Total
29554 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-4471 | 1 Avaya | 1 Modular Messaging Message Storage Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| POP3 service in Avaya Modular Messaging Message Storage Server (MSS) 2.0 SP 4 and earlier allows remote attackers to cause a denial of service (infinite loop) via crafted packets. | |||||
| CVE-2006-4436 | 1 Openbsd | 1 Openbsd | 2025-04-03 | 5.0 MEDIUM | N/A |
| isakmpd in OpenBSD 3.8, 3.9, and possibly earlier versions, creates Security Associations (SA) with a replay window of size 0 when isakmpd acts as a responder during SA negotiation, which allows remote attackers to replay IPSec packets and bypass the replay protection. | |||||
| CVE-2001-1518 | 1 Microsoft | 1 Windows 2000 | 2025-04-03 | 2.1 LOW | N/A |
| RunAs (runas.exe) in Windows 2000 only creates one session instance at a time, which allows local users to cause a denial of service (RunAs hang) by creating a named pipe session with the authentication server without any request for service. NOTE: the vendor disputes this vulnerability, however the vendor also presents a scenario in which other users could be affected if running on a Terminal Server. Therefore this is a vulnerability. | |||||
| CVE-2005-0553 | 1 Microsoft | 2 Ie, Internet Explorer | 2025-04-03 | 5.1 MEDIUM | N/A |
| Race condition in the memory management routines in the DHTML object processor in Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via a malicious web page or HTML e-mail, aka "DHTML Object Memory Corruption Vulnerability". | |||||
| CVE-2000-0807 | 1 Checkpoint | 1 Firewall-1 | 2025-04-03 | 7.5 HIGH | N/A |
| The OPSEC communications authentication mechanism (fwn1) in Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to spoof connections, aka the "OPSEC Authentication Vulnerability." | |||||
| CVE-2005-0185 | 1 Mnet Soft Factory | 1 Nodemanager Professional | 2025-04-03 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in NodeManager Professional 2.00 allows remote attackers to execute arbitrary commands via a LinkDown-Trap packet that contains a long OCTET-STRING in the Trap variable-bindings field. | |||||
| CVE-2006-4940 | 1 Moodle | 1 Moodle | 2025-04-03 | 5.0 MEDIUM | N/A |
| login/forgot_password.php in Moodle before 1.6.2 allows remote attackers to obtain sensitive information (e-mail addresses and Moodle account names) via a find action. | |||||
| CVE-2003-0496 | 1 Microsoft | 2 Windows 2000, Windows 2000 Terminal Services | 2025-04-03 | 7.2 HIGH | N/A |
| Microsoft SQL Server before Windows 2000 SP4 allows local users to gain privileges as the SQL Server user by calling the xp_fileexist extended stored procedure with a named pipe as an argument instead of a normal file. | |||||
| CVE-2001-1152 | 1 Baltimore Technologies | 1 Websweeper | 2025-04-03 | 7.5 HIGH | N/A |
| Baltimore Technologies WEBsweeper 4.02, when used to manage URL blacklists, allows remote attackers to bypass blacklist restrictions and connect to unauthorized web servers by modifying the requested URL, including (1) a // (double slash), (2) a /SUBDIR/.. where the desired file is in the parentdir, (3) a /./, or (4) URL-encoded characters. | |||||
| CVE-2004-2002 | 1 Sgi | 1 Irix | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in SGI IRIX 6.5 through 6.5.22m allows remote attackers to cause a denial of service via a certain UDP packet. | |||||
| CVE-2005-0860 | 1 The Rusted Gate | 1 Trg News | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in TRG News Script 3.0 allows remote attackers to execute arbitrary PHP code via the dir parameter to (1) article.php, (2) authorall.php, (3) comment.php, (4) display.php, or (5) displayall.php. | |||||
| CVE-2005-2123 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple integer overflows in the Graphics Rendering Engine (GDI32.DLL) in Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allow remote attackers to execute arbitrary code via crafted Windows Metafile (WMF) and Enhanced Metafile (EMF) format images that lead to heap-based buffer overflows, as demonstrated using MRBP16::bCheckRecord. | |||||
| CVE-2006-2631 | 1 Phpfox | 1 Phpfox | 2025-04-03 | 4.0 MEDIUM | N/A |
| phpFoX allows remote authenticated users to modify arbitrary accounts via a modified NATIO cookie value, possibly the phpfox_user parameter. | |||||
| CVE-2006-3270 | 1 Thorcms | 1 Thorcms | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in cms_admin.php in THoRCMS 1.3.1 allows remote attackers to execute arbitrary SQL commands via multiple unspecified parameters, such as the add_link_mid parameter. NOTE: the provenance of this information is unknown; portions of the details are obtained from third party information. | |||||
| CVE-2004-2470 | 1 Madbms | 1 Madbms | 2025-04-03 | 10.0 HIGH | N/A |
| Unspecified vulnerability in MadBMS before 1.1.5 has unknown impact and attack vectors, related to logins. | |||||
| CVE-1999-1027 | 1 Sun | 1 Solaris | 2025-04-03 | 7.2 HIGH | N/A |
| Solaris 2.6 HW3/98 installs admintool with world-writable permissions, which allows local users to gain privileges by replacing it with a Trojan horse program. | |||||
| CVE-2004-1172 | 1 Symantec Veritas | 1 Backup Exec | 2025-04-03 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in the Agent Browser in Veritas Backup Exec 8.x before 8.60.3878 Hotfix 68, and 9.x before 9.1.4691 Hotfix 40, allows remote attackers to execute arbitrary code via a registration request with a long hostname. | |||||
| CVE-2006-0538 | 1 Ciphertrust | 1 Ironmail | 2025-04-03 | 2.6 LOW | N/A |
| CipherTrust IronMail 5.0.1, when "Denial of Service Protection" is enabled, allows remote attackers to cause a denial of service (possibly CPU consumption) via a SYN flood with malformed TCP packets from multiple connections. | |||||
| CVE-2005-0381 | 1 Forumkit | 1 Forumkit | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in f.aspx in forumKIT 1.0 allows remote attackers to inject arbitrary web script or HTML via the members parameter. | |||||
| CVE-2003-0619 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 5.0 MEDIUM | N/A |
| Integer signedness error in the decode_fh function of nfs3xdr.c in Linux kernel before 2.4.21 allows remote attackers to cause a denial of service (kernel panic) via a negative size value within XDR data of an NFSv3 procedure call. | |||||