Total
29548 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-0085 | 1 Hp | 1 Hp-ux | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in Kermit communications software in HP-UX 11.0 and earlier allows local users to cause a denial of service and possibly execute arbitrary commands. | |||||
| CVE-2002-2103 | 1 Apache | 1 Http Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Apache before 1.3.24, when writing to the log file, records a spoofed hostname from the reverse lookup of an IP address, even when a double-reverse lookup fails, which allows remote attackers to hide the original source of activities. | |||||
| CVE-2000-0806 | 1 Checkpoint | 1 Firewall-1 | 2025-04-03 | 5.0 MEDIUM | N/A |
| The inter-module authentication mechanism (fwa1) in Check Point VPN-1/FireWall-1 4.1 and earlier may allow remote attackers to conduct a denial of service, aka "Inter-module Communications Bypass." | |||||
| CVE-2003-0404 | 1 Vignette | 3 Content Suite, Storyserver, Vignette | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple Cross Site Scripting (XSS) vulnerabilities in Vignette StoryServer 4 and 5, and Vignette V/5 and V/6, allow remote attackers to insert arbitrary HTML and script via text variables, as demonstrated using the errInfo parameter of the default login template. | |||||
| CVE-2004-0155 | 1 Kame | 1 Racoon | 2025-04-03 | 7.5 HIGH | N/A |
| The KAME IKE Daemon Racoon, when authenticating a peer during Phase 1, validates the X.509 certificate but does not verify the RSA signature authentication, which allows remote attackers to establish unauthorized IP connections or conduct man-in-the-middle attacks using a valid, trusted X.509 certificate. | |||||
| CVE-2005-3540 | 1 Petris | 1 Petris | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in petris before 1.0.1 allows remote attackers to execute arbitrary code via unspecified attack vectors. | |||||
| CVE-2001-1109 | 1 Khamil Landross And Zack Jones | 1 Eftp | 2025-04-03 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in EFTP 2.0.7.337 allows remote authenticated users to reveal directory contents via a .. (dot dot) in the (1) LIST, (2) QUOTE SIZE, and (3) QUOTE MDTM commands. | |||||
| CVE-2006-4787 | 1 Alphamail | 1 Alphamail | 2025-04-03 | 2.1 LOW | N/A |
| AlphaMail before 1.0.16 allows local users to obtain sensitive information via the logging functionality, which displays unencrypted passwords in an error message. NOTE: some details are obtained from third party information. | |||||
| CVE-2005-1809 | 1 Sony | 2 P900, P900 Firmware | 2025-04-03 | 5.0 MEDIUM | N/A |
| Sony Ericsson P900 Beamer allows remote attackers to cause a denial of service (panic) via an obexftp session with a long filename in an OBEX File Transfer or OBEX Object Push. | |||||
| CVE-2002-0110 | 1 Nevrona Designs | 1 Miramail | 2025-04-03 | 2.1 LOW | N/A |
| Nevrona Designs MiraMail 1.04 and earlier stores authentication information such as POP usernames and passwords in plaintext in a .ini file, which allows an attacker to gain privileges by reading the passwords from the file. | |||||
| CVE-2004-1340 | 1 Debian | 1 Debian Linux | 2025-04-03 | 2.1 LOW | N/A |
| Debian GNU/Linux 3.0 installs the libpam-radius-auth package with the pam_radius_auth.conf set to be world-readable, which allows local users to obtain sensitive information. | |||||
| CVE-2005-3537 | 1 Phpbb Group | 1 Phpbb | 2025-04-03 | 5.0 MEDIUM | N/A |
| A "missing request validation" error in phpBB 2 before 2.0.18 allows remote attackers to edit private messages of other users, probably by modifying certain parameters or other inputs. | |||||
| CVE-2006-1041 | 1 Gregarius | 1 Gregarius | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Gregarius 0.5.2 allow remote attackers to inject arbitrary web script or HTML via the (1) rss_query parameter to search.php or (2) tag parameter to tags.php. | |||||
| CVE-2003-1143 | 1 Croteam | 1 Serioussam | 2025-04-03 | 7.5 HIGH | N/A |
| Croteam Serious Sam demo test 2 2.1a, Serious Sam: the First Encounter 1.05, and Serious Sam: the Second Encounter 1.05 allow remote attackers to cause a denial of service (crash or freeze) via a TCP packet with an invalid first parameter. | |||||
| CVE-2005-0010 | 1 Ethereal Group | 1 Ethereal | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in the MMSE dissector in Ethereal 0.10.4 through 0.10.8 allows remote attackers to cause a denial of service by triggering a free of statically allocated memory. | |||||
| CVE-2003-0056 | 1 Slocate | 1 Slocate | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in secure locate (slocate) before 2.7 allows local users to execute arbitrary code via a long (1) -c or (2) -r command line argument. | |||||
| CVE-2002-0919 | 1 Cgiscript.net | 1 Cspassword | 2025-04-03 | 7.5 HIGH | N/A |
| CGIScript.net csPassword.cgi allows remote authenticated users to modify the .htaccess file and gain privileges via newlines in the title field of the edit page. | |||||
| CVE-2002-1051 | 1 Ehud Gavron | 1 Tracesroute | 2025-04-03 | 4.6 MEDIUM | N/A |
| Format string vulnerability in TrACESroute 6.0 GOLD (aka NANOG traceroute) allows local users to execute arbitrary code via the -T (terminator) command line argument. | |||||
| CVE-2001-0966 | 1 Nudester.org | 1 Nudester | 2025-04-03 | 10.0 HIGH | N/A |
| Directory traversal vulnerability in Nudester 1.10 and earlier allows remote attackers to read or write arbitrary files via a .. (dot dot) in the CD (CWD) command. | |||||
| CVE-2005-4293 | 1 Kryptronic | 1 Clickcartpro | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in cp-app.cgi in ClickCartPro (CCP) 5.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the affl parameter. | |||||