Total
29682 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-2150 | 1 Juniper | 1 Netscreen Screenos | 2025-04-03 | 5.0 MEDIUM | N/A |
| Firewalls from multiple vendors empty state tables more slowly than they are filled, which allows remote attackers to flood state tables with packet flooding attacks such as (1) TCP SYN flood, (2) UDP flood, or (3) Crikey CRC Flood, which causes the firewall to refuse any new connections. | |||||
| CVE-2006-4763 | 1 Ibm | 1 Lotus Domino Web Access | 2025-04-03 | 7.5 HIGH | N/A |
| IBM Lotus Domino Web Access (DWA) 7.0.1 does not expire a client's Lightweight Third-Party Authentication token (LtpaToken) upon logout, which allows remote attackers to obtain a user's privileges by intercepting the LtpaToken cookie. | |||||
| CVE-2006-2992 | 1 My Photo Scrapbook | 1 My Photo Scrapbook | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in display.asp in My Photo Scrapbook 1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the key_m parameter. | |||||
| CVE-2004-1286 | 1 Napshare | 1 Napshare | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in the auto_filter_extern function in auto.c for NapShare 1.2, with the extern filter enabled, allows remote attackers to execute arbitrary code via a crafted gnutella response. | |||||
| CVE-1999-0186 | 1 Sun | 1 Solaris | 2025-04-03 | 10.0 HIGH | N/A |
| In Solaris, an SNMP subagent has a default community string that allows remote attackers to execute arbitrary commands as root, or modify system parameters. | |||||
| CVE-2001-0458 | 4 Debian, Mandrakesoft, Ralf S. Engelschall and 1 more | 4 Debian Linux, Mandrake Linux, Eperl and 1 more | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple buffer overflows in ePerl before 2.2.14-0.7 allow local and remote attackers to execute arbitrary commands. | |||||
| CVE-2002-0498 | 1 Etnus | 1 Totalview | 2025-04-03 | 4.6 MEDIUM | N/A |
| Etnus TotalView 5.0.0-4 installs certain files with UID 5039 and GID 59, which could allow local users with that UID or GID to modify the files and gain privileges as other TotalView users. | |||||
| CVE-2006-4530 | 1 Membrepass | 1 Membrepass | 2025-04-03 | 7.5 HIGH | N/A |
| Direct static code injection vulnerability in include/change.php in membrepass 1.5 allows remote attackers to execute arbitrary PHP code via the aifon parameter, which is injected into include/variable.php. | |||||
| CVE-2004-0525 | 1 Hp | 1 Integrated Lights-out Firmware | 2025-04-03 | 5.0 MEDIUM | N/A |
| HP Integrated Lights-Out (iLO) 1.10 and other versions before 1.55 allows remote attackers to cause a denial of service (hang) by accessing iLO using the TCP/IP reserved port zero. | |||||
| CVE-2001-1249 | 1 Vwebserver | 1 Vwebserver | 2025-04-03 | 5.0 MEDIUM | N/A |
| vWebServer 1.2.0 allows remote attackers to cause a denial of service via a URL that contains MS-DOS device names. | |||||
| CVE-2004-1470 | 1 Snipsnap | 1 Snipsnap | 2025-04-03 | 5.0 MEDIUM | N/A |
| CRLF injection vulnerability in SnipSnap 0.5.2a, and other versions before 1.0b1, allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server. | |||||
| CVE-2001-0763 | 2 Debian, Suse | 2 Debian Linux, Suse Linux | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in Linux xinetd 2.1.8.9pre11-1 and earlier may allow remote attackers to execute arbitrary code via a long ident response, which is not properly handled by the svc_logprint function. | |||||
| CVE-2003-1070 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in rpcbind for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (rpcbind crash). | |||||
| CVE-2005-2324 | 1 Clever Copy | 1 Clever Copy | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Clever Copy 2.0 and 2.0a allows remote attackers to inject arbitrary web script or HTML via the searchtype or searchterm parameters to (1) results.php or (2) categorysearch.php. | |||||
| CVE-2005-4372 | 1 Liquid Bytes Technologies | 1 Adaptive Website Framework | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in account.html in Adaptive Website Framework (AWF) 2.10 and earlier allows remote attackers to inject arbitrary web script or HTML via the page parameter. | |||||
| CVE-2004-2004 | 1 Suse | 1 Suse Linux | 2025-04-03 | 10.0 HIGH | N/A |
| The Live CD in SUSE LINUX 9.1 Personal edition is configured without a password for root, which allows remote attackers to gain privileges via SSH. | |||||
| CVE-2005-4823 | 1 Hp | 1 Http Server | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in the HP HTTP Server 5.0 through 5.95 of the HP Web-enabled Management Software allows remote attackers to execute arbitrary code via unknown vectors. | |||||
| CVE-2000-0612 | 1 Microsoft | 2 Windows 95, Windows 98 | 2025-04-03 | 5.0 MEDIUM | N/A |
| Windows 95 and Windows 98 do not properly process spoofed ARP packets, which allows remote attackers to overwrite static entries in the cache table. | |||||
| CVE-2005-0961 | 1 Horde | 1 Application Framework | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Horde 3.0.4 before 3.0.4-RC2 allows remote attackers to inject arbitrary web script or HTML via the parent frame title. | |||||
| CVE-2006-4022 | 1 Intel | 1 2100 Proset Wireless | 2025-04-03 | 4.6 MEDIUM | N/A |
| Intel 2100 PRO/Wireless Network Connection driver PROSet before 7.1.4.6 allows local users to corrupt memory and execute code via "requests for capabilities from higher-level protocol drivers or user-level applications" involving crafted frames, a different issue than CVE-2006-3992. | |||||