Total
29560 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-1474 | 1 Hp | 1 Tru64 | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unknown vulnerability or vulnerabilities in TCP/IP component for HP Tru64 UNIX 4.0f, 4.0g, and 5.0a allows remote attackers to cause a denial of service. | |||||
| CVE-2002-2065 | 1 Webcalendar | 1 Webcalendar | 2025-04-03 | 5.0 MEDIUM | N/A |
| WebCalendar 0.9.34 and earlier with 'browsing in includes directory' enabled allows remote attackers to read arbitrary include files with .inc extensions from the web root. | |||||
| CVE-2002-1287 | 1 Microsoft | 1 Java Virtual Machine | 2025-04-03 | 5.0 MEDIUM | N/A |
| Stack-based buffer overflow in the Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to cause a denial of service via a long class name through (1) Class.forName or (2) ClassLoader.loadClass. | |||||
| CVE-2000-0939 | 1 Samba | 1 Samba | 2025-04-03 | 5.0 MEDIUM | N/A |
| Samba Web Administration Tool (SWAT) in Samba 2.0.7 allows remote attackers to cause a denial of service by repeatedly submitting a nonstandard URL in the GET HTTP request and forcing it to restart. | |||||
| CVE-2005-0323 | 1 Captaris | 1 Infinite Mobile Delivery Webmail | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Infinite Mobile Delivery Webmail 2.6 allows remote attackers to inject arbitrary web script or HTML via the URL. | |||||
| CVE-2004-2091 | 1 Microsoft | 1 Baseline Security Analyzer | 2025-04-03 | 5.0 MEDIUM | N/A |
| Microsoft Baseline Security Analyzer (MBSA) 1.2 does not correctly identify systems that have been patched but remain vulnerable to exploit until the system is rebooted, possibly giving the administrator a false sense of security. | |||||
| CVE-2006-4836 | 1 Codeworx Technologies | 1 Dcp-portal | 2025-04-03 | 5.1 MEDIUM | N/A |
| SQL injection vulnerability in login.php in DCP-Portal SE 6.0 allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: The lostpassword.php and calendar.php vectors are already covered by CVE-2005-3365, and the search.php vector is already covered by CVE-2005-4227. | |||||
| CVE-2006-1413 | 1 Htmljunction | 1 Ezhomepagepro | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in EZHomepagePro 1.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) adid or (2) aname parameter in (a) common/email.asp, (b) users/users_search.asp, or (c) users/users_profiles.asp; (3) page parameter in (d) users/users_calendar.asp; (4) usid parameter in (e) users/users_mgallery.asp; or (5) m parameter in (f) users/users_search.asp. | |||||
| CVE-2002-1974 | 1 Sharp | 1 Zaurus | 2025-04-03 | 10.0 HIGH | N/A |
| The FTP service in Zaurus PDAs SL-5000D and SL-5500 does not require authentication, which allows remote attackers to access the file system as root. | |||||
| CVE-1999-0056 | 1 Sun | 1 Sunos | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in Sun's ping program can give root access to local users. | |||||
| CVE-2002-1124 | 1 Purity | 1 Purity | 2025-04-03 | 7.2 HIGH | N/A |
| Multiple buffer overflows in purity 1-16 allow local users to gain privileges and modify high scores tables. | |||||
| CVE-2005-2245 | 1 F5 | 1 Tmos | 2025-04-03 | 7.5 HIGH | N/A |
| Unknown vulnerability in F5 BIG-IP 9.0.2 through 9.1 allows attackers to "subvert the authentication of SSL transactions," via unknown attack vectors, possibly involving NATIVE ciphers. | |||||
| CVE-2006-4462 | 1 Gonafish.com | 1 Linkscaffe | 2025-04-03 | 7.5 HIGH | N/A |
| Gonafish.com LinksCaffe 2.0 and 3.0 do not properly restrict access to administrator functions, which allows remote attackers to gain full administration rights via a direct request to Admin/admin1953.php. | |||||
| CVE-2006-3005 | 1 Gentoo | 2 Linux, Media-libs Jpeg | 2025-04-03 | 5.0 MEDIUM | N/A |
| The JPEG library in media-libs/jpeg before 6b-r7 on Gentoo Linux is built without the -maxmem feature, which could allow context-dependent attackers to cause a denial of service (memory exhaustion) via a crafted JPEG file that exceeds the intended memory limits. | |||||
| CVE-2004-2604 | 1 Phproxy | 1 Phproxy | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in PHProxy allows remote attackers to inject arbitrary web script or HTML via the error parameter. | |||||
| CVE-2006-0683 | 1 Virtual Hosting Control System | 1 Virtual Hosting Control System | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Virtual Hosting Control System (VHCS) 2.4.7.1 with v.1 patch and earlier allows remote attackers to inject arbitrary web script or HTML via the username, which is recorded in a log file but not properly handled when the administrator uses the admin log utility to read the log file. | |||||
| CVE-2006-4096 | 1 Isc | 1 Bind | 2025-04-03 | 5.0 MEDIUM | N/A |
| BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service (crash) via a flood of recursive queries, which cause an INSIST failure when the response is received after the recursion queue is empty. | |||||
| CVE-2006-3215 | 1 Clearswift | 2 Mailsweeper For Exchange, Mailsweeper For Smtp | 2025-04-03 | 7.5 HIGH | N/A |
| Clearswift MAILsweeper for SMTP before 4.3.20 and MAILsweeper for Exchange before 4.3.20 allows remote attackers to bypass the "text analysis", possibly bypassing SPAM and other filters, by sending an e-mail specifying a non-existent or unrecognized character set. | |||||
| CVE-2001-1053 | 1 Adcycle | 1 Adcycle | 2025-04-03 | 10.0 HIGH | N/A |
| AdLogin.pm in AdCycle 1.15 and earlier allows remote attackers to bypass authentication and gain privileges by injecting SQL code in the $password argument. | |||||
| CVE-2005-3741 | 1 Almondsoft | 1 Almond Classifieds | 2025-04-03 | 7.5 HIGH | N/A |
| Almond Classifieds does not properly verify the password, which allows attackers to bypass access restrictions. | |||||