Total
29560 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-1046 | 1 Lotus | 1 Domino | 2025-04-03 | 10.0 HIGH | N/A |
| Multiple buffer overflows in the ESMTP service of Lotus Domino 5.0.2c and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via long (1) "RCPT TO," (2) "SAML FROM," or (3) "SOML FROM" commands. | |||||
| CVE-2005-2316 | 1 Dnrd | 1 Dnrd | 2025-04-03 | 5.0 MEDIUM | N/A |
| Domain Name Relay Daemon (DNRD) before 2.19.1 allows remote attackers to cause a denial of service (infinite recursion) via a DNS packet that uses message compression in the QNAME and two pointers that point to each other (circular buffer). | |||||
| CVE-2006-3189 | 1 Hotplug Cms | 1 Hotplug Cms | 2025-04-03 | 5.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in administration/tblcontent/login1.php in HotPlug CMS 1.0 allows remote attackers to inject arbitrary web script or HTML via the msg parameter. | |||||
| CVE-1999-0224 | 1 Microsoft | 1 Windows Nt | 2025-04-03 | 5.0 MEDIUM | N/A |
| Denial of service in Windows NT messenger service through a long username. | |||||
| CVE-2005-2468 | 1 Mysql | 1 Eventum | 2025-04-03 | 6.4 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in MySQL Eventum 1.5.5 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) isCorrectPassword or (2) userExist function in class.auth.php, getCustomFieldReport function in (4) custom_fields.php, (5) custom_fields_graph.php, or (6) class.report.php, or the insert function in (7) releases.php or (8) class.release.php. | |||||
| CVE-2000-1149 | 1 Microsoft | 1 Windows Nt | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in RegAPI.DLL used by Windows NT 4.0 Terminal Server allows remote attackers to execute arbitrary commands via a long username, aka the "Terminal Server Login Buffer Overflow" vulnerability. | |||||
| CVE-2006-1412 | 1 Tft Gallery | 1 Tft Gallery | 2025-04-03 | 5.0 MEDIUM | N/A |
| TFT Gallery 0.10 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the admin password file and obtain password hashes via a direct request to admin/passwd. | |||||
| CVE-2005-2749 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | 2.1 LOW | N/A |
| Unspecified vulnerability in the Finder Get Info window for Mac OS X 10.4 up to 10.4.2 causes Finder to misrepresent file and group ownership information. NOTE: it is not clear whether this issue satisfies the CVE definition of a vulnerability. | |||||
| CVE-1999-0865 | 1 Stalker | 1 Communigate Pro | 2025-04-03 | 5.0 MEDIUM | N/A |
| Buffer overflow in CommuniGatePro via a long string to the HTTP configuration port. | |||||
| CVE-2002-1732 | 1 Actinic | 1 Actinic Catalog | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Actinic Catalog 4.7.0 allow remote attackers to inject arbitrary web script or HTML via (1) the query string argument to certain .pl files, (2) the REFPAGE parameter to ca000007.pl, (3) PRODREF parameter to ss000007.pl, or (4) hop parameter to ca000001.pl. | |||||
| CVE-2005-2998 | 1 Bugada Andrea | 1 Php Advanced Transfer Manager | 2025-04-03 | 7.5 HIGH | N/A |
| PHP Advanced Transfer Manager 1.30 has a default password for the administrator user, which allows remote attackers to upload and execute arbitrary PHP files. | |||||
| CVE-2006-3608 | 1 Flatnuke | 1 Flatnuke | 2025-04-03 | 4.6 MEDIUM | N/A |
| The Gallery module in Simone Vellei Flatnuke 2.5.7 and earlier, when Gallery uploads are enabled, does not restrict the extensions of uploaded files that begin with a GIF header, which allows remote authenticated users to execute arbitrary PHP code via an uploaded .php file. | |||||
| CVE-2004-1696 | 1 Emulive | 1 Server4 | 2025-04-03 | 5.0 MEDIUM | N/A |
| EmuLive Server4 Commerce Edition Build 7560 allows remote attackers to cause a denial of service (application crash) via a sequence of carriage returns sent to TCP port 66. | |||||
| CVE-2003-1279 | 1 Insightful | 1 S-plus | 2025-04-03 | 4.6 MEDIUM | N/A |
| S-PLUS 6.0 allows local users to overwrite arbitrary files and possibly elevate privileges via a symlink attack on (1) /tmp/__F8499 by Sqpe, (2) /tmp/PRINT.$$.out by PRINT, (3) /tmp/SUBST$PID.TXT and /tmp/ed.cmds$PID by mustfix.hlinks, (4) /tmp/file.1 and /tmp/file.2 by sas_get, (5) /tmp/file.1 by sas_vars, and (6) /tmp/sgml2html$$tmp /tmp/sgml2html$$tmp1 /tmp/sgml2html$$tmp2 by sglm2html. | |||||
| CVE-2002-0765 | 1 Openbsd | 2 Openbsd, Openssh | 2025-04-03 | 7.5 HIGH | N/A |
| sshd in OpenSSH 3.2.2, when using YP with netgroups and under certain conditions, may allow users to successfully authenticate and log in with another user's password. | |||||
| CVE-2002-0940 | 1 Ncipher | 1 Mscapi Csp | 2025-04-03 | 4.6 MEDIUM | N/A |
| domesticinstall.exe for nCipher MSCAPI CSP 5.50 and 5.54 does not use Operator Card Set protected keys when the user requests them but does not generate the Operator Card Set, which results in a lower protection level than specified by the user (module protection only). | |||||
| CVE-2005-3072 | 1 Interchange Development Group | 1 Interchange | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in pages/forum/submit.html in Interchange 4.9.3 up to 5.2.0 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | |||||
| CVE-1999-0221 | 1 Lucent | 1 Ascend Routers | 2025-04-03 | 5.0 MEDIUM | N/A |
| Denial of service of Ascend routers through port 150 (remote administration). | |||||
| CVE-2002-0598 | 1 Foundstone | 1 Fscan | 2025-04-03 | 7.5 HIGH | N/A |
| Format string vulnerability in Foundstone FScan 1.12 with banner grabbing enabled allows remote attackers to execute arbitrary code on the scanning system via format string specifiers in the server banner. | |||||
| CVE-2002-0487 | 1 Workforceroi | 1 Xpede | 2025-04-03 | 4.6 MEDIUM | N/A |
| Intellisol Xpede 4.1 stores passwords in plaintext in a Javascript "session timeout" re-authentication capability, which could allow local users with access to gain privileges of other Xpede users by reading the password from the source file, e.g. from the browser's cache. | |||||