Total
29553 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-2178 | 1 Devoybb | 1 Devoybb Web Forum | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in DevoyBB Web Forum 1.0.0 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | |||||
| CVE-1999-0248 | 1 Ssh | 1 Ssh | 2025-04-03 | 10.0 HIGH | N/A |
| A race condition in the authentication agent mechanism of sshd 1.2.17 allows an attacker to steal another user's credentials. | |||||
| CVE-2000-0199 | 1 Microsoft | 1 Sql Server | 2025-04-03 | 7.2 HIGH | N/A |
| When a new SQL Server is registered in Enterprise Manager for Microsoft SQL Server 7.0 and the "Always prompt for login name and password" option is not set, then the Enterprise Manager uses weak encryption to store the login ID and password. | |||||
| CVE-2006-2931 | 1 Hotwebscripts | 1 Cms Mundo | 2025-04-03 | 5.1 MEDIUM | N/A |
| CMS Mundo before 1.0 build 008 does not properly verify uploaded image files, which allows remote attackers to execute arbitrary PHP code by uploading and later directly accessing certain files. | |||||
| CVE-2003-0909 | 1 Microsoft | 1 Windows Xp | 2025-04-03 | 7.2 HIGH | N/A |
| Windows XP allows local users to execute arbitrary programs by creating a task at an elevated privilege level through the eventtriggers.exe command-line tool or the Task Scheduler service, aka "Windows Management Vulnerability." | |||||
| CVE-2004-2366 | 1 Globalscape | 1 Secure Ftp Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Buffer overflow in GlobalSCAPE Secure FTP Server 2.0 B03.11.2004.2 allows remote attackers to cause a denial of service (crash) via a SITE command with a long argument. | |||||
| CVE-2004-2566 | 1 Liveworld | 4 Livechat, Livefocusgroup, Liveforum and 1 more | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in LiveWorld products, possibly including (1) LiveForum, (2) LiveQ&A, (3) LiveChat, and (4) LiveFocusGroup, allow remote attackers to inject arbitrary web script or HTML via the q parameter in (a) search.jsp, (b) findclub!execute.jspa, and (c) search!execute.jspa. | |||||
| CVE-1999-0618 | 2025-04-03 | 10.0 HIGH | N/A | ||
| The rexec service is running. | |||||
| CVE-2005-1100 | 1 Salim Gasmi | 1 Gld | 2025-04-03 | 7.5 HIGH | N/A |
| Format string vulnerability in the ErrorLog function in cnf.c in Greylisting daemon (GLD) 1.3 and 1.4 allows remote attackers to execute arbitrary code via format string specifiers in data that is passed directly to syslog. | |||||
| CVE-2005-0329 | 1 Zipgenius | 1 Zipgenius | 2025-04-03 | 2.6 LOW | N/A |
| Directory traversal vulnerability in ZipGenius 5.5 and earlier allows remote attackers to create and possibly modify arbitrary files via a ZIP file with a file whose name includes .. (dot dot) sequences. | |||||
| CVE-2004-1055 | 2 Gentoo, Phpmyadmin | 2 Linux, Phpmyadmin | 2025-04-03 | 6.8 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2.6.0-pl2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the PmaAbsoluteUri parameter, (2) the zero_rows parameter in read_dump.php, (3) the confirm form, or (4) an error message generated by the internal phpMyAdmin parser. | |||||
| CVE-2002-2267 | 1 Bogofilter | 1 Bogopass Email Filter | 2025-04-03 | 7.2 HIGH | N/A |
| bogopass in bogofilter 0.9.0.4 allows local users to overwrite arbitrary files via a symlink attack on the bogopass temporary file. | |||||
| CVE-2001-0113 | 1 Omnicron | 1 Omnihttpd | 2025-04-03 | 10.0 HIGH | N/A |
| statsconfig.pl in OmniHTTPd 2.07 allows remote attackers to execute arbitrary commands via the mostbrowsers parameter, whose value is used as part of a generated Perl script. | |||||
| CVE-2005-1077 | 1 Xampp | 1 Apache Distribution | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in XAMPP 1.4.x allow remote attackers to inject arbitrary web script or HTML via (1) cds.php, (2) Guestbook-EN.pl, or (3) phonebook.php. | |||||
| CVE-2005-2153 | 1 Osticket | 1 Osticket Sts | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in class.ticket.php in osTicket 1.3.1 beta and earlier allows remote attackers to execute arbitrary SQL commands via the ticket variable. | |||||
| CVE-2006-3930 | 1 Mamboxchange | 1 A6mambohelpdesk | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in admin.a6mambohelpdesk.php in a6mambohelpdesk Mambo Component 18RC1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_live_site parameter. | |||||
| CVE-2000-0713 | 1 Adobe | 3 Acrobat, Acrobat Business Tools, Acrobat Reader | 2025-04-03 | 7.6 HIGH | N/A |
| Buffer overflow in Adobe Acrobat 4.05, Reader, Business Tools, and Fill In products that handle PDF files allows attackers to execute arbitrary commands via a long /Registry or /Ordering specifier. | |||||
| CVE-2006-2761 | 1 Hitachi | 1 Hitsenser3 | 2025-04-03 | 6.4 MEDIUM | N/A |
| SQL injection vulnerability in Hitachi HITSENSER3 HITSENSER3/PRP, HITSENSER3/PUP, HITSENSER3/STP, and HITSENSER3/EUP allows remote attackers to execute arbitrary SQL commands via unknown attack vectors. | |||||
| CVE-2005-0965 | 1 Rob Flynn | 1 Gaim | 2025-04-03 | 5.0 MEDIUM | N/A |
| The gaim_markup_strip_html function in Gaim 1.2.0, and possibly earlier versions, allows remote attackers to cause a denial of service (application crash) via a string that contains malformed HTML, which causes an out-of-bounds read. | |||||
| CVE-2003-0621 | 1 Bea | 2 Tuxedo, Weblogic Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| The Administration Console for BEA Tuxedo 8.1 and earlier allows remote attackers to determine the existence of files outside the web root via modified paths in the INIFILE argument. | |||||