Total
29682 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-0022 | 6 Bsdi, Freebsd, Hp and 3 more | 7 Bsd Os, Freebsd, Hp-ux and 4 more | 2025-04-03 | 7.2 HIGH | 7.8 HIGH |
| Local user gains root privileges via buffer overflow in rdist, via expstr() function. | |||||
| CVE-1999-0347 | 2025-04-03 | 10.0 HIGH | N/A | ||
| Internet Explorer 4.01 allows remote attackers to read local files and spoof web pages via a "%01" character in an "about:" Javascript URL, which causes Internet Explorer to use the domain specified after the character. | |||||
| CVE-2005-2956 | 1 Adaptive Technology Resource Centre | 1 Atutor | 2025-04-03 | 5.0 MEDIUM | N/A |
| ATutor 1.5.1, and possibly earlier versions, stores temporary chat logs under the web document root with insufficient access control and predictable filenames, which allows remote attackers to obtain user chat conversations via direct requests to those files. | |||||
| CVE-2005-4057 | 1 Jonathan Beckett | 1 Pluggedout Nexus | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in search.php in PluggedOut Nexus 0.1 allows remote attackers to inject arbitrary web script or HTML via the (1) Location, (2) Last Name, and (3) First Name parameters. | |||||
| CVE-2005-3874 | 1 Weaverslave | 1 Netzbrett | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in netzbr.php in Netzbrett 1.5.1 and earlier allows remote attackers to execute arbitrary SQL commands via the p_entry parameter in an entry command to index.php. | |||||
| CVE-2005-0236 | 1 Omnigroup | 1 Omniweb | 2025-04-03 | 5.0 MEDIUM | N/A |
| The International Domain Name (IDN) support in Omniweb 5 allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks. | |||||
| CVE-2002-0330 | 1 Openbb | 1 Openbb | 2025-04-03 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerability in codeparse.php of Open Bulletin Board (OpenBB) 1.0.0 allows remote attackers to execute arbitrary script and steal cookies via Javascript in the IMG tag. | |||||
| CVE-2006-3604 | 1 Seyeon | 1 Flexwatch Network Camera | 2025-04-03 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in FlexWATCH Network Camera 3.0 and earlier allows remote attackers to bypass access restrictions for (1) admin/aindex.asp or (2) admin/aindex.html via a .. (dot dot) and encoded / (%2f) sequence in the URL. | |||||
| CVE-2001-0752 | 1 Cisco | 1 Cbos | 2025-04-03 | 5.0 MEDIUM | N/A |
| Cisco CBOS 2.3.8 and earlier allows remote attackers to cause a denial of service via an ICMP ECHO REQUEST (ping) with the IP Record Route option set. | |||||
| CVE-2005-3544 | 1 Xmb Forum | 1 Xmb | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in u2u.php in XMB 1.9.3 allows remote attackers to inject arbitrary web script or HTML via the username parameter. | |||||
| CVE-2004-0032 | 1 Phpgedview | 1 Phpgedview | 2025-04-03 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in search.php in PHPGEDVIEW 2.61 allows remote attackers to inject arbitrary HTML and web script via the firstname parameter. | |||||
| CVE-2001-0007 | 1 Netscreen | 1 Screen Os | 2025-04-03 | 5.0 MEDIUM | N/A |
| Buffer overflow in NetScreen Firewall WebUI allows remote attackers to cause a denial of service via a long URL request to the web administration interface. | |||||
| CVE-1999-0717 | 1 Microsoft | 5 Excel, Windows 2000, Windows 95 and 2 more | 2025-04-03 | 2.6 LOW | N/A |
| A remote attacker can disable the virus warning mechanism in Microsoft Excel 97. | |||||
| CVE-2006-4221 | 1 Ibm | 1 Egatherer | 2025-04-03 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the IBM Access Support eGatherer ActiveX control before 3.20.0284.0 allows remote attackers to execute arbitrary code via a long filename parameter to the RunEgatherer method. | |||||
| CVE-2001-0898 | 1 Opera Software | 1 Opera Web Browser | 2025-04-03 | 5.0 MEDIUM | N/A |
| Opera 6.0 and earlier allows remote attackers to access sensitive information such as cookies and links for other domains via Javascript that uses setTimeout to (1) access data after a new window to the domain has been opened or (2) access data via about:cache. | |||||
| CVE-2001-1569 | 1 Cmg | 1 Openwave Wap Gateway | 2025-04-03 | 6.4 MEDIUM | N/A |
| Openwave WAP gateway does not verify the fully qualified domain name URL with X.509 certificates from root certificate authorities, which allows remote attackers to spoof SSL certificates via a man-in-the-middle attack. | |||||
| CVE-1999-1084 | 1 Microsoft | 1 Windows Nt | 2025-04-03 | 4.6 MEDIUM | N/A |
| The "AEDebug" registry key is installed with insecure permissions, which allows local users to modify the key to specify a Trojan Horse debugger which is automatically executed on a system crash. | |||||
| CVE-2006-3790 | 1 Ufo2000 | 1 Ufo2000 | 2025-04-03 | 5.0 MEDIUM | N/A |
| The decode_stringmap function in server_transport.cpp for UFO2000 svn 1057 allows remote attackers to cause a denial of service (daemon termination) via a keysize or valsize that is inconsistent with the packet size, which leads to a buffer over-read. | |||||
| CVE-2005-2081 | 1 Digium | 1 Asterisk | 2025-04-03 | 5.0 MEDIUM | N/A |
| Stack-based buffer overflow in the function that parses commands in Asterisk 1.0.7, when the 'write = command' option is enabled, allows remote attackers to execute arbitrary code via a command that has two double quotes followed by a tab character. | |||||
| CVE-2005-2511 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | 10.0 HIGH | N/A |
| Unknown vulnerability in Mac OS X 10.4.2 and earlier, when using Kerberos authentication with LDAP, allows attackers to gain access to a root Terminal window. | |||||