Total
29554 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-0633 | 1 Oracle | 2 Applications, E-business Suite | 2025-04-03 | 5.0 MEDIUM | N/A |
| Multiple vulnerabilities in aoljtest.jsp of Oracle Applications AOL/J Setup Test Suite in Oracle E-Business Suite 11.5.1 through 11.5.8 allow a remote attacker to obtain sensitive information without authentication, such as the GUEST user password and the application server security key. | |||||
| CVE-2005-4391 | 1 Mindroute Software | 1 Damoon | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in damoon allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters, possibly the q parameter. | |||||
| CVE-2003-0794 | 1 Gnome | 1 Gdm | 2025-04-03 | 2.1 LOW | N/A |
| GDM 2.4.4.x before 2.4.4.4, and 2.4.1.x before 2.4.1.7, does not limit the number or duration of commands and uses a blocking socket connection, which allows attackers to cause a denial of service (resource exhaustion) by sending commands and not reading the results. | |||||
| CVE-2000-0275 | 1 Cryptocard | 1 Cryptoadmin | 2025-04-03 | 2.1 LOW | N/A |
| CRYPTOCard CryptoAdmin for PalmOS uses weak encryption to store a user's PIN number, which allows an attacker with access to the .PDB file to generate valid PT-1 tokens after cracking the PIN. | |||||
| CVE-2004-2040 | 1 E107 | 1 E107 | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in e107 0.615 allow remote attackers to inject arbitrary web script or HTML via the (1) LAN_407 parameter to clock_menu.php, (2) "email article to a friend" field, (3) "submit news" field, or (4) avmsg parameter to usersettings.php. | |||||
| CVE-2005-3461 | 1 Oracle | 1 Peoplesoft Enterprise | 2025-04-03 | 10.0 HIGH | N/A |
| Unspecified vulnerability in PeopleTools in Oracle PeopleSoft Enterprise 8.42 up to 8.45.17 has unknown impact and attack vectors, as identified by Oracle Vuln# PSE01. | |||||
| CVE-2002-0245 | 1 Lotus | 1 Domino | 2025-04-03 | 7.5 HIGH | N/A |
| Lotus Domino server 5.0.8 with NoBanner enabled allows remote attackers to (1) determine the physical path of the server via a request for a nonexistent file with a .pl (Perl) extension, which leaks the pathname in the error message, or (2) make any request that causes an HTTP 500 error, which leaks the server's version name in the HTTP error message. | |||||
| CVE-2004-0295 | 1 Transsoft | 1 Broker Ftp Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| TsFtpSrv.exe in Broker FTP 6.1.0.0 allows remote attackers to cause a denial of service (CPU consumption) via an open idle connection. | |||||
| CVE-2004-0466 | 1 Openconnect | 1 Webconnect | 2025-04-03 | 5.0 MEDIUM | N/A |
| WebConnect 6.5, 6.4.4, and possibly earlier versions allows remote attackers to cause a denial of service (hang) via a URL containing an MS-DOS device name such as (1) AUX, (2) CON, (3) PRN, (4) COM1, or (5) LPT1. | |||||
| CVE-2005-4204 | 1 Logisphere | 1 Logisphere | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in LogiSphere 0.9.9j allows remote attackers to inject arbitrary Javascript via the msg command. NOTE: due to lack of appropriate details by the original researcher, it is unclear whether this issue is distinct from the msg DoS. | |||||
| CVE-2006-2397 | 1 Gphotos | 1 Gphotos | 2025-04-03 | 5.8 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in GPhotos 1.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) rep parameter to (a) index.php or (b) diapo.php or (2) image parameter to (c) affich.php. NOTE: item 1a might be resultant from directory traversal. | |||||
| CVE-2005-0763 | 1 Midnight Commander | 1 Midnight Commander | 2025-04-03 | 4.6 MEDIUM | N/A |
| Buffer overflow in Midnight Commander (mc) 4.5.55 and earlier may allow attackers to execute arbitrary code. | |||||
| CVE-2001-1541 | 1 Bsdi | 1 Bsd Os | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in Unix-to-Unix Copy Protocol (UUCP) in BSDI BSD/OS 3.0 through 4.2 allows local users to execute arbitrary code via a long command line argument. | |||||
| CVE-2005-0378 | 1 Horde | 1 Horde | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Horde 3.0 allow remote attackers to inject arbitrary web script or HTML via the (1) group parameter to prefs.php or (2) url parameter to index.php. | |||||
| CVE-2006-4832 | 1 Verso Netperformer | 1 Frame Relay Access Device Act | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the telnet service in Verso NetPerformer FRAD ACT SDM-95xx 7.xx (R1) and earlier, SDM-93xx 10.x.x (R2) and earlier, and SDM-92xx 9.x.x (R1) and earlier allows remote attackers to cause a denial of service (reboot) and possibly execute arbitrary code via a long username. | |||||
| CVE-2005-4592 | 1 Bogofilter | 1 Email Filter | 2025-04-03 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in bogofilter and bogolexer 0.96.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via words that are longer than the input buffer used by flex. | |||||
| CVE-2005-0072 | 1 Ejoy And Hu Yong | 1 Zhcon | 2025-04-03 | 2.1 LOW | N/A |
| zhcon before 0.2 does not drop privileges before reading a user configuration file, which allows local users to read arbitrary files. | |||||
| CVE-1999-0234 | 5 Caldera, Redhat, Sgi and 2 more | 5 Openlinux, Linux, Irix and 2 more | 2025-04-03 | 4.6 MEDIUM | N/A |
| Bash treats any character with a value of 255 as a command separator. | |||||
| CVE-2005-2361 | 1 Ethereal Group | 1 Ethereal | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in the (1) AgentX dissector, (2) PER dissector, (3) DOCSIS dissector, (4) SCTP graphs, (5) HTTP dissector, (6) DCERPC, (7) DHCP, (8) RADIUS dissector, (9) Telnet dissector, (10) IS-IS LSP dissector, or (11) NCP dissector in Ethereal 0.8.19 through 0.10.11 allows remote attackers to cause a denial of service (application crash or abort) via unknown attack vectors. | |||||
| CVE-2002-0630 | 1 Polycom | 8 Viewstation 128, Viewstation 512, Viewstation Dcp and 5 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| The Telnet service for Polycom ViewStation before 7.2.4 allows remote attackers to cause a denial of service (crash) via long or malformed ICMP packets. | |||||