Total
29682 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-2053 | 1 Cisco | 1 Ios | 2025-04-03 | 5.0 MEDIUM | N/A |
| The design of the Hot Standby Routing Protocol (HSRP), as implemented on Cisco IOS 12.1, when using IRPAS, allows remote attackers to cause a denial of service (CPU consumption) via a router with the same IP address as the interface on which HSRP is running, which causes a loop. | |||||
| CVE-2006-3052 | 1 Cescripts | 4 Event Registration 2checkout, Event Registration Corporate, Event Registration Paypal and 1 more | 2025-04-03 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Event Registration allows remote attackers to inject arbitrary web script or HTML via the (1) event_id parameter to view-event-details.php or (2) select_events parameter to event-registration.php. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | |||||
| CVE-2004-0517 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | 4.6 MEDIUM | N/A |
| Unknown vulnerability in Mac OS X 10.3.4, related to "handling of process IDs during package installation," a different vulnerability than CVE-2004-0516. | |||||
| CVE-2005-3870 | 1 Edmobbs | 1 Edmobbs | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in edmobbs9r.php in edmoBBS 0.9 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) table and (2) messageID parameters. | |||||
| CVE-2006-1813 | 1 Phpwebftp | 1 Phpwebftp | 2025-04-03 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in phpWebFTP 3.2 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the language parameter. | |||||
| CVE-2006-0227 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 2.6 LOW | N/A |
| Multiple unspecified vulnerabilities in lpsched in Sun Solaris 8, 9, and 10 allow local users to delete arbitrary files or disable the LP print service via unknown attack vectors. | |||||
| CVE-2003-0046 | 1 Celestial Software | 1 Absolutetelnet | 2025-04-03 | 4.6 MEDIUM | N/A |
| AbsoluteTelnet SSH2 client does not clear logon credentials from memory, including plaintext passwords, which could allow attackers with access to memory to steal the SSH credentials. | |||||
| CVE-2004-0494 | 2 Avaya, Redhat | 4 Cvlan, Enterprise Linux, Enterprise Linux Desktop and 1 more | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple extfs backend scripts for GNOME virtual file system (VFS) before 1.0.1 may allow remote attackers to perform certain unauthorized actions via a gnome-vfs URI. | |||||
| CVE-2001-1229 | 2 Icecast, Libshout | 2 Icecast, Libshout | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflows in (1) Icecast before 1.3.9 and (2) libshout before 1.0.4 allow remote attackers to cause a denial of service (crash) and execute arbitrary code. | |||||
| CVE-2006-4913 | 1 Alstrasoft | 1 E-friends | 2025-04-03 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in chat/getStartOptions.php in AlstraSoft E-friends 4.85 allows remote attackers to include arbitrary local files and possibly execute arbitrary code via a .. (dot dot) sequence and trailing null (%00) byte in the lang parameter, as demonstrated by injecting PHP code into a log file. | |||||
| CVE-2006-4246 | 1 Usermin | 1 Usermin | 2025-04-03 | 3.6 LOW | N/A |
| Usermin before 1.220 (20060629) allows remote attackers to read arbitrary files, possibly related to chfn/save.cgi not properly handling an empty shell parameter, which results in changing root's shell instead of the shell of a specified user. | |||||
| CVE-1999-0885 | 1 Computer Software Manufaktur | 1 Alibaba | 2025-04-03 | 3.6 LOW | N/A |
| Alibaba web server allows remote attackers to execute commands via a pipe character in a malformed URL. | |||||
| CVE-2005-4144 | 1 Lyris | 1 List Manager | 2025-04-03 | 7.5 HIGH | N/A |
| Lyris ListManager 5.0 through 8.9a allows remote attackers to add "ORDER BY" columns to SQL queries via unusual whitespace characters in the orderby parameter, such as (1) newlines and (2) 0xFF (ASCII 255) characters, which are interpreted as whitespace. | |||||
| CVE-2004-1003 | 1 Trend Micro | 1 Scanmail Domino | 2025-04-03 | 5.0 MEDIUM | N/A |
| Trend ScanMail allows remote attackers to obtain potentially sensitive information or disable the anti-virus capability via the smency.nsf file. | |||||
| CVE-2006-2065 | 1 Phpsurveyor | 1 Phpsurveyor | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in save.php in PHPSurveyor 0.995 and earlier allows remote attackers to execute arbitrary SQL commands via the surveyid cookie. NOTE: this issue could be leveraged to execute arbitrary PHP code, as demonstrated by inserting directory traversal sequences into the database, which are then processed by the thissurvey['language'] variable. | |||||
| CVE-1999-0784 | 1 Oracle | 1 Database Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Denial of service in Oracle TNSLSNR SQL*Net Listener via a malformed string to the listener port, aka NERP. | |||||
| CVE-2005-3697 | 1 Uresk Links | 1 Uresk Links | 2025-04-03 | 7.5 HIGH | N/A |
| Unspecified vulnerability in the administration interface in Uresk Links 2.0 Lite allows remote attackers to bypass authentication via unspecified vectors in index.php. | |||||
| CVE-2005-0534 | 1 Mediawiki | 1 Mediawiki | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in MediaWiki 1.3.x before 1.3.11 and 1.4 beta before 1.4 rc1 allow remote attackers to inject arbitrary web script. | |||||
| CVE-2003-0062 | 1 Eset Software | 1 Nod32 Antivirus | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in Eset Software NOD32 for UNIX before 1.013 allows local users to execute arbitrary code via a long path name. | |||||
| CVE-2002-1585 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in Solaris 8 for Intel and Solaris 8 and 9 for SPARC allows remote attackers to cause a denial of service via certain packets that cause some network interfaces to stop responding to TCP traffic. | |||||