Total
29549 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-1062 | 1 T. Hauck | 1 Jana Web Server | 2025-04-03 | 7.5 HIGH | N/A |
| Signedness error in Thomas Hauck Jana Server 2.x through 2.2.1, and 1.4.6 and earlier, allows remote attackers to execute arbitrary code via long (1) Username, (2) Password, or (3) Hostname entries. | |||||
| CVE-2005-4061 | 1 Xcent | 1 Xcphotoblbum | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in PASearch.asp in XcPhotoAlbum 1.x allows remote attackers to inject arbitrary web script or HTML via the search parameters. | |||||
| CVE-2002-0954 | 1 Cisco | 1 Pix Firewall | 2025-04-03 | 7.5 HIGH | N/A |
| The encryption algorithms for enable and passwd commands on Cisco PIX Firewall can be executed quickly due to a limited number of rounds, which make it easier for an attacker to decrypt the passwords using brute force techniques. | |||||
| CVE-2002-1004 | 1 Argosoft | 1 Argosoft Mail Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in webmail feature of ArGoSoft Mail Server Plus or Pro 1.8.1.5 and earlier allows remote attackers to read arbitrary files via .. (dot dot) sequences in a URL. | |||||
| CVE-2005-2940 | 1 Microsoft | 1 Antispyware | 2025-04-03 | 7.2 HIGH | N/A |
| Unquoted Windows search path vulnerability in Microsoft Antispyware 1.0.509 (Beta 1) might allow local users to gain privileges via a malicious "program.exe" file in the C: folder, involving the programs (1) GIANTAntiSpywareMain.exe, (2) gcASNotice.exe, (3) gcasServ.exe, (4) gcasSWUpdater.exe, or (5) GIANTAntiSpywareUpdater.exe. NOTE: it is not clear whether this overlaps CVE-2005-2935. | |||||
| CVE-2000-0754 | 1 Hp | 1 Openview Network Node Manager | 2025-04-03 | 2.1 LOW | N/A |
| Vulnerability in HP OpenView Network Node Manager (NMM) version 6.1 related to passwords. | |||||
| CVE-2005-3915 | 1 Clavister | 2 Clavister Firewall, Clavister Security Gateway | 2025-04-03 | 7.5 HIGH | N/A |
| The Internet Key Exchange version 1 (IKEv1) implementation in Clavister Client Web allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to. | |||||
| CVE-1999-0339 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in the libauth library in Solaris allows local users to gain additional privileges, possibly root access. | |||||
| CVE-2005-2235 | 1 Ibm | 1 Aix | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in the diagTasksWebSM command in IBM AIX 5.1, 5.2 and 5.3, might allow local users to execute arbitrary code via long command line arguments. | |||||
| CVE-2004-0114 | 3 Freebsd, Netbsd, Openbsd | 3 Freebsd, Netbsd, Openbsd | 2025-04-03 | 4.6 MEDIUM | N/A |
| The shmat system call in the System V Shared Memory interface for FreeBSD 5.2 and earlier, NetBSD 1.3 and earlier, and OpenBSD 2.6 and earlier, does not properly decrement a shared memory segment's reference count when the vm_map_find function fails, which could allow local users to gain read or write access to a portion of kernel memory and gain privileges. | |||||
| CVE-1999-1157 | 1 Microsoft | 1 Windows Nt | 2025-04-03 | 5.0 MEDIUM | N/A |
| Tcpip.sys in Windows NT 4.0 before SP4 allows remote attackers to cause a denial of service via an ICMP Subnet Mask Address Request packet, when certain multiple IP addresses are bound to the same network interface. | |||||
| CVE-2003-0448 | 1 Aboleo.net | 1 Portmon | 2025-04-03 | 3.6 LOW | N/A |
| Portmon 1.7 and possibly earlier versions allows local users to read and write arbitrary files via the (1) -c (host file) or (2) -l (log file) command line options. | |||||
| CVE-2005-2474 | 1 Churchinfo | 1 Churchinfo | 2025-04-03 | 5.0 MEDIUM | N/A |
| ChurchInfo allows remote attackers to execute obtain sensitive information via the PersonID parameter to (1) PersonView.php, (2) MemberRoleChange.php, (3) PropertyAssign.php, (4) WhyCameEditor.php, (5) GroupPropsEditor.php, (6) Reports/PDFLabel.php, or (7) UserDelete.php, an invalid Number parameter to (8) SelectList.php or (9) SelectDelete.php, GroupID parameter to (10) GroupView.php, (11) GroupMemberList.php, (12) MemberRoleChange.php, (13) GroupDelete.php, (14) /Reports/ClassAttendance.php, or (15) /Reports/GroupReport.php, (16) PropertyID parameter to PropertyEditor.php, FamilyID parameter to (17) Canvas05Editor.php, (18) CanvasEditor.php, or (19) FamilyView.php, or (20) PledgeID parameter to PledgeDetails.php, which reveal the path in an error message. | |||||
| CVE-1999-0692 | 2 Cray, Sgi | 2 Unicos, Irix | 2025-04-03 | 10.0 HIGH | N/A |
| The default configuration of the Array Services daemon (arrayd) disables authentication, allowing remote users to gain root privileges. | |||||
| CVE-2004-2318 | 1 Netwin | 1 Surgeftp | 2025-04-03 | 5.0 MEDIUM | N/A |
| The administrative interface (surgeftpmgr.cgi) for SurgeFTP Server 1.0b through 2.2k1 allows remote attackers to cause a temporary denial of service (crash) via requests with two percent (%) signs in the CMD parameter. | |||||
| CVE-1999-1307 | 1 Novell | 1 Unixware | 2025-04-03 | 7.2 HIGH | N/A |
| Vulnerability in urestore in Novell UnixWare 1.1 allows local users to gain root privileges. | |||||
| CVE-1999-0582 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2025-04-03 | 5.0 MEDIUM | N/A |
| A Windows NT account policy has inappropriate, security-critical settings for lockout, e.g. lockout duration, lockout after bad logon attempts, etc. | |||||
| CVE-2005-3392 | 1 Php | 1 Php | 2025-04-03 | 7.5 HIGH | N/A |
| Unspecified vulnerability in PHP before 4.4.1, when using the virtual function on Apache 2, allows remote attackers to bypass safe_mode and open_basedir directives. | |||||
| CVE-2004-0926 | 2 Apple, Easy Software Products | 3 Mac Os X, Mac Os X Server, Cups | 2025-04-03 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in Apple QuickTime on Mac OS 10.2.8 through 10.3.5 may allow remote attackers to execute arbitrary code via a certain BMP image. | |||||
| CVE-2005-0927 | 1 Web-app.org | 1 Webapp | 2025-04-03 | 10.0 HIGH | N/A |
| Unknown vulnerability in subs.pl for WebAPP 0.9.9 through 0.9.9.2 has unknown impact and attack vectors, probably involving shell metacharacters or .. sequences. | |||||