObject. | |||||
| CVE-2006-3592 | 1 Cisco | 1 Unified Callmanager | 2025-04-03 | 4.6 MEDIUM | N/A |
| Unspecified vulnerability in the command line interface (CLI) in Cisco Unified CallManager (CUCM) 5.0(1) through 5.0(3a) allows local users to execute arbitrary commands with elevated privileges via unspecified vectors, involving "certain CLI commands," aka bug CSCse11005. | |||||
| CVE-2005-2927 | 1 Sco | 1 Unixware | 2025-04-03 | 7.2 HIGH | N/A |
| Stack-based buffer overflow in ppp in SCO Unixware 7.1.3 and 7.1.4, and possibly earlier versions, allows local users to execute arbitrary code via a long argument to the (1) prompt or (2) defprompt command. | |||||
| CVE-2004-1177 | 1 Gnu | 1 Mailman | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the driver script in mailman before 2.1.5 allows remote attackers to inject arbitrary web script or HTML via a URL, which is not properly escaped in the resulting error page. | |||||
| CVE-2001-1108 | 1 Snapstream | 1 Pvs | 2025-04-03 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in SnapStream PVS 1.2a allows remote attackers to read arbitrary files via a .. (dot dot) attack in the requested URL. | |||||
| CVE-2005-1700 | 1 Postnuke Software Foundation | 1 Postnuke | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in pnadmin.php in the Xanthia module in PostNuke 0.760-RC3 allows remote administrators to execute arbitrary SQL commands via the riga[0] parameter. | |||||