Total
29548 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-0921 | 1 Microsoft | 1 Outlook Connector | 2025-04-03 | 4.6 MEDIUM | N/A |
| Microsoft Outlook 2002 Connector for IBM Lotus Domino 2.0 allows local users to save passwords and login credentials locally, even when password caching is disabled by a group policy. | |||||
| CVE-2002-0376 | 1 Apple | 1 Quicktime | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in Apple QuickTime 5.0 ActiveX component allows remote attackers to execute arbitrary code via a long pluginspage field. | |||||
| CVE-2004-2017 | 1 Turbotraffictrader | 1 Turbotraffictrader C | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Turbo Traffic Trader C (TTT-C) 1.0 allow remote attackers to inject arbitrary HTML or web script, as demonstrated via (1) the link parameter to ttt-out, (2) the X-Forwarded-For header in a GET request to ttt-in, (3) the Referer header in a GET request to ttt-in, or the (4) site name or (5) site URL fields in the main control panel. | |||||
| CVE-2004-2127 | 1 Leif M. Wright | 1 Web Blog | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Web Blog 1.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the file variable. | |||||
| CVE-2005-3067 | 1 Scriptsolutions | 1 Perldiver | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in perldiver.cgi in PerlDiver 2.x allows remote attackers to inject arbitrary web script or HTML via the module parameter. | |||||
| CVE-2004-0976 | 1 Larry Wall | 1 Perl | 2025-04-03 | 2.1 LOW | N/A |
| Multiple scripts in the perl package in Trustix Secure Linux 1.5 through 2.1 and other operating systems allows local users to overwrite files via a symlink attack on temporary files. | |||||
| CVE-2006-4347 | 1 Jiran | 2 Cool Manager, Cool Messenger Office School Server | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in user logon authentication request handling in Cool_CoolD.exe in Cool Manager 5.0 (5,60,90,28) and Cool Messenger Office/School Server 5.5 (5,65,12,13) allows remote attackers to execute arbitrary SQL commands via the username field. | |||||
| CVE-2006-2120 | 1 Libtiff | 1 Libtiff | 2025-04-03 | 2.1 LOW | N/A |
| The TIFFToRGB function in libtiff before 3.8.1 allows remote attackers to cause a denial of service (crash) via a crafted TIFF image with Yr/Yg/Yb values that exceed the YCR/YCG/YCB values, which triggers an out-of-bounds read. | |||||
| CVE-2002-0133 | 1 Avirt | 3 Avirt Gateway, Avirt Gateway Suite, Avirt Soho | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflows in Avirt Gateway Suite 4.2 allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) long header fields to the HTTP proxy, or (2) a long string to the telnet proxy. | |||||
| CVE-2005-0137 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 2.1 LOW | N/A |
| Linux kernel 2.6 on Itanium (ia64) architectures allows local users to cause a denial of service via a "missing Itanium syscall table entry." | |||||
| CVE-2004-1292 | 1 Michael Kohn | 1 Ringtonetools | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in the parse_emelody function in parse_emelody.c for ringtonetools 2.22 allows remote attackers to execute arbitrary code via a crafted eMelody file. | |||||
| CVE-2000-0526 | 1 3r Soft | 1 Mailstudio 2000 | 2025-04-03 | 5.0 MEDIUM | N/A |
| mailview.cgi CGI program in MailStudio 2000 2.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack. | |||||
| CVE-2005-1855 | 2 Debian, Sukria | 2 Debian Linux, Backup Manager | 2025-04-03 | 2.1 LOW | N/A |
| Backup Manager (backup-manager) before 0.5.8 creates backup files with world-readable default permissions, which allows local users to obtain sensitive information. | |||||
| CVE-2001-1502 | 1 Mountain Network Systems | 1 Webcart | 2025-04-03 | 7.5 HIGH | N/A |
| webcart.cgi in Mountain Network Systems WebCart 8.4 allows remote attackers to execute arbitrary commands via shell metacharacters in the NEXTPAGE parameter. | |||||
| CVE-2005-2267 | 1 Mozilla | 1 Firefox | 2025-04-03 | 7.5 HIGH | N/A |
| Firefox before 1.0.5 allows remote attackers to steal information and possibly execute arbitrary code by using standalone applications such as Flash and QuickTime to open a javascript: URL, which is run in the context of the previous page, and may lead to code execution if the standalone application loads a privileged chrome: URL. | |||||
| CVE-2005-3359 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 4.9 MEDIUM | N/A |
| The atm module in Linux kernel 2.6 before 2.6.14 allows local users to cause a denial of service (panic) via certain socket calls that produce inconsistent reference counts for loadable protocol modules. | |||||
| CVE-2006-0105 | 1 Postgresql | 1 Postgresql | 2025-04-03 | 5.0 MEDIUM | N/A |
| PostgreSQL 8.0.x before 8.0.6 and 8.1.x before 8.1.2, when running on Windows, allows remote attackers to cause a denial of service (postmaster exit and no new connections) via a large number of simultaneous connection requests. | |||||
| CVE-2005-0812 | 1 Notify Technology | 1 Notifylink | 2025-04-03 | 5.0 MEDIUM | N/A |
| The web interface in NotifyLink 3.0 displays passwords in cleartext on the administrative page, which could allow remote attackers or local users to obtain sensitive information. | |||||
| CVE-2003-1306 | 1 Microsoft | 1 Urlscan | 2025-04-03 | 2.6 LOW | N/A |
| Microsoft URLScan 2.5, with the RemoveServerHeader option enabled, allows remote attackers to obtain sensitive information (server name and version) via an HTTP request that generates certain errors such as 400 "Bad Request," which leak the Server header in the response. | |||||
| CVE-2005-0836 | 1 Sun | 1 J2se | 2025-04-03 | 10.0 HIGH | N/A |
| Argument injection vulnerability in Java Web Start for J2SE 1.4.2 up to 1.4.2_06 allows untrusted applications to gain privileges via the value parameter of a property tag in a JNLP file. | |||||