Total
29554 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-0478 | 1 Phpmyadmin | 1 Phpmyadmin | 2025-04-03 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in phpMyAdmin 2.2.0 and earlier versions allows remote attackers to execute arbitrary code via a .. (dot dot) in an argument to the sql.php script. | |||||
| CVE-2005-4725 | 1 Geeklog | 1 Geeklog | 2025-04-03 | 7.5 HIGH | N/A |
| Geeklog before 1.3.11sr3 allows remote attackers to bypass intended access restrictions and comment on an arbitrary story or topic by guessing the story ID. | |||||
| CVE-2005-2463 | 1 Kayako | 1 Liveresponse | 2025-04-03 | 6.4 MEDIUM | N/A |
| Kayako liveResponse 2.x allows remote attackers to obtain sensitive information via a direct request to addressbook.php and other include scripts, which reveals the path in an error message. | |||||
| CVE-2005-4712 | 1 Php Handicapper | 1 Php Handicapper | 2025-04-03 | 5.0 MEDIUM | N/A |
| CRLF injection vulnerability in process_signup.php in PHP Handicapper allows remote attackers to inject arbitrary HTTP headers via CRLF sequences in the login parameter. NOTE: the vendor has disputed CVE-2005-3497, and it is possible that the dispute was intended to include this issue as well. | |||||
| CVE-2004-2453 | 1 Tutti Nova | 1 Tutti Nova | 2025-04-03 | 10.0 HIGH | N/A |
| Unknown vulnerability in Tutti Nova 0.10 through 0.12 (Beta) and 0.9.4, when register_globals is enabled, has unknown impact and attack vectors. | |||||
| CVE-2006-2708 | 1 Secure Elements | 1 Class 5 Enterprise Vulnerability Management | 2025-04-03 | 5.0 MEDIUM | N/A |
| Secure Elements Class 5 AVR client (aka C5 EVM) before 2.8.1 allows remote attackers to read portions of process memory via a modified size for (1) EM_GET_CE_PARAMETER and (2) EM_SET_CE_PARAMETER messages, which leads to a buffer overflow (probably an over-read). | |||||
| CVE-1999-1523 | 1 Sambar | 1 Sambar Server | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in Sambar Web Server 4.2.1 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long HTTP GET request. | |||||
| CVE-1999-1551 | 1 Ipswitch | 1 Imail | 2025-04-03 | 5.0 MEDIUM | N/A |
| Buffer overflow in Ipswitch IMail Service 5.0 allows an attacker to cause a denial of service (crash) and possibly execute arbitrary commands via a long URL. | |||||
| CVE-2002-0076 | 3 Hp, Microsoft, Sun | 5 Java Jre-jdk, Virtual Machine, Jdk and 2 more | 2025-04-03 | 7.5 HIGH | N/A |
| Java Runtime Environment (JRE) Bytecode Verifier allows remote attackers to escape the Java sandbox and execute commands via an applet containing an illegal cast operation, as seen in (1) Microsoft VM build 3802 and earlier as used in Internet Explorer 4.x and 5.x, (2) Netscape 6.2.1 and earlier, and possibly other implementations that use vulnerable versions of SDK or JDK, aka a variant of the "Virtual Machine Verifier" vulnerability. | |||||
| CVE-1999-0593 | 1 Microsoft | 1 Windows Nt | 2025-04-03 | 4.9 MEDIUM | N/A |
| The default setting for the Winlogon key entry ShutdownWithoutLogon in Windows NT allows users with physical access to shut down a Windows NT system without logging in. | |||||
| CVE-2001-0714 | 1 Sendmail | 1 Sendmail | 2025-04-03 | 2.1 LOW | N/A |
| Sendmail before 8.12.1, without the RestrictQueueRun option enabled, allows local users to cause a denial of service (data loss) by (1) setting a high initial message hop count option (-h), which causes Sendmail to drop queue entries, (2) via the -qR option, or (3) via the -qS option. | |||||
| CVE-2002-0656 | 3 Apple, Openssl, Oracle | 5 Mac Os X, Openssl, Application Server and 2 more | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflows in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, allow remote attackers to execute arbitrary code via (1) a large client master key in SSL2 or (2) a large session ID in SSL3. | |||||
| CVE-2001-0563 | 1 Electrosoft | 1 Electrocomm | 2025-04-03 | 5.0 MEDIUM | N/A |
| ElectroSystems Engineering Inc. ElectroComm 2.0 and earlier allows a remote attacker to create a denial of service via large (> 160000 character) strings sent to port 23. | |||||
| CVE-2005-2839 | 1 Maxdev | 1 Md-pro | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in MAXdev MD-Pro 1.0.72 allow remote attackers to inject arbitrary web script or HTML via (1) dl-search.php or (2) wl-search.php. | |||||
| CVE-2004-2114 | 1 Internetnow | 1 Proxynow | 2025-04-03 | 10.0 HIGH | N/A |
| Stack-based and heap-based buffer overflows in ProxyNow! 2.75 and earlier allow remote attackers to execute arbitrary code via a GET request with a long ftp:// URL. | |||||
| CVE-2002-1510 | 1 Xfree86 Project | 1 X11r6 | 2025-04-03 | 10.0 HIGH | N/A |
| xdm, with the authComplain variable set to false, allows arbitrary attackers to connect to the X server if the xdm auth directory does not exist. | |||||
| CVE-2006-3062 | 1 Myphp Guestbook | 1 Myphp Guestbook | 2025-04-03 | 2.6 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in myPHP Guestbook 2.0.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the lang parameter. | |||||
| CVE-2006-0255 | 1 Checkpoint | 1 Vpn-1 | 2025-04-03 | 7.2 HIGH | N/A |
| Unquoted Windows search path vulnerability in Check Point VPN-1 SecureClient might allow local users to gain privileges via a malicious "program.exe" file in the C: folder, which is run when SecureClient attempts to launch the Sr_GUI.exe program. | |||||
| CVE-2004-0255 | 1 Xlight Ftp Server | 1 Xlight Ftp Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Xlight 1.52, with log to screen enabled, allows remote attackers to cause a denial of service by requesting a long directory consisting of . (dot) and / (slash) characters, which causes the server to crash when the administrator views the log file, possibly triggering a buffer overflow. | |||||
| CVE-1999-0796 | 1 Freebsd | 1 Freebsd | 2025-04-03 | 7.5 HIGH | N/A |
| FreeBSD T/TCP Extensions for Transactions can be subjected to spoofing attacks. | |||||