Total
29549 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-2571 | 1 Funkboard | 1 Funkboard | 2025-04-03 | 6.4 MEDIUM | N/A |
| FunkBoard 0.66CF, and possibly earlier versions, does not properly restrict access to the (1) admin/mysql_install.php and (2) admin/pg_install.php scripts, which allows attackers to obtain the database username and password or inject arbitrary PHP code into info.php. | |||||
| CVE-2005-0074 | 1 Xpcd | 1 Xpcd | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in pcdsvgaview in xpcd 2.08 allows local users to execute arbitrary code. | |||||
| CVE-2004-1478 | 2 Hitachi, Macromedia | 4 Cosminexus Enterprise, Cosminexus Server, Coldfusion and 1 more | 2025-04-03 | 7.5 HIGH | N/A |
| JRun 4.0 does not properly generate and handle the JSESSIONID, which allows remote attackers to perform a session fixation attack and hijack a user's HTTP session. | |||||
| CVE-2005-3801 | 1 Counterpane | 1 Passwordsafe | 2025-04-03 | 4.6 MEDIUM | N/A |
| CounterPane PasswordSafe 1.x and 2.x allows local users to test possible encryption keys against a subset of the stored key data without performing the more expensive key derivation function (KDF) function, which reduces the search time in brute force attacks. | |||||
| CVE-2005-1584 | 1 Open Solution | 1 Quick.forum | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php for Quick.Forum 2.1.6 allows remote attackers to inject arbitrary web script or HTML via the topic field in a NewTopic action. | |||||
| CVE-2002-0028 | 1 Mirabilis | 1 Icq | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in ICQ before 2001B Beta v5.18 Build #3659 allows remote attackers to execute arbitrary code via a Voice Video & Games request. | |||||
| CVE-2005-1569 | 1 Directtopics | 1 Directtopics | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in DirectTopics 2.1 and 2.2 allows remote attackers to inject arbitrary web script via a javascript: URL in (1) a thread or (2) an IMG tag. | |||||
| CVE-1999-1040 | 1 Sgi | 1 Irix | 2025-04-03 | 7.2 HIGH | N/A |
| Vulnerabilities in (1) ipxchk and (2) ipxlink in NetWare Client 1.0 on IRIX 6.3 and 6.4 allows local users to gain root access via a modified IFS environmental variable. | |||||
| CVE-2004-2248 | 1 Goosequill | 1 Remoteeditor | 2025-04-03 | 10.0 HIGH | N/A |
| Unknown vulnerability in RemoteEditor before 0.1.1 has unknown impact and attack vectors, related to "oversize submissions." | |||||
| CVE-2004-0998 | 1 Telnetd | 2 Telnetd, Telnetd-ssl | 2025-04-03 | 7.5 HIGH | N/A |
| Format string vulnerability in telnetd-ssl 0.17 and earlier allows remote attackers to execute arbitrary code. | |||||
| CVE-2002-0327 | 1 Century Software | 1 Term | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in Century Software TERM allows local users to gain root privileges via a long tty argument to the callin program. | |||||
| CVE-2005-4514 | 1 Webwasher | 1 Csm Appliance Suite | 2025-04-03 | 5.0 MEDIUM | N/A |
| The encapsulation script mechanism in Webwasher CSM Appliance Suite 5.x uses case-sensitive detection of malicious tokens, which allows attackers to bypass script detection by using tokens that can be upper or lower case. NOTE: the vendor has stated that this problem could not be reproduced, and has asked the researcher for more information, without a response as of 20060103 | |||||
| CVE-2004-0307 | 1 Cisco | 1 Optical Networking Systems Software | 2025-04-03 | 5.0 MEDIUM | N/A |
| Cisco ONS 15327 before 4.1(3), ONS 15454 before 4.6(1), and ONS 15454 SD before 4.1(3) allows remote attackers to cause a denial of service (reset) by not sending the ACK portion of the TCP three-way handshake and sending an invalid response instead. | |||||
| CVE-2005-0262 | 1 Ibm | 1 Aix | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in ipl_varyon on AIX 5.1, 5.2, and 5.3 allows local users to execute arbitrary code via a long -d argument. | |||||
| CVE-2005-4621 | 1 Jelsoft | 1 Vbulletin | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the editavatar page in vBulletin 3.5.1 allows remote attackers to inject arbitrary web script or HTML via a URL in the remote avatar url field, in which the URL generates a parsing error, and possibly requiring a trailing extension such as .jpg. | |||||
| CVE-2005-0651 | 1 Projectbb | 1 Projectbb | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in ProjectBB 0.4.5.1 allow remote attackers to execute arbitrary SQL commands via (1) liste or (2) desc parameters to divers.php (incorrectly referred to as "drivers.php" by some sources), (3) the search feature text area, (4) post name in the post creation feature, (5) City, (6) Homepage, (7) ICQ, (8) AOL, (9) Yahoo!, (10) MSN, or (11) e-mail fields in the profile feature or (12) the new field in the moderator section. | |||||
| CVE-2004-2527 | 1 Microsoft | 2 Windows 2003 Server, Windows Xp | 2025-04-03 | 5.4 MEDIUM | N/A |
| The local and remote desktop login screens in Microsoft Windows XP before SP2 and 2003 allow remote attackers to cause a denial of service (CPU and memory consumption) by repeatedly using the WinKey+"U" key combination, which causes multiple copies of Windows Utility Manager to be loaded more quickly than they can be closed when the copies detect that another instance is running. | |||||
| CVE-2006-3737 | 1 Swsoft | 1 Plesk Control Panel | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in filemanager/filemanager.php in the control panel in SWsoft Plesk 8.0 and earlier allows remote authenticated users to inject arbitrary web script or HTML via the file parameter. | |||||
| CVE-2006-2693 | 1 Nivisec | 1 Hacks List | 2025-04-03 | 7.1 HIGH | N/A |
| Directory traversal vulnerability in admin/admin_hacks_list.php in Nivisec Hacks List 1.20 and earlier for phpBB, when register_globals is enabled, allows remote attackers to read arbitrary files via a ".." in the phpEx parameter. | |||||
| CVE-2004-2456 | 1 Minibb | 1 Minibb | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in miniBB 1.7f and earlier allows remote attackers to execute arbitrary SQL commands via the user parameter in a userinfo action. | |||||