Total
29682 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-0015 | 4 Hp, Microsoft, Netbsd and 1 more | 5 Hp-ux, Windows 95, Windows Nt and 2 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| Teardrop IP denial of service. | |||||
| CVE-2006-0497 | 1 Php Gen | 1 Php Gen | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in PHP GEN before 1.4 allow remote attackers to inject arbitrary SQL commands via unknown attack vectors. | |||||
| CVE-2002-0707 | 1 Surfcontrol | 2 Superscout Web Filter, Web Filter | 2025-04-03 | 5.0 MEDIUM | N/A |
| The Web Reports Server for SurfControl SuperScout WebFilter allows remote attackers to cause a denial of service (CPU consumption) via large GET requests, possibly due to a buffer overflow. | |||||
| CVE-2002-1933 | 1 Microsoft | 1 Windows 2000 Terminal Services | 2025-04-03 | 7.2 HIGH | N/A |
| The terminal services screensaver for Microsoft Windows 2000 does not automatically lock the terminal window if the window is minimized, which could allow local users to gain access to the terminal server window. | |||||
| CVE-2004-0797 | 1 Zlib | 1 Zlib | 2025-04-03 | 2.1 LOW | N/A |
| The error handling in the (1) inflate and (2) inflateBack functions in ZLib compression library 1.2.x allows local users to cause a denial of service (application crash). | |||||
| CVE-2005-4744 | 1 Freeradius | 1 Freeradius | 2025-04-03 | 6.4 MEDIUM | N/A |
| Off-by-one error in the sql_error function in sql_unixodbc.c in FreeRADIUS 1.0.2.5-5, and possibly other versions including 1.0.4, might allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by causing the external database query to fail. NOTE: this single issue is part of a larger-scale disclosure, originally by SUSE, which reported multiple issues that were disputed by FreeRADIUS. Disputed issues included file descriptor leaks, memory disclosure, LDAP injection, and other issues. Without additional information, the most recent FreeRADIUS report is being regarded as the authoritative source for this CVE identifier. | |||||
| CVE-2005-1494 | 1 Megabook | 1 Megabook | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in admin.cgi in MegaBook 2.0 and 2.1 allow remote attackers to inject arbitrary web script or HTML via the (1) entryid or (2) password parameter. | |||||
| CVE-2004-0311 | 1 Apc | 1 Ap9606 | 2025-04-03 | 10.0 HIGH | N/A |
| American Power Conversion (APC) Web/SNMP Management SmartSlot Card 3.0 through 3.0.3 and 3.21 are shipped with a default password of TENmanUFactOryPOWER, which allows remote attackers to gain unauthorized access. | |||||
| CVE-2005-4059 | 1 Locazo | 1 Locazolist | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in searchdb.asp in LocazoList 1.03c and earlier allows remote attackers to execute arbitrary SQL commands via the q parameter. | |||||
| CVE-2005-2484 | 1 Denora Irc Stats | 1 Denora Irc Stats | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the rdb_query function for Denora IRC Stats 1.0 might allow attackers to execute arbitrary code. | |||||
| CVE-2003-0973 | 1 Apache | 1 Mod Python | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in mod_python 3.0.x before 3.0.4, and 2.7.x before 2.7.9, allows remote attackers to cause a denial of service (httpd crash) via a certain query string. | |||||
| CVE-2000-0873 | 1 Ibm | 1 Aix | 2025-04-03 | 2.1 LOW | N/A |
| netstat in AIX 4.x.x does not properly restrict access to the -Zi option, which allows local users to clear network interface statistics and possibly hide evidence of unusual network activities. | |||||
| CVE-2005-4304 | 1 Indexcor | 1 Ezdatabase | 2025-04-03 | 5.0 MEDIUM | N/A |
| index.php in ezDatabase 2.1.2 and earlier allows remote attackers to obtain sensitive information via an invalid cat_id parameter, which leaks the full pathname in an error message. NOTE: these details are uncertain because the original report has terminology problems and lack of relevant details. The description is based partially on feedback comments. | |||||
| CVE-2002-0971 | 3 Att, Tightvnc, Tridia | 3 Winvnc Server, Tightvnc, Tridiavnc | 2025-04-03 | 4.6 MEDIUM | N/A |
| Vulnerability in VNC, TightVNC, and TridiaVNC allows local users to execute arbitrary code as LocalSystem by using the Win32 Messaging System to bypass the VNC GUI and access the "Add new clients" dialogue box. | |||||
| CVE-2006-3245 | 1 Mvnforum | 1 Mvnforum | 2025-04-03 | 2.6 LOW | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in activatemember in mvnForum 1.0 GA and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) member and (2) activatecode parameters. | |||||
| CVE-2002-2140 | 1 Cisco | 1 Pix Firewall Software | 2025-04-03 | 5.0 MEDIUM | N/A |
| Buffer overflow in Cisco PIX Firewall 5.2.x to 5.2.8, 6.0.x to 6.0.3, 6.1.x to 6.1.3, and 6.2.x to 6.2.1 allows remote attackers to cause a denial of service via HTTP traffic authentication using (1) TACACS+ or (2) RADIUS. | |||||
| CVE-2002-1325 | 1 Microsoft | 8 Windows 2000, Windows 2000 Terminal Services, Windows 95 and 5 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| Microsoft Virtual Machine (VM) build 5.0.3805 and earlier allows remote attackers to determine a local user's username via a Java applet that accesses the user.dir system property, aka "User.dir Exposure Vulnerability." | |||||
| CVE-2004-2344 | 1 Vocaltec | 2 Vgw120 Telephony Gateway, Vgw480 Telephony Gateway | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in the ASN.1/H.323/H.225 stack of VocalTec VGW120 and VGW480 allows remote attackers to cause a denial of service. | |||||
| CVE-1999-0982 | 1 Sun | 2 Solaris, Web-based Enterprise Management | 2025-04-03 | 7.2 HIGH | N/A |
| The Sun Web-Based Enterprise Management (WBEM) installation script stores a password in plaintext in a world readable file. | |||||
| CVE-2006-4631 | 1 Softbb | 1 Softbb | 2025-04-03 | 6.5 MEDIUM | N/A |
| Direct static code injection vulnerability in admin/save_opt.php in SoftBB 0.1, and possibly earlier, allows remote authenticated users to upload and execute arbitrary PHP code via the cache_forum parameter, which saves the code to info_options.php, which is accessible via a direct request. | |||||