Total
29553 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-0359 | 1 Stichting Mathematisch Centrum | 1 Nethack | 2025-04-03 | 4.6 MEDIUM | N/A |
| nethack 3.4.0 and earlier installs certain setgid binaries with insecure permissions, which allows local users to gain privileges by replacing the original binaries with malicious code. | |||||
| CVE-2000-0102 | 1 Salescart | 1 Salescart | 2025-04-03 | 7.5 HIGH | N/A |
| The SalesCart shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. | |||||
| CVE-2001-1510 | 1 Macromedia | 1 Jrun | 2025-04-03 | 5.0 MEDIUM | N/A |
| Allaire JRun 2.3.3, 3.0 and 3.1 running on IIS 4.0 and 5.0, iPlanet, Apache, JRun web server (JWS), and possibly other web servers allows remote attackers to read arbitrary files and directories by appending (1) "%3f.jsp", (2) "?.jsp" or (3) "?" to the requested URL. | |||||
| CVE-2005-4580 | 1 Day | 1 Communique | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Day Communique 4 allows remote attackers to inject arbitrary web script or HTML via the query parameter in a search. | |||||
| CVE-2006-1348 | 1 Greg Neustaetter | 1 Gcards | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Greg Neustaetter gCards 1.45 and earlier allows remote attackers to inject arbitrary web script or HTML via the lang[*][file] parameter, which is injected into an error message. NOTE: this issue might be resultant from CVE-2006-1346. | |||||
| CVE-2006-1489 | 1 Fusionzone | 1 Couponzone | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in FusionZONE CouponZONE local.cfm in 4.2 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) companyid, (2) scat, and (3) coid parameters. | |||||
| CVE-1999-0435 | 1 Hp | 1 Hp-ux | 2025-04-03 | 7.2 HIGH | N/A |
| MC/ServiceGuard and MC/LockManager in HP-UX allows local users to gain privileges through SAM. | |||||
| CVE-2000-0104 | 1 Web Express | 1 Shoptron | 2025-04-03 | 7.5 HIGH | N/A |
| The Shoptron shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. | |||||
| CVE-2006-2554 | 1 Genecys | 1 Genecys | 2025-04-03 | 6.4 MEDIUM | N/A |
| Buffer overflow in the tell_player_surr_changes function in Genecys 0.2 and earlier might allow remote attackers to execute arbitrary code via long arguments. | |||||
| CVE-2001-0283 | 1 Sun | 1 Sun Ftp | 2025-04-03 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in SunFTP build 9 allows remote attackers to read arbitrary files via .. (dot dot) characters in various commands, including (1) GET, (2) MKDIR, (3) RMDIR, (4) RENAME, or (5) PUT. | |||||
| CVE-2005-0607 | 1 Devellion | 1 Cubecart | 2025-04-03 | 5.0 MEDIUM | N/A |
| CubeCart 2.0.0 through 2.0.5 allows remote attackers to determine the full path of the server via direct calls without parameters to (1) information.php, (2) language.php, (3) list_docs.php, (4) popular_prod.php, (5) sale.php, (6) subfooter.inc.php, (7) subheader.inc.php, (8) cat_navi.php, or (9) check_sum.php, which reveals the path in a PHP error message. | |||||
| CVE-2002-0263 | 1 Ezne.net | 1 Ezboard 2000 | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in EasyBoard 2000 1.27 (aka EZboard) allows remote attackers to execute arbitrary code via a long boundary value in a multipart Content-Type header to (1) ezboard.cgi, (2) ezman.cgi, or (3) ezadmin.cgi. | |||||
| CVE-2000-0211 | 1 Microsoft | 1 Windows Media Services | 2025-04-03 | 5.0 MEDIUM | N/A |
| The Windows Media server allows remote attackers to cause a denial of service via a series of client handshake packets that are sent in an improper sequence, aka the "Misordered Windows Media Services Handshake" vulnerability. | |||||
| CVE-2005-4452 | 1 Information Call Center | 1 Information Call Center | 2025-04-03 | 5.0 MEDIUM | N/A |
| Information Call Center stores the CallCenterData.mdb database under the web root with insufficient access control, which allows remote attackers to obtain sensitive information such as usernames and passwords. | |||||
| CVE-2005-3279 | 1 Jan Kybic | 1 Bitmap Viewer | 2025-04-03 | 7.2 HIGH | N/A |
| Stack-based buffer overflow in the vgasco_printf function in Jan Kybic BitMap Viewer (BMV) 1.2, when compiled with the M_UNIX flag and running setuid, allows local users to gain privileges via a long filename in the -b command line option. | |||||
| CVE-1999-1548 | 1 Cabletron | 1 Smartswitch Router 8000 Firmware | 2025-04-03 | 5.0 MEDIUM | N/A |
| Cabletron SmartSwitch Router (SSR) 8000 firmware 2.x can only handle 200 ARP requests per second allowing a denial of service attack to succeed with a flood of ARP requests exceeding that limit. | |||||
| CVE-2005-3209 | 1 Aenovo | 3 Aenovo, Aenovoshop, Aenovowysi | 2025-04-03 | 4.6 MEDIUM | N/A |
| Aenovo products (1) aeNovo, (2) aeNovoShop, and (3) aeNovoWYSI store password information in plaintext in the (a) control, (b) content, and (c) page tables, which allows attackers with database access to obtain those passwords and gain privileges. | |||||
| CVE-2002-1694 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2025-04-03 | 5.0 MEDIUM | N/A |
| Microsoft Internet Information Server (IIS) 4.0 opens log files with FILE_SHARE_READ and FILE_SHARE_WRITE permissions, which could allow remote attackers to modify the log file contents while IIS is running. | |||||
| CVE-2002-0346 | 1 Sun | 3 Cobalt Raq 2, Cobalt Raq 3i, Cobalt Raq 4 | 2025-04-03 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerability in Cobalt RAQ 4 allows remote attackers to execute arbitrary script as other Cobalt users via Javascript in a URL to (1) service.cgi or (2) alert.cgi. | |||||
| CVE-2006-2547 | 1 Sap | 1 Sapdba | 2025-04-03 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the sapdba command in SAP with Informix before 700, and 700 up to patch 100, allows local users to execute arbitrary commands via unknown vectors related to "insecure environment variable" handling. | |||||