Total
29682 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-1189 | 1 Webcamxp | 1 Webcamxp Pro | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in WebcamXP PRO v2.16.468 and earlier allows remote attackers to inject arbitrary web script or HTML via the chat name, as demonstrated by using an IFRAME to redirect users to other sites. | |||||
| CVE-2002-0986 | 1 Php | 1 Php | 2025-04-03 | 5.0 MEDIUM | N/A |
| The mail function in PHP 4.x to 4.2.2 does not filter ASCII control characters from its arguments, which could allow remote attackers to modify mail message content, including mail headers, and possibly use PHP as a "spam proxy." | |||||
| CVE-2004-1859 | 1 Trend Micro | 1 Interscan Viruswall For Windows Nt | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Trend Micro Interscan Web Viruswall in InterScan VirusWall 3.5x allows remote attackers to read arbitrary files via a .. (dot dot) in the URL. | |||||
| CVE-2000-0253 | 1 Craig Dansie | 1 Dansie Shopping Cart | 2025-04-03 | 10.0 HIGH | N/A |
| The dansie shopping cart application cart.pl allows remote attackers to modify sensitive purchase information via hidden form fields. | |||||
| CVE-2006-1777 | 1 Simplog | 1 Simplog | 2025-04-03 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in doc/index.php in Jeremy Ashcraft Simplog 0.9.2 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the s parameter, as demonstrated by injecting PHP sequences into an Apache error_log file, which is then included by doc/index.php. | |||||
| CVE-2002-0314 | 3 Fasttrack, Grokster, Music City Networks | 3 Kazaa, Grokster, Morpheus | 2025-04-03 | 5.0 MEDIUM | N/A |
| fasttrack p2p, as used in (1) KaZaA before 1.5, (2) grokster, and (3) morpheus allows remote attackers to cause a denial of service (memory exhaustion) via a series of client-to-client messages, which pops up new windows per message. | |||||
| CVE-2006-1809 | 1 Lifetype | 1 Lifetype | 2025-04-03 | 5.0 MEDIUM | N/A |
| index.php in Lifetype 1.0.3 allows remote attackers to obtain sensitive information via an invalid show parameter, which reveals the path in an error message. | |||||
| CVE-2003-1159 | 1 Plug And Play | 1 Plug And Play Web Server Proxy | 2025-04-03 | 5.0 MEDIUM | N/A |
| Plug and Play Web Server Proxy 1.0002c allows remote attackers to cause a denial of service (server crash) via an invalid URI in an HTTP GET request to TCP port 8080. | |||||
| CVE-2006-3689 | 1 Codeworks | 1 Gnomedia Subberz | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in user-func.php in Codeworks Gnomedia SubberZ[Lite] allows remote attackers to execute arbitrary PHP code via a URL in the myadmindir parameter. NOTE: this issue has been disputed by a third party that claims that " the myadmindir variable is set before any GET variables are processed. | |||||
| CVE-2006-0350 | 1 Epic Designs | 1 Eggblog | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in eggblog 2.0 allow remote attackers to inject arbitrary web script or HTML via the message field to topic.php. | |||||
| CVE-2003-0659 | 1 Microsoft | 4 Windows 2000, Windows 2003 Server, Windows Nt and 1 more | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in a function in User32.dll on Windows NT through Server 2003 allows local users to execute arbitrary code via long (1) LB_DIR messages to ListBox or (2) CB_DIR messages to ComboBox controls in a privileged application. | |||||
| CVE-2002-1780 | 1 Alcatech Gmbh | 1 Bpm Studio Pro | 2025-04-03 | 5.0 MEDIUM | N/A |
| BPM Studio Pro 4.2 by ALCATech GmbH includes a webserver that allows a remote attacker to cause a denial of service (crash) by sending a URL request for a MS-DOS device such as con. NOTE: it has been disputed that this and possibly other application-level DOS device issues stem from a bug in Windows, and as such, such applications should not be considered vulnerable themselves. | |||||
| CVE-2006-0172 | 1 Hummingbird | 1 Enterprise Collaboration | 2025-04-03 | 3.5 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in the file manager utility in Hummingbird Collaboration (aka Hummingbird Enterprise Collaboration) 5.21 and earlier allows remote attackers to inject arbitrary web script or HTML in an uploaded page, which is published without a check for hostile scripting. | |||||
| CVE-2006-1178 | 1 Tamarack Consulting | 1 Tamarack Mmsd | 2025-04-03 | 5.0 MEDIUM | N/A |
| Tamarack MMSd before 7.992 allows remote attackers to cause a denial of service (crash) via malformed RFC1006 (OSI over TCP/IP) packets. | |||||
| CVE-2006-4676 | 1 Tibco | 1 Rendezvous | 2025-04-03 | 1.2 LOW | N/A |
| TIBCO RendezVous 7.4.11 and earlier logs base64-encoded usernames and passwords in rvrd.db, which allows local users to obtain sensitive information by decoding the log file. | |||||
| CVE-2000-0865 | 1 Tridia | 1 Doublevision | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in dvtermtype in Tridia Double Vision 3.07.00 allows local users to gain root privileges via a long terminal type argument. | |||||
| CVE-2005-2536 | 1 Pstotext | 1 Pstotext | 2025-04-03 | 7.5 HIGH | N/A |
| pstotext before 1.8g does not properly use the "-dSAFER" option when calling Ghostscript to extract plain text from PostScript and PDF files, which allows remote attackers to execute arbitrary commands via a malicious PostScript file. | |||||
| CVE-1999-0203 | 1 Eric Allman | 1 Sendmail | 2025-04-03 | 10.0 HIGH | N/A |
| In Sendmail, attackers can gain root privileges via SMTP by specifying an improper "mail from" address and an invalid "rcpt to" address that would cause the mail to bounce to a program. | |||||
| CVE-1999-0781 | 3 Freebsd, Kde, Linux | 3 Freebsd, Kde, Linux Kernel | 2025-04-03 | 7.2 HIGH | N/A |
| KDE allows local users to execute arbitrary commands by setting the KDEDIR environmental variable to modify the search path that KDE uses to locate its executables. | |||||
| CVE-2004-2527 | 1 Microsoft | 2 Windows 2003 Server, Windows Xp | 2025-04-03 | 5.4 MEDIUM | N/A |
| The local and remote desktop login screens in Microsoft Windows XP before SP2 and 2003 allow remote attackers to cause a denial of service (CPU and memory consumption) by repeatedly using the WinKey+"U" key combination, which causes multiple copies of Windows Utility Manager to be loaded more quickly than they can be closed when the copies detect that another instance is running. | |||||