Total
29682 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-2517 | 1 Fujitsu | 1 Myweb Portal Office | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in MyWeb Portal Office, Standard Edition, Public Edition, Medical Edition, Citizen Edition, School Edition, and Light Edition allows remote attackers to execute arbitrary SQL commands via unknown attack vectors. | |||||
| CVE-2004-0381 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2025-04-03 | 2.1 LOW | N/A |
| mysqlbug in MySQL allows local users to overwrite arbitrary files via a symlink attack on the failed-mysql-bugreport temporary file. | |||||
| CVE-2006-3033 | 1 Myscrapbook | 1 Myscrapbook | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in MyScrapbook 3.1 allows remote attackers to inject arbitrary web script or HTML via the input box in singlepage.php when submitting scrapbook pages. | |||||
| CVE-1999-0966 | 1 Sun | 1 Sunos | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in Solaris getopt in libc allows local users to gain root privileges via a long argv[0]. | |||||
| CVE-2005-0611 | 1 Realnetworks | 3 Helix Player, Realone Player, Realplayer | 2025-04-03 | 5.1 MEDIUM | N/A |
| Heap-based buffer overflow in RealNetworks RealPlayer 10.5 (6.0.12.1056 and earlier), 10, 8, and RealOne Player V2 and V1, allows remote attackers to execute arbitrary code via .WAV files. | |||||
| CVE-2001-1227 | 1 Zope | 1 Zope | 2025-04-03 | 7.5 HIGH | N/A |
| Zope before 2.2.4 allows partially trusted users to bypass security controls for certain methods by accessing the methods through the fmt attribute of dtml-var tags. | |||||
| CVE-2001-0470 | 1 Sun | 1 Sunos | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in SNMP proxy agent snmpd in Solaris 8 may allow local users to gain root privileges by calling snmpd with a long program name. | |||||
| CVE-2000-0175 | 1 Sun | 1 Staroffice | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in StarOffice StarScheduler web server allows remote attackers to gain root access via a long GET command. | |||||
| CVE-2000-1170 | 1 Pelesoft | 1 Netsnap | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in Netsnap webcam HTTP server before 1.2.9 allows remote attackers to execute arbitrary commands via a long GET request. | |||||
| CVE-2002-1004 | 1 Argosoft | 1 Argosoft Mail Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in webmail feature of ArGoSoft Mail Server Plus or Pro 1.8.1.5 and earlier allows remote attackers to read arbitrary files via .. (dot dot) sequences in a URL. | |||||
| CVE-2006-2307 | 1 Website Baker | 1 Website Baker | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Website Baker CMS before 2.6.4 allows remote attackers to inject arbitrary web script or HTML via a user display name. | |||||
| CVE-2000-0423 | 1 Netwin | 1 Dnews | 2025-04-03 | 5.0 MEDIUM | N/A |
| Buffer overflow in Netwin DNEWSWEB CGI program allows remote attackers to execute arbitrary commands via long parameters such as group, cmd, and utag. | |||||
| CVE-2004-0674 | 1 Enterasys | 3 Xsr-1805, Xsr-1850, Xsr-3000 | 2025-04-03 | 5.0 MEDIUM | N/A |
| Enterasys XSR-1800 series Security Routers, when running firmware 7.0.0.0 and using Policy-Based Routing, allow remote attackers to cause a denial of service (crash) via a packet with the IP record route option set. | |||||
| CVE-2004-2138 | 1 Allwebscripts | 1 Mysqlguest | 2025-04-03 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in AWSguest.php in AllWebScripts MySQLGuest allows remote attackers to inject arbitrary HTML and PHP code via the (1) Name, (2) Email, (3) Homepage or (4) Comments field. | |||||
| CVE-2005-1806 | 1 Peercast | 1 Peercast | 2025-04-03 | 7.5 HIGH | N/A |
| Format string vulnerability in PeerCast 0.1211 and earlier allows remote attackers to execute arbitrary code via format strings in the URL. | |||||
| CVE-2004-0723 | 1 Microsoft | 1 Java Virtual Machine | 2025-04-03 | 6.4 MEDIUM | N/A |
| Microsoft Java virtual machine (VM) 5.0.0.3810 allows remote attackers to bypass sandbox restrictions to read or write certain data between applets from different domains via the "GET/Key" and "PUT/Key/Value" commands, aka "cross-site Java." | |||||
| CVE-2005-2043 | 1 Xampp | 1 Apache Distribution | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in XAMPP before 1.4.14 allows remote attackers to inject arbitrary HTML and PHP code via lang.php. | |||||
| CVE-2005-0898 | 1 Magicscripts | 1 E-store Kit-2 | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in downloadform.php in E-Store Kit-2 PayPal Edition allows remote attackers to inject arbitrary web script or HTML via the txn_id parameter. | |||||
| CVE-2001-1081 | 2 Lucent, Simon Horms | 2 Radius, Radius | 2025-04-03 | 7.5 HIGH | N/A |
| Format string vulnerabilities in Livingston/Lucent RADIUS before 2.1.va.1 may allow local or remote attackers to cause a denial of service and possibly execute arbitrary code via format specifiers that are injected into log messages. | |||||
| CVE-2005-2152 | 1 Geeklog | 1 Geeklog | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Geeklog before 1.3.11 allows remote attackers to execute arbitrary SQL commands via user comments for an article. | |||||