Total
29559 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-4753 | 1 Bea | 1 Weblogic Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, and 7.0 SP6 and earlier, in certain "heavy usage" scenarios, report incorrect severity levels for an audit event, which might allow attackers to perform unauthorized actions and avoid detection. | |||||
| CVE-2005-3414 | 1 Eyeos Project | 1 Eyeos | 2025-04-03 | 7.5 HIGH | N/A |
| eyeOS 0.8.4 stores usrinfo.xml under the web document root with insufficient access control, which allows remote attackers to obtain user credentials. | |||||
| CVE-2000-0194 | 1 Corel | 1 Linux | 2025-04-03 | 7.2 HIGH | N/A |
| buildxconf in Corel Linux allows local users to modify or create arbitrary files via the -x or -f parameters. | |||||
| CVE-2004-1502 | 1 Software602 | 1 602lan Suite | 2025-04-03 | 5.0 MEDIUM | N/A |
| The Telnet proxy in 602 Lan Suite 2004.0.04.0909 and earlier allows remote attackers to cause a denial of service (socket exhaustion) via a Telnet request to an IP address of the proxy's network interface, which causes a loop. | |||||
| CVE-2002-1048 | 1 Hp | 1 Jetdirect | 2025-04-03 | 7.5 HIGH | N/A |
| HP JetDirect printers allow remote attackers to obtain the administrative password for the (1) web and (2) telnet services via an SNMP request to the variable (.iso.3.6.1.4.1.11.2.3.9.4.2.1.3.9.1.1.0. | |||||
| CVE-2004-0143 | 1 Nokia | 1 6310i | 2025-04-03 | 5.0 MEDIUM | N/A |
| Multiple vulnerabilities in Nokia 6310(i) Mobile phones allow remote attackers to cause a denial of service (reset) via malformed Bluetooth OBject EXchange (OBEX) messages, probably triggering buffer overflows. | |||||
| CVE-2003-0430 | 1 Ethereal Group | 1 Ethereal | 2025-04-03 | 5.0 MEDIUM | N/A |
| The SPNEGO dissector in Ethereal 0.9.12 and earlier allows remote attackers to cause a denial of service (crash) via an invalid ASN.1 value. | |||||
| CVE-2002-0298 | 1 Nombas | 1 Scriptease Webserver | 2025-04-03 | 5.0 MEDIUM | N/A |
| ScriptEase MiniWeb Server 0.95 allows remote attackers to cause a denial of service (crash) via certain HTTP GET requests containing (1) a %2e%2e (encoded dot-dot), (2) several /../ (dot dot) sequences, (3) a missing URI, or (4) several ../ in a URI that does not begin with a / (slash) character. | |||||
| CVE-2002-0148 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2025-04-03 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerability in Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows remote attackers to execute arbitrary script as other users via an HTTP error page. | |||||
| CVE-2004-1169 | 1 Mysql | 1 Maxdb | 2025-04-03 | 5.0 MEDIUM | N/A |
| MaxDB WebTools 7.5.00.18 and earlier allows remote attackers to cause a denial of service (application crash) via an HTTP GET request for a file that does not exist, followed by two carriage returns, which causes a NULL dereference. | |||||
| CVE-2001-0181 | 1 Caldera | 3 Openlinux Desktop, Openlinux Edesktop, Openlinux Eserver | 2025-04-03 | 10.0 HIGH | N/A |
| Format string vulnerability in the error logging code of DHCP server and client in Caldera Linux allows remote attackers to execute arbitrary commands. | |||||
| CVE-2005-3340 | 1 New Breed Software | 1 Tux Paint | 2025-04-03 | 7.2 HIGH | N/A |
| The tuxpaint-import.sh script in Tux Paint (tuxpaint) 0.9.14 and earlier creates temporary files insecurely, with unknown impact and attack vectors. | |||||
| CVE-2003-0024 | 1 Aterm | 1 Aterm | 2025-04-03 | 7.5 HIGH | N/A |
| The menuBar feature in aterm 0.42 allows attackers to modify menu options and execute arbitrary commands via a certain character escape sequence that inserts the commands into the menu. | |||||
| CVE-2001-0575 | 1 Sco | 1 Openserver | 2025-04-03 | 4.6 MEDIUM | N/A |
| Buffer overflow in lpshut in SCO OpenServer 5.0.6 can allow a local attacker to gain additional privileges via a long first argument to lpshut. | |||||
| CVE-2005-0319 | 1 Alt-n | 1 Webadmin | 2025-04-03 | 4.3 MEDIUM | N/A |
| Direct remote injection vulnerability in modalfram.wdm in Alt-N WebAdmin 3.0.4 allows remote attackers to load external webpages that appear to come from the WebAdmin server, which allows remote attackers to inject arbitrary HTML or web script to facilitate cross-site scripting (XSS) and phishing attacks. | |||||
| CVE-2002-1600 | 1 Mike Spice | 1 My Classifieds | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Mike Spice's My Classifieds (classifieds.cgi) before 1.3 allows remote attackers to overwrite arbitrary files via the category parameter. | |||||
| CVE-2005-2363 | 1 Ethereal Group | 1 Ethereal | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in the (1) SMPP dissector, (2) 802.3 dissector, (3) DHCP, (4) MEGACO dissector, or (5) H1 dissector in Ethereal 0.8.15 through 0.10.11 allows remote attackers to cause a denial of service (infinite loop) via unknown attack vectors. | |||||
| CVE-2004-2139 | 1 Yabb | 1 Yabb | 2025-04-03 | 7.5 HIGH | N/A |
| Unknown vulnerability in Adminedit.pl YaBB 1 Gold before 1.3.2 allows attackers to execute arbitrary code via settings.pl. | |||||
| CVE-2005-4191 | 1 Horde | 1 Nag Task List Manager H3 | 2025-04-03 | 3.5 LOW | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in templates/tasklists/tasklists.inc in Horde Nag Task List Manager H3 before 2.0.4 allow remote authenticated users to inject arbitrary web script or HTML via (1) the tasklist's name or (2) description, when creating a new tasklist. | |||||
| CVE-2006-2946 | 1 Dmx Forum | 1 Dmx Forum | 2025-04-03 | 5.0 MEDIUM | N/A |
| Dmx Forum 2.1a stores _includes/bd.inc under the web root with insufficient access control, which allows remote attackers to obtain database username and password information. | |||||