Total
29548 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-1080 | 1 Game-panel | 1 Game-panel | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in login.php in Game-Panel 2.6.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the message parameter, possibly requiring a URL encoded value. | |||||
| CVE-2004-2359 | 1 Dell | 1 Truemobile 1300 Wlan Mini-pci Card Util Trayapplet | 2025-04-03 | 10.0 HIGH | N/A |
| Dell TrueMobile 1300 WLAN Mini-PCI Card Util TrayApplet 3.10.39.0 does not properly drop SYSTEM privileges when started from the systray applet, which allows local users to gain privileges by accessing the Help functionality. | |||||
| CVE-2005-2318 | 1 Dvbbs | 1 Dvbbs | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in showerr.asp in DVBBS 7.1 SP2 allows remote attackers to inject arbitrary web script or HTML via the action parameter. | |||||
| CVE-2006-3284 | 1 Datetopia | 1 Dating Agent Pro | 2025-04-03 | 2.6 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in Dating Agent PRO 4.7.1 allows remote attackers to inject arbitrary web script or HTML via the login parameter in (1) webmaster/index.php and (2) search.php. | |||||
| CVE-2001-1465 | 1 Surfcontrol | 1 Superscout Web Filter | 2025-04-03 | 4.6 MEDIUM | N/A |
| SurfControl SuperScout only filters packets containing both an HTTP GET request and a Host header, which allows local users to bypass filtering by fragmenting packets so that no packet contains both data elements. | |||||
| CVE-1999-1154 | 1 Lakeweb | 1 Filemail Cgi Script | 2025-04-03 | 7.5 HIGH | N/A |
| LakeWeb Filemail CGI script allows remote attackers to execute arbitrary commands via shell metacharacters in the recipient email address. | |||||
| CVE-2005-0983 | 4 Activision, Id Software, Lucasarts and 1 more | 10 Call Of Duty, Call Of Duty United Offensive, Return To Castle Wolfenstein and 7 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| Quake 3 engine, as used in multiple games, allows remote attackers to cause a denial of service (client disconnect) via a long message, which is not properly truncated and causes the engine to process the remaining data as if it were network data. | |||||
| CVE-1999-1550 | 1 F5 | 1 Tmos | 2025-04-03 | 5.0 MEDIUM | N/A |
| bigconf.conf in F5 BIG/ip 2.1.2 and earlier allows remote attackers to read arbitrary files by specifying the target file in the "file" parameter. | |||||
| CVE-2004-0424 | 3 Linux, Sgi, Slackware | 3 Linux Kernel, Propack, Slackware Linux | 2025-04-03 | 7.2 HIGH | N/A |
| Integer overflow in the ip_setsockopt function in Linux kernel 2.4.22 through 2.4.25 and 2.6.1 through 2.6.3 allows local users to cause a denial of service (crash) or execute arbitrary code via the MCAST_MSFILTER socket option. | |||||
| CVE-2002-1580 | 1 Carnegie Mellon University | 1 Cyrus Imap Server | 2025-04-03 | 7.5 HIGH | N/A |
| Integer overflow in imapparse.c for Cyrus IMAP server 1.4 and 2.1.10 allows remote attackers to execute arbitrary code via a large length value that facilitates a buffer overflow attack, a different vulnerability than CVE-2002-1347. | |||||
| CVE-2006-2263 | 1 Virtual Programming | 1 Vp-asp | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in shopcurrency.asp in VP-ASP 6.00 allows remote attackers to execute arbitrary SQL commands via the cid parameter. | |||||
| CVE-2005-0526 | 1 Pblang | 1 Pblang | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in PBLang 4.65 allow remote attackers to inject arbitrary web script or HTML via (1) the search string to search.php, (2) the subject of a PM, which is processed by pm.php, or (3) the body of a PM, which is processed by pmpshow.php. | |||||
| CVE-2005-2775 | 1 Phpwebnotes | 1 Phpwebnotes | 2025-04-03 | 7.5 HIGH | N/A |
| php_api.php in phpWebNotes 2.0.0 uses the extract function to modify key variables such as $t_path_core, which leads to a PHP file inclusion vulnerability that allows remote attackers to execute arbitrary PHP code via the t_path_core parameter. | |||||
| CVE-2006-4953 | 1 Neosys | 1 Neon Webmail | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Neon WebMail for Java before 5.08 allow remote attackers to execute arbitrary SQL commands via the (1) adr_sortkey and (2) adr_sortkey_desc parameters in the (a) addrlist servlet, and the (3) sortkey and (4) sortkey_desc parameters in the (b) maillist servlet. | |||||
| CVE-2000-0811 | 1 Cgi Script Center | 1 Auction Weaver | 2025-04-03 | 5.0 MEDIUM | N/A |
| Auction Weaver 1.0 through 1.04 allows remote attackers to read arbitrary files via a .. (dot dot) attack on the username or bidfile form fields. | |||||
| CVE-1999-1038 | 1 Tamu | 1 Tiger | 2025-04-03 | 7.2 HIGH | N/A |
| Tiger 2.2.3 allows local users to overwrite arbitrary files via a symlink attack on various temporary files in Tiger's default working directory, as defined by the WORKDIR variable. | |||||
| CVE-2006-2035 | 1 Websense | 1 Websense | 2025-04-03 | 3.7 LOW | N/A |
| Websense, when configured to permit access to the dynamic content category, allows local users to bypass intended blocking of the Uncategorized category by appending a "/?" sequence to a URL. | |||||
| CVE-2003-0154 | 1 Mozilla | 1 Bonsai | 2025-04-03 | 6.8 MEDIUM | N/A |
| Cross-site scripting vulnerabilities (XSS) in bonsai Mozilla CVS query tool allow remote attackers to execute arbitrary web script via (1) the file, root, or rev parameters to cvslog.cgi, (2) the file or root parameters to cvsblame.cgi, (3) various parameters to cvsquery.cgi, (4) the person parameter to showcheckins.cgi, (5) the module parameter to cvsqueryform.cgi, and (6) possibly other attack vectors as identified by Mozilla bug #146244. | |||||
| CVE-2000-0521 | 1 Michael Lamont | 1 Savant Webserver | 2025-04-03 | 5.0 MEDIUM | N/A |
| Savant web server allows remote attackers to read source code of CGI scripts via a GET request that does not include the HTTP version number. | |||||
| CVE-2005-4271 | 1 Ibm | 1 Aix | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in the malloc debug system in IBM AIX 5.3 allows local users to execute arbitrary code. | |||||