Total
29560 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-2063 | 1 Antiboard | 1 Antiboard | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in antiboard.php in AntiBoard 0.7.2 and earlier allows remote attackers to inject arbitrary HTML or web script via the feedback parameter. | |||||
| CVE-2002-1534 | 1 Macromedia | 1 Flash Player | 2025-04-03 | 5.0 MEDIUM | N/A |
| Macromedia Flash Player allows remote attackers to read arbitrary files via XML script in a .swf file that is hosted on a remote SMB share. | |||||
| CVE-2006-2074 | 1 Juniper | 1 Junose | 2025-04-03 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Juniper Networks JUNOSe E-series routers before 7-1-1 has unknown impact and remote attack vectors related to the DNS "client code," as demonstrated by the OUSPG PROTOS DNS test suite. | |||||
| CVE-2005-0425 | 1 Ibm | 1 Websphere Application Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in IBM Websphere Application Server 5.0, 5.1, and 6.0 when running on Windows, allows remote attackers to obtain the source code for Java Server Pages (.jsp) via a crafted URL that causes the page to be processed by the file serving servlet instead of the JSP engine. | |||||
| CVE-2006-2639 | 1 Phpsimplechoose | 1 Phpsimplechoose | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the input forms in prattmic and Master5006 PHPSimpleChoose 0.3 allows remote attackers to inject arbitrary web script or HTML via a javascript URI in the SRC attribute of an IMG element. | |||||
| CVE-2006-0933 | 1 Phpx | 1 Phpx | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in PHPX 3.5.9 allows remote attackers to inject arbitrary web script or HTML via a javascript URI in a url XCode tag in a posted message. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2001-1437 | 1 Easyscripts | 1 Easynews | 2025-04-03 | 7.5 HIGH | N/A |
| easyScripts easyNews 1.5 allows remote attackers to obtain the full path of the web root via a view request with a non-integer news message id field, which leaks the path in a PHP error message when the script times out. | |||||
| CVE-2004-2585 | 1 Smartertools | 1 Smartermail | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in frmCompose.aspx in SmarterTools SmarterMail 1.6.1511 and 1.6.1529 allows remote attackers to inject arbitrary web script or HTML via Javascript to the "check spelling" feature in the compose area. | |||||
| CVE-1999-0361 | 2025-04-03 | 10.0 HIGH | N/A | ||
| NetWare version of LaserFiche stores usernames and passwords unencrypted, and allows administrative changes without logging. | |||||
| CVE-2003-0344 | 1 Microsoft | 2 Ie, Internet Explorer | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to execute arbitrary code via / (slash) characters in the Type property of an Object tag in a web page. | |||||
| CVE-2006-2434 | 1 Ibm | 1 Websphere Application Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in WebSphere 5.1.1 (or any earlier cumulative fix) Common Configuration Mode + CommonArchive and J2EE Models might allow attackers to obtain sensitive information via the trace. | |||||
| CVE-2001-0788 | 1 Internet Software Solutions | 1 Air Messenger Lan Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Internet Software Solutions Air Messenger LAN Server (AMLServer) 3.4.2 allows remote attackers to obtain an absolute path for the server directory by viewing the Location header. | |||||
| CVE-2005-3367 | 1 Sparkleblog | 1 Sparkleblog | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in journal.php in SparkleBlog 2.1 allows remote attackers to inject arbitrary web script or HTML via the name field. | |||||
| CVE-1999-1247 | 1 Hp | 1 Hp-ux | 2025-04-03 | 7.2 HIGH | N/A |
| Vulnerability in HP Camera component of HP DCE/9000 in HP-UX 9.x allows attackers to gain root privileges. | |||||
| CVE-1999-1216 | 1 Cisco | 1 Router | 2025-04-03 | 7.5 HIGH | N/A |
| Cisco routers 9.17 and earlier allow remote attackers to bypass security restrictions via certain IP source routed packets that should normally be denied using the "no ip source-route" command. | |||||
| CVE-1999-0630 | 2025-04-03 | 10.0 HIGH | N/A | ||
| The NT Alerter and Messenger services are running. | |||||
| CVE-2006-1115 | 1 Ncipher | 3 Chil, Mscapi Csp, Ncipher Software Cd | 2025-04-03 | 2.6 LOW | N/A |
| nCipher HSM before 2.22.6, when generating a Diffie-Hellman public/private key pair without any specified DiscreteLogGroup parameters, chooses random parameters that could allow an attacker to crack the private key in significantly less time than a brute force attack. | |||||
| CVE-2006-2003 | 1 Community Architect | 1 Community Architect Guestbook | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in cgi-bin/guest in Community Architect Guestbook allows remote attackers to inject arbitrary web script or HTML by signing the guestbook, which is displayed by fsguestbook.html. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2005-1128 | 1 Virtual Hosting Control System | 1 Virtual Hosting Control System | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in VHCS 2.4 and earlier allow remote attackers to execute arbitrary SQL commands via certain inputs from HTTP POST queries. | |||||
| CVE-2006-0456 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 2.1 LOW | N/A |
| The strnlen_user function in Linux kernel before 2.6.16 on IBM S/390 can return an incorrect value, which allows local users to cause a denial of service via unknown vectors. | |||||