Total
29682 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-4567 | 1 Floosietek | 1 Ftgate | 2025-04-03 | 5.8 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in FTGate Technology (formerly known as Floosietek) FTGate 4.4 (Build 4.4.000 Oct 26 2005) allow remote attackers to inject arbitrary web script or HTML by sending (1) the href parameter to index.fts, or the param1 parameter to (2) /domains/index.fts, (3) /config/licence.fts, or (4) /config/systemacl.fts. | |||||
| CVE-2006-4072 | 1 Club-nuke | 1 Club-nuke | 2025-04-03 | 6.5 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in Club-Nuke [XP] 2.0 LCID 2048 allow remote attackers to execute arbitrary SQL commands via the (1) haber_id parameter to haber_detay.asp, and allow remote authenticated users to execute arbitrary SQL commands via the (2) menu_id parameter to menu.asp. | |||||
| CVE-2005-2518 | 1 Apple | 1 Mac Os X | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in servermgrd in Mac OS X 10.3.9 and 10.4.2 allows remote attackers to execute arbitrary code during authentication. | |||||
| CVE-1999-0071 | 1 Apache | 1 Http Server | 2025-04-03 | 7.5 HIGH | N/A |
| Apache httpd cookie buffer overflow for versions 1.1.1 and earlier. | |||||
| CVE-2006-3189 | 1 Hotplug Cms | 1 Hotplug Cms | 2025-04-03 | 5.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in administration/tblcontent/login1.php in HotPlug CMS 1.0 allows remote attackers to inject arbitrary web script or HTML via the msg parameter. | |||||
| CVE-2005-0002 | 1 Gentoo | 1 Poppassd Pam | 2025-04-03 | 10.0 HIGH | N/A |
| poppassd_pam 1.0 and earlier, when changing a user password, does not verify that the user entered the old password correctly, which allows remote attackers to change passwords for arbitrary users. | |||||
| CVE-2005-1338 | 1 Apple | 1 Mac Os X | 2025-04-03 | 4.6 MEDIUM | N/A |
| Mac OS X 10.3.9, when using an LDAP server that does not use ldap_extended_operation, may store initial LDAP passwords for new accounts in plaintext. | |||||
| CVE-2006-3634 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 4.9 MEDIUM | N/A |
| The (1) __futex_atomic_op and (2) futex_atomic_cmpxchg_inatomic functions in Linux kernel 2.6.17-rc4 to 2.6.18-rc2 perform the atomic futex operation in the kernel address space instead of the user address space, which allows local users to cause a denial of service (crash). | |||||
| CVE-2005-1556 | 1 Gamespy | 1 Gamespy Sdk Cd-key Validation Toolkit | 2025-04-03 | 5.0 MEDIUM | N/A |
| Gamespy cd-key validation system allows remote attackers to cause a denial of service (cd-key already in use) by capturing and replaying a cd-key authorization session. | |||||
| CVE-1999-0699 | 1 Bluestone | 1 Sapphire Web | 2025-04-03 | 7.5 HIGH | N/A |
| The Bluestone Sapphire web server allows session hijacking via easily guessable session IDs. | |||||
| CVE-2005-4215 | 1 Motorola | 1 Motorola Cable Modem | 2025-04-03 | 7.8 HIGH | N/A |
| Motorola SB5100E Cable Modem allows remote attackers to cause a denial of service (device crash) via an IP packet with the same source and destination IPs and ports, and with the SYN flag set (aka LAND). | |||||
| CVE-2006-3112 | 1 Chipmailer | 1 Chipmailer | 2025-04-03 | 5.0 MEDIUM | N/A |
| Chipmailer 1.09 allows remote attackers to obtain sensitive information via a direct request to php.php, which displays the output of the phpinfo function. | |||||
| CVE-2001-1374 | 3 Conectiva, Don Libes, Redhat | 3 Linux, Expect, Linux | 2025-04-03 | 7.2 HIGH | N/A |
| expect before 5.32 searches for its libraries in /var/tmp before other directories, which could allow local users to gain root privileges via a Trojan horse library that is accessed by mkpasswd. | |||||
| CVE-2006-1139 | 1 Xerox | 12 Copycentre C65, Copycentre C65 Firmware, Copycentre C75 and 9 more | 2025-04-03 | 6.4 MEDIUM | N/A |
| Unspecified vulnerability in the ESS/ Network Controller in Xerox CopyCentre and Xerox WorkCentre Pro, running software 1.001.02.073 or earlier, or 1.001.02.074 before 1.001.02.715, causes the Immediate Image Overwrite feature to fail after a power loss, which could leave data exposed to attack. | |||||
| CVE-2005-1764 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 2.1 LOW | N/A |
| Linux 2.6.11 on 64-bit x86 (x86_64) platforms does not use a guard page for the 47-bit address page to protect against an AMD K8 bug, which allows local users to cause a denial of service. | |||||
| CVE-1999-0938 | 1 University College London | 1 Sdr | 2025-04-03 | 7.5 HIGH | N/A |
| MBone SDR Package allows remote attackers to execute commands via shell metacharacters in Session Initiation Protocol (SIP) messages. | |||||
| CVE-1999-1469 | 1 Hughes Technologies | 1 W3-auth | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in w3-auth CGI program in miniSQL package allows remote attackers to execute arbitrary commands via an HTTP request with (1) a long URL, or (2) a long User-Agent MIME header. | |||||
| CVE-2002-1937 | 1 Symantec | 3 Firewall Vpn Appliance 100, Firewall Vpn Appliance 200, Firewall Vpn Appliance 200r | 2025-04-03 | 5.0 MEDIUM | N/A |
| Symantec Firewall/VPN Appliance 100 through 200R hardcodes the administrator's MAC address inside the firewall's configuration, which allows remote attackers to spoof the administrator's MAC address and perform an ARP poisoning man-in-the-middle attack to obtain the administrator's password. | |||||
| CVE-2002-0133 | 1 Avirt | 3 Avirt Gateway, Avirt Gateway Suite, Avirt Soho | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflows in Avirt Gateway Suite 4.2 allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) long header fields to the HTTP proxy, or (2) a long string to the telnet proxy. | |||||
| CVE-2006-1446 | 1 Apple | 1 Mac Os X | 2025-04-03 | 5.0 MEDIUM | N/A |
| Keychain in Apple Mac OS X 10.3.9 and 10.4.6 might allow an application to bypass a locked Keychain by first obtaining a reference to the Keychain when it is unlocked, then reusing that reference after the Keychain has been locked. | |||||