Total
29560 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-3492 | 1 Johannes F. Kuhlmann | 1 Flatfrag | 2025-04-03 | 5.0 MEDIUM | N/A |
| FlatFrag 0.3 and earlier allows remote attackers to cause a denial of service (crash) by sending an NT_CONN_OK command from a client that is not connected, which triggers a null dereference. | |||||
| CVE-2001-1022 | 2 Gnu, Jgroff | 2 Groff, Jgroff | 2025-04-03 | 7.5 HIGH | N/A |
| Format string vulnerability in pic utility in groff 1.16.1 and other versions, and jgroff before 1.15, allows remote attackers to bypass the -S option and execute arbitrary commands via format string specifiers in the plot command. | |||||
| CVE-2006-4138 | 1 Microsoft | 1 Help File Viewer | 2025-04-03 | 7.6 HIGH | N/A |
| Multiple unspecified vulnerabilities in Microsoft Windows Help File viewer (winhlp32.exe) allow user-assisted attackers to execute arbitrary code via crafted HLP files. | |||||
| CVE-2006-3141 | 1 Dpivision | 1 Tradingeye Shop | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in details.cfm in Tradingeye Shop R4 and earlier allows remote attackers to inject arbitrary web script or HTML via the image parameter. | |||||
| CVE-2006-1482 | 1 Conftool | 1 Conftool | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in ConfTool 1.1 allows remote attackers to inject arbitrary web script or HTML via the page parameter. | |||||
| CVE-1999-0492 | 2025-04-03 | 10.0 HIGH | N/A | ||
| The ffingerd 1.19 allows remote attackers to identify users on the target system based on its responses. | |||||
| CVE-2006-3267 | 1 Infinite Core Technologies | 1 Ict | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Infinite Core Technologies (ICT) 1.0 Gold and earlier allows remote attackers to execute arbitrary SQL commands via the post parameter. | |||||
| CVE-2006-1579 | 1 Dbbs | 1 Dbbs | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in topics.php in Dynamic Bulletin Board System (DbbS) 2.0-alpha and earlier allows remote attackers to execute arbitrary SQL commands via the limite parameter. | |||||
| CVE-2001-1436 | 1 Dallas Semiconductor | 1 Ibutton | 2025-04-03 | 4.6 MEDIUM | N/A |
| Dallas Semiconductor iButton DS1991 returns predictable values when given an incorrect password, which makes it easier for users with physical access to conduct dictionary attacks against the device password. | |||||
| CVE-2000-1048 | 1 Qbik | 1 Wingate | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the logfile service of Wingate 4.1 Beta A and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack via an HTTP GET request that uses encoded characters in the URL. | |||||
| CVE-2005-0846 | 1 Netwin | 1 Surgemail | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the email auto-reply message in SurgeMail 2.2g3 allow remote attackers to inject arbitrary web script or HTML via the (1) message subject or (2) message header field. | |||||
| CVE-2005-2831 | 1 Microsoft | 2 Ie, Internet Explorer | 2025-04-03 | 7.5 HIGH | N/A |
| Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a web page with embedded CLSIDs that reference certain COM objects that are not intended for use within Internet Explorer, aka a variant of the "COM Object Instantiation Memory Corruption Vulnerability," a different vulnerability than CVE-2005-2127. | |||||
| CVE-2005-2258 | 1 Squitosoft | 1 Squito Gallery | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in photolist.inc.php in Squito Gallery 1.33 allows remote attackers to execute arbitrary code via the photoroot parameter. | |||||
| CVE-2002-0642 | 1 Microsoft | 2 Msde, Sql Server | 2025-04-03 | 7.2 HIGH | N/A |
| The registry key containing the SQL Server service account information in Microsoft SQL Server 2000, including Microsoft SQL Server Desktop Engine (MSDE) 2000, has insecure permissions, which allows local users to gain privileges, aka "Incorrect Permission on SQL Server Service Account Registry Key." | |||||
| CVE-2006-3598 | 1 Php-nuke | 1 Sections Module | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Sections module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the artid parameter in a viewarticle op. | |||||
| CVE-2001-1369 | 1 Leon J Breedt | 1 Pam-pgsql | 2025-04-03 | 7.5 HIGH | N/A |
| Leon J Breedt pam-pgsql before 0.5.2 allows remote attackers to execute arbitrary SQL code and bypass authentication or modify user account records by injecting SQL statements into user or password fields. | |||||
| CVE-1999-0464 | 1 Tripwire | 1 Tripwire | 2025-04-03 | 2.1 LOW | N/A |
| Local users can perform a denial of service in Tripwire 1.2 and earlier using long filenames. | |||||
| CVE-2004-0241 | 1 Qualiteam | 1 X-cart | 2025-04-03 | 10.0 HIGH | N/A |
| X-Cart 3.4.3 allows remote attackers to execute arbitrary commands via the perl_binary argument in (1) upgrade.php or (2) general.php. | |||||
| CVE-1999-0315 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in Solaris fdformat command gives root access to local users. | |||||
| CVE-1999-0423 | 1 Hp | 1 Hp-ux | 2025-04-03 | 4.6 MEDIUM | N/A |
| Vulnerability in hpterm on HP-UX 10.20 allows local users to gain additional privileges. | |||||