Total
29553 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-0126 | 1 Multitech | 1 Routefinder 550 Vpn | 2025-04-03 | 7.5 HIGH | N/A |
| The web interface for SOHO Routefinder 550 firmware 4.63 and earlier, and possibly later versions, has a default "admin" account with a blank password, which could allow attackers on the LAN side to conduct unauthorized activities. | |||||
| CVE-2006-4166 | 1 Tinywebgallery | 1 Tinywebgallery | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in TinyWebGallery 1.5 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the image parameter to (1) image.php or (2) image.php2. | |||||
| CVE-1999-0316 | 1 Sam Lantinga | 1 Splitvt | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in Linux splitvt command gives root access to local users. | |||||
| CVE-1999-0506 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2025-04-03 | 7.2 HIGH | N/A |
| A Windows NT domain user or administrator account has a default, null, blank, or missing password. | |||||
| CVE-1999-0687 | 4 Cde, Digital, Ibm and 1 more | 5 Cde, Unix, Aix and 2 more | 2025-04-03 | 7.5 HIGH | N/A |
| The ToolTalk ttsession daemon uses weak RPC authentication, which allows a remote attacker to execute commands. | |||||
| CVE-2006-4338 | 1 Gzip | 1 Gzip | 2025-04-03 | 5.0 MEDIUM | N/A |
| unlzh.c in the LHZ component in gzip 1.3.5 allows context-dependent attackers to cause a denial of service (infinite loop) via a crafted GZIP archive. | |||||
| CVE-2002-1887 | 1 Gregory Kokanosky | 1 Phpmynewsletter | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in customize.php for phpMyNewsletter 0.6.10 allows remote attackers to execute arbitrary PHP code via the l parameter. | |||||
| CVE-2002-1457 | 1 Leszek Krupinski | 1 L-forum | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in search.php for L-Forum 2.40 allows remote attackers to execute arbitrary SQL statements via the search parameter. | |||||
| CVE-2004-0483 | 1 Sgi | 1 Irix | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in rpc.mountd for SGI IRIX 6.5.24 allows remote attackers to cause a denial of service (infinite loop) via certain RPC requests. | |||||
| CVE-2002-0572 | 3 Freebsd, Openbsd, Sun | 4 Freebsd, Openbsd, Solaris and 1 more | 2025-04-03 | 7.2 HIGH | N/A |
| FreeBSD 4.5 and earlier, and possibly other BSD-based operating systems, allows local users to write to or read from restricted files by closing the file descriptors 0 (standard input), 1 (standard output), or 2 (standard error), which may then be reused by a called setuid process that intended to perform I/O on normal files. | |||||
| CVE-2002-1572 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 10.0 HIGH | N/A |
| Signed integer overflow in the bttv_read function in the bttv driver (bttv-driver.c) in Linux kernel before 2.4.20 has unknown impact and attack vectors. | |||||
| CVE-2005-3535 | 1 Ketm | 1 Ketm | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in KETM 0.0.6 allows local users to execute arbitrary code via unknown vectors. | |||||
| CVE-2002-0115 | 1 Martin Roesch | 1 Snort | 2025-04-03 | 5.0 MEDIUM | N/A |
| Snort 1.8.3 does not properly define the minimum ICMP header size, which allows remote attackers to cause a denial of service (crash and core dump) via a malformed ICMP packet. | |||||
| CVE-2001-0523 | 1 Eeye Digital Security | 2 Secureiis, Securells | 2025-04-03 | 7.5 HIGH | N/A |
| eEye SecureIIS versions 1.0.3 and earlier allows a remote attacker to bypass filtering of requests made to SecureIIS by escaping HTML characters within the request, which could allow a remote attacker to use restricted variables and perform directory traversal attacks on vulnerable programs that would otherwise be protected. | |||||
| CVE-2005-1609 | 1 Sun | 1 Storedge 6130 Arrays | 2025-04-03 | 7.5 HIGH | N/A |
| Unknown vulnerability in Sun StorEdge 6130 Arrays (SE6130) with serial numbers between 0451AWF00G and 0513AWF00J allows local users and remote attackers to delete data. | |||||
| CVE-2005-3095 | 1 Avi Alkalay | 1 Notify | 2025-04-03 | 7.5 HIGH | N/A |
| Avi Alkalay notify program, dated 19 Aug 2001, allows remote attackers to execute arbitrary commands via shell metacharacters in the from parameter. | |||||
| CVE-2006-1122 | 1 D2ksoft | 1 D2kblog | 2025-04-03 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Default.asp in D2KBlog 1.0.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the msg parameter. | |||||
| CVE-2006-2751 | 1 Open Searchable Image Catalogue | 1 Open Searchable Image Catalogue | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Open Searchable Image Catalogue (OSIC) 0.7.0.1 and earlier allows remote attackers to inject arbitrary web scripts or HTML via the item_list parameter in search.php. | |||||
| CVE-2002-1831 | 1 Microsoft | 1 Msn Messenger | 2025-04-03 | 5.0 MEDIUM | N/A |
| Microsoft MSN Messenger Service 1.0 through 4.6 allows remote attackers to cause a denial of service (crash) via an invite request that contains hex-encoded spaces (%20) in the Invitation-Cookie field. | |||||
| CVE-2002-0641 | 1 Microsoft | 2 Msde, Sql Server | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in bulk insert procedure of Microsoft SQL Server 2000, including Microsoft SQL Server Desktop Engine (MSDE) 2000, allows attackers with database administration privileges to execute arbitrary code via a long filename in the BULK INSERT query. | |||||