Total
29682 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-1099 | 1 Sun | 1 Jdk | 2025-04-03 | 5.1 MEDIUM | N/A |
| Java Runtime Environment in Java Development Kit (JDK) 1.2.2_05 and earlier can allow an untrusted Java class to call into a disallowed class, which could allow an attacker to escape the Java sandbox and conduct unauthorized activities. | |||||
| CVE-2002-0878 | 1 Logisense | 2 Dns Manager System, Hawk-i | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the login form for LogiSense software including (1) Hawk-i Billing, (2) Hawk-i ASP and (3) DNS Manager allows remote attackers to bypass authentication via SQL code in the password field. | |||||
| CVE-2003-0460 | 1 Apache | 1 Http Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| The rotatelogs program on Apache before 1.3.28, for Windows and OS/2 systems, does not properly ignore certain control characters that are received over the pipe, which could allow remote attackers to cause a denial of service. | |||||
| CVE-2001-0720 | 1 Apple | 1 Mac Os X | 2025-04-03 | 7.5 HIGH | N/A |
| Internet Explorer 5.1 for Macintosh on Mac OS X allows remote attackers to execute arbitrary commands by causing a BinHex or MacBinary file type to be downloaded, which causes the files to be executed if automatic decoding is enabled. | |||||
| CVE-2004-0573 | 1 Microsoft | 5 Frontpage, Office, Publisher and 2 more | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the converter for Microsoft WordPerfect 5.x on Office 2000, Office XP, Office 2003, and Works Suites 2001 through 2004 allows remote attackers to execute arbitrary code via a malicious document or website. | |||||
| CVE-1999-0707 | 1 Hp | 2 Hp-ux, Visualize Conference Ftp | 2025-04-03 | 7.5 HIGH | N/A |
| The default FTP configuration in HP Visualize Conference allows conference users to send a file to other participants without authorization. | |||||
| CVE-2002-2091 | 1 Decfingerd | 1 Decfingerd | 2025-04-03 | 7.5 HIGH | N/A |
| Format string vulnerability in Deception Finger Daemon, decfingerd, 0.7 may allow remote attackers to execute arbitrary code via the username of a finger request. | |||||
| CVE-2002-0940 | 1 Ncipher | 1 Mscapi Csp | 2025-04-03 | 4.6 MEDIUM | N/A |
| domesticinstall.exe for nCipher MSCAPI CSP 5.50 and 5.54 does not use Operator Card Set protected keys when the user requests them but does not generate the Operator Card Set, which results in a lower protection level than specified by the user (module protection only). | |||||
| CVE-2001-0359 | 2 Sierra, Valve Software | 2 Half-life, Half-life Dedicated Server | 2025-04-03 | 7.5 HIGH | N/A |
| Format string vulnerability in Sierra Half-Life build 1573 and earlier allows a remote attacker to execute arbitrary code via the map command. | |||||
| CVE-2000-0521 | 1 Michael Lamont | 1 Savant Webserver | 2025-04-03 | 5.0 MEDIUM | N/A |
| Savant web server allows remote attackers to read source code of CGI scripts via a GET request that does not include the HTTP version number. | |||||
| CVE-2002-2012 | 1 Apache | 1 Http Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in Apache 1.3.19 running on HP Secure OS for Linux 1.0 allows remote attackers to cause "unexpected results" via an HTTP request. | |||||
| CVE-2005-3216 | 1 Sophos | 1 Sophos Anti-virus | 2025-04-03 | 5.1 MEDIUM | N/A |
| Multiple interpretation error in unspecified versions of Sophos Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper. | |||||
| CVE-2005-2961 | 1 Prozilla | 1 Prozilla Download Accelerator | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the get_string_ahref function for ProZilla 1.3.7.4 and possibly earlier, with the -ftpsearch option enabled, allows remote servers to execute arbitrary code via a search response with a crafted string in the HREF field of an <A> tag. | |||||
| CVE-2002-0705 | 1 Surfcontrol | 2 Superscout Web Filter, Web Filter | 2025-04-03 | 7.5 HIGH | N/A |
| The Web Reports Server for SurfControl SuperScout WebFilter stores the "scwebusers" username and password file in a web-accessible directory, which allows remote attackers to obtain valid usernames and crack the passwords. | |||||
| CVE-2006-2184 | 1 Chadha Software Technologies | 1 Phpkb Knowledge Base | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in search.php in PHPKB Knowledge Base allows remote attackers to inject arbitrary web script or HTML via the searchkeyword parameter. NOTE: the issue was originally disputed by the vendor, but on 20060519, the vendor notified CVE that "We have fixed all the mentioned issues and now the search section of PHPKB script is free from any XSS issues." | |||||
| CVE-2006-4328 | 1 Cloudnine Interactive | 1 Links Manager | 2025-04-03 | 5.1 MEDIUM | N/A |
| SQL injection vulnerability in admin.php in CloudNine Interactive Links Manager 2006-06-12, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the nick parameter. | |||||
| CVE-1999-0990 | 1 Gnome | 1 Gdm | 2025-04-03 | 2.1 LOW | N/A |
| Error messages generated by gdm with the VerboseAuth setting allows an attacker to identify valid users on a system. | |||||
| CVE-2005-3577 | 1 Walla Telesite | 1 Walla Telesite | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting vulnerability (XSS) in ts.exe (aka ts.cgi) in Walla TeleSite 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the sug parameter. | |||||
| CVE-2004-2194 | 1 Mailenable | 2 Mailenable Enterprise, Mailenable Professional | 2025-04-03 | 5.0 MEDIUM | N/A |
| MailEnable Professional Edition before 1.53 and Enterprise Edition before 1.02 allows remote attackers to cause a denial of service (crash) via malformed (1) SMTP or (2) IMAP commands. | |||||
| CVE-2005-3077 | 1 Microsoft | 1 Ie For Macintosh | 2025-04-03 | 5.0 MEDIUM | N/A |
| Microsoft Internet Explorer 5.2.3 for Mac OS allows remote attackers to cause a denial of service (crash) via a web page with malformed attributes in a BGSOUND tag, possibly involving double-quotes in an about: URI. | |||||