Total
29554 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-1093 | 1 Microsoft | 1 Internet Explorer | 2025-04-03 | 5.1 MEDIUM | N/A |
| Buffer overflow in the Window.External function in the JScript Scripting Engine in Internet Explorer 4.01 SP1 and earlier allows remote attackers to execute arbitrary commands via a malicious web page. | |||||
| CVE-2006-2791 | 1 Net Art Media | 1 Iboutique.mall | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in iBoutique.MALL and possibly iBoutique allows remote attackers to read arbitrary files via ".." sequences in the function parameter. | |||||
| CVE-2000-0462 | 1 Netbsd | 1 Netbsd | 2025-04-03 | 2.1 LOW | N/A |
| ftpd in NetBSD 1.4.2 does not properly parse entries in /etc/ftpchroot and does not chroot the specified users, which allows those users to access other files outside of their home directory. | |||||
| CVE-2005-3477 | 1 Invision Power Services | 1 Invision Gallery | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple interpretation error in the image upload handling code in Invision Gallery 2.0.3 allows remote attackers to conduct cross-site scripting (XSS) attacks via HTML or script in an image whose type does not match its extension, which is rendered by Internet Explorer due to CVE-2005-3312. NOTE: it could be argued that this vulnerability is due to a design flaw in Internet Explorer and the proper fix should be in that browser; if so, then this should not be treated as a vulnerability in Invision Gallery. | |||||
| CVE-2002-0920 | 1 Cgiscript.net | 1 Cspassword | 2025-04-03 | 5.1 MEDIUM | N/A |
| CGIScript.net csPassword.cgi stores usernames and unencrypted passwords in the password.cgi.tmp temporary file while modifying data, which could allow local users (and possibly remote attackers) to gain privileges by stealing the file before it has been processed. | |||||
| CVE-2002-0982 | 1 Microsoft | 1 Sql Server | 2025-04-03 | 7.5 HIGH | N/A |
| Microsoft SQL Server 2000 SP2, when configured as a distributor, allows attackers to execute arbitrary code via the @scriptfile parameter to the sp_MScopyscript stored procedure. | |||||
| CVE-2005-0701 | 1 Oracle | 1 Database Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Oracle Database Server 8i and 9i allows remote attackers to read or rename arbitrary files via "\\.\\.." (modified dot dot backslash) sequences to UTL_FILE functions such as (1) UTL_FILE.FOPEN or (2) UTL_FILE.frename. | |||||
| CVE-2002-0060 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 7.5 HIGH | N/A |
| IRC connection tracking helper module in the netfilter subsystem for Linux 2.4.18-pre9 and earlier does not properly set the mask for conntrack expectations for incoming DCC connections, which could allow remote attackers to bypass intended firewall restrictions. | |||||
| CVE-2006-3717 | 1 Oracle | 1 E-business Suite | 2025-04-03 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5.9 have unknown impact and attack vectors, aka Oracle Vuln# (1) APPS03 and (2) APPS04 for Oracle Application Object Library; and (3) APPS20 for Oracle XML Gateway. | |||||
| CVE-2001-0088 | 1 Jason Hines | 1 Phpweblog | 2025-04-03 | 7.5 HIGH | N/A |
| common.inc.php in phpWebLog 0.4.2 does not properly initialize the $CONF array, which inadvertently sets the password to a single character, allowing remote attackers to easily guess the SiteKey and gain administrative privileges to phpWebLog. | |||||
| CVE-2006-3951 | 1 Mam-moodle Alpha Component | 1 Mam-moodle Alpha Component | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in moodle.php in Mam-moodle alpha component (com_moodle) for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | |||||
| CVE-2001-0896 | 1 Sco | 1 Openserver | 2025-04-03 | 5.0 MEDIUM | N/A |
| Inetd in OpenServer 5.0.5 allows remote attackers to cause a denial of service (crash) via a port scan, e.g. with nmap -PO. | |||||
| CVE-2000-0924 | 1 Armada Design | 1 Master Index | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in search.cgi CGI script in Armada Master Index allows remote attackers to read arbitrary files via a .. (dot dot) attack in the "catigory" parameter. | |||||
| CVE-2006-4218 | 1 Zen Cart | 1 Zen Cart | 2025-04-03 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in Zen Cart 1.3.0.2 and earlier allows remote attackers to include and possibly execute arbitrary local files via directory traversal sequences in the typefilter parameter. | |||||
| CVE-1999-0458 | 1 L0pht | 1 L0phtcrack | 2025-04-03 | 2.1 LOW | N/A |
| L0phtcrack 2.5 used temporary files in the system TEMP directory which could contain password information. | |||||
| CVE-1999-0330 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 7.2 HIGH | N/A |
| Linux bdash game has a buffer overflow that allows local users to gain root access. | |||||
| CVE-1999-1281 | 1 Winddance Networks Corporation | 1 Breeze Network Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Development version of Breeze Network Server allows remote attackers to cause the system to reboot by accessing the configbreeze CGI program. | |||||
| CVE-2004-2354 | 2 Francisco Burzi, Warpspeed | 2 Php-nuke, 4nguestbook | 2025-04-03 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in 4nGuestbook 0.92 for PHP-Nuke 6.5 through 6.9 allows remote attackers to modify SQL statements via the entry parameter to modules.php, which can also facilitate cross-site scripting (XSS) attacks when MySQL errors are triggered. | |||||
| CVE-1999-0440 | 2 Netscape, Sun | 3 Communicator, Navigator, Java | 2025-04-03 | 7.5 HIGH | N/A |
| The byte code verifier component of the Java Virtual Machine (JVM) allows remote execution through malicious web pages. | |||||
| CVE-2002-0556 | 1 Deep Forest Software | 1 Quik-serv Webserver | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Quik-Serv HTTP server 1.1B allows remote attackers to read arbitrary files via a .. (dot dot) in a URL. | |||||