Total
29682 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-1373 | 1 Zonelabs | 1 Zonealarm | 2025-04-03 | 5.0 MEDIUM | N/A |
| MailSafe in Zone Labs ZoneAlarm 2.6 and earlier and ZoneAlarm Pro 2.6 and 2.4 does not block prohibited file types with long file names, which allows remote attackers to send potentially dangerous attachments. | |||||
| CVE-2002-2003 | 1 Compaq | 1 Tru64 | 2025-04-03 | 5.0 MEDIUM | N/A |
| ypbind in Compaq Tru64 4.0F, 4.0G, 5.0A, 5.1 and 5.1A allows remote attackers to cause the process to core dump via certain network packets generated by nmap. | |||||
| CVE-2002-1018 | 1 Adobe | 1 Adobe Content Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| The library feature for Adobe Content Server 3.0 does not verify if a customer has already checked out an eBook, which allows remote attackers to cause a denial of service (resource exhaustion) by checking out the same book multiple times. | |||||
| CVE-2006-2684 | 1 Hotwebscripts | 1 Cms Mundo | 2025-04-03 | 5.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the search module in CMS Mundo 1.0 allows remote attackers to inject arbitrary web script or HTML via the searchstring parameter. | |||||
| CVE-2003-0274 | 1 Cren | 1 Listproc | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in catmail for ListProc 8.2.09 and earlier allows remote attackers to execute arbitrary code via a long ULISTPROC_UMASK value. | |||||
| CVE-2005-2592 | 1 Parlano | 1 Mindalign | 2025-04-03 | 7.5 HIGH | N/A |
| Unknown vulnerability in Parlano MindAlign 5.0 and later versions allows remote attackers to bypass authentication via unknown vectors. | |||||
| CVE-2006-4474 | 1 Joomla | 1 Joomla | 2025-04-03 | 6.8 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before 1.0.11 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters in (1) Admin Module Manager, (2) Admin Help, and (3) Search. | |||||
| CVE-2005-0125 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | 7.2 HIGH | N/A |
| The "at" commands on Mac OS X 10.3.7 and earlier do not properly drop privileges, which allows local users to (1) delete arbitrary files via atrm, (2) execute arbitrary programs via the -f argument to batch, or (3) read arbitrary files via the -f argument to batch, which generates a job file that is readable by the local user. | |||||
| CVE-2004-0567 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Nt | 2025-04-03 | 7.5 HIGH | N/A |
| The Windows Internet Naming Service (WINS) in Windows NT Server 4.0 SP 6a, NT Terminal Server 4.0 SP 6, Windows 2000 Server SP3 and SP4, and Windows Server 2003 does not properly validate the computer name value in a WINS packet, which allows remote attackers to execute arbitrary code or cause a denial of service (server crash), which results in an "unchecked buffer" and possibly triggers a buffer overflow, aka the "Name Validation Vulnerability." | |||||
| CVE-2002-2040 | 1 Qnx | 1 Rtos | 2025-04-03 | 7.2 HIGH | N/A |
| The (1) phrafx and (2) phgrafx-startup programs in QNX realtime operating system (RTOS) 4.25 and 6.1.0 do not properly drop privileges before executing the system command, which allows local users to execute arbitrary commands by modifying the PATH environment variable to reference a malicious crttrap program. | |||||
| CVE-1999-0309 | 1 Hp | 1 Hp-ux | 2025-04-03 | 7.2 HIGH | N/A |
| HP-UX vgdisplay program gives root access to local users. | |||||
| CVE-2005-4704 | 1 Bea | 1 Weblogic Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in BEA WebLogic Server and WebLogic Express 8.1 through SP3, 7.0 through SP6, and 6.1 through SP7, when SSL is intended to be used, causes an unencrypted protocol to be used in certain unspecified circumstances, which causes user credentials to be sent across the network in cleartext and allows remote attackers to gain privileges. | |||||
| CVE-2003-0020 | 1 Apache | 1 Http Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Apache does not filter terminal escape sequences from its error logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences. | |||||
| CVE-2006-4437 | 1 Venture Nine | 1 Tagger Le | 2025-04-03 | 7.5 HIGH | N/A |
| Eval injection vulnerability in Tagger LE allows remote attackers to execute arbitrary PHP code via the query string in (1) tags.php, (2) sign.php, and (3) admin/index.php. | |||||
| CVE-2002-1804 | 1 Npds | 1 Npds | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in NPDS 4.8 allows remote attackers to inject arbitrary web script or HTML via Javascript in an IMG tag. | |||||
| CVE-2002-1628 | 1 Mike Spice | 1 Mikes Vote Cgi | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in vote.cgi for Mike Spice Mike's Vote CGI before 1.3 allows remote attackers to write arbitrary files via .. (dot dot) sequences in the type parameter. | |||||
| CVE-2006-1546 | 1 Apache | 1 Struts | 2025-04-03 | 7.5 HIGH | N/A |
| Apache Software Foundation (ASF) Struts before 1.2.9 allows remote attackers to bypass validation via a request with a 'org.apache.struts.taglib.html.Constants.CANCEL' parameter, which causes the action to be canceled but would not be detected from applications that do not use the isCancelled check. | |||||
| CVE-2005-1444 | 1 Sitepanel | 1 Sitepanel | 2025-04-03 | 6.8 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in SitePanel 2.6.1 and earlier (SitePanel2) allows remote attackers to inject arbitrary web script or HTML via (1) the v, show, or sec_name parameters to main.php, (2) the inadmin, newsev, or postid parameters to 5.php, or (3) the id parameter to 0.php. | |||||
| CVE-1999-0170 | 1 Digital | 1 Ultrix | 2025-04-03 | 7.5 HIGH | N/A |
| Remote attackers can mount an NFS file system in Ultrix or OSF, even if it is denied on the access list. | |||||
| CVE-2005-0737 | 1 Yahoo | 1 Messenger | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in Yahoo! Messenger allows remote attackers to execute arbitrary code via the offline mode. | |||||