Total
29539 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-1806 | 1 Peercast | 1 Peercast | 2025-04-03 | 7.5 HIGH | N/A |
| Format string vulnerability in PeerCast 0.1211 and earlier allows remote attackers to execute arbitrary code via format strings in the URL. | |||||
| CVE-2006-1239 | 1 Countersoft | 1 Gemini | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in issue/createissue.aspx in Gemini 2.0 allows remote attackers to inject arbitrary web script or HTML via the rtcDescription$RadEditor1 field. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2002-1005 | 1 Argosoft | 1 Argosoft Mail Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| ArGoSoft Mail Server 1.8.1.7 and earlier allows a webmail user to cause a denial of service (CPU consumption) by forwarding the email to the user while autoresponse is enabled, which creates an infinite loop. | |||||
| CVE-2001-0450 | 1 Transsoft | 1 Broker Ftp Server | 2025-04-03 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in Transsoft FTP Broker before 5.5 allows attackers to (1) delete arbitrary files via DELETE, or (2) list arbitrary directories via LIST, via a .. (dot dot) in the file name. | |||||
| CVE-2002-1008 | 1 Summit Computer Networks | 1 Lil Http Server | 2025-04-03 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerability in PowerBASIC urlcount.cgi, as included in Lil' HTTP web server, allows remote attackers to execute arbitrary web script in other web browsers via a request to urlcount.cgi that contains the script, which is not filtered when the REPORT capability prints the original request. | |||||
| CVE-2005-3015 | 1 Ibm | 2 Lotus Domino, Lotus Domino Enterprise Server | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in IBM Lotus Domino 6.5.2 allows remote attackers to inject arbitrary web script or HTML via the (1) BaseTarget or (2) Src parameters. | |||||
| CVE-2005-0487 | 1 Kayako | 1 Esupport | 2025-04-03 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php for Kayako ESupport 2.3.1, and possibly other versions, allows remote attackers to inject arbitrary HTML and web script via the nav parameter. | |||||
| CVE-2005-0876 | 1 Dnsmasq | 1 Dnsmasq | 2025-04-03 | 5.0 MEDIUM | N/A |
| Off-by-one buffer overflow in Dnsmasq before 2.21 may allow attackers to execute arbitrary code via the DHCP lease file. | |||||
| CVE-2002-1424 | 1 John G. Myers | 1 Mpack | 2025-04-03 | 5.0 MEDIUM | N/A |
| Buffer overflow in munpack in mpack 1.5 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code. | |||||
| CVE-2005-4503 | 1 Net-square | 1 Httprint | 2025-04-03 | 5.0 MEDIUM | N/A |
| httprint v202, and possibly other versions before v301, allows remote attackers to cause a denial of service (crash) via a long Server field in an HTTP response. | |||||
| CVE-2006-0570 | 1 Hinton Design | 1 Phpstatus | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in phpstatus 1.0, when gpc_magic_quotes is disabled, allow remote attackers to execute arbitrary SQL commands and bypass authentication via (1) the username parameter in check.php and (2) unknown attack vectors in the administrative interface. | |||||
| CVE-1999-0184 | 1 Isc | 1 Bind | 2025-04-03 | 6.4 MEDIUM | N/A |
| When compiled with the -DALLOW_UPDATES option, bind allows dynamic updates to the DNS server, allowing for malicious modification of DNS records. | |||||
| CVE-2005-1498 | 1 Mywebland | 1 Mybloggie | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in myBloggie 2.1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) year parameter in viewmode.php, or the (2) cat_id, (3) month_no, or (4) post_id parameter in index.php, which are not properly sanitized before they are displayed in an error message. NOTE: issues 2, 3, and 4 may be due to a problem in associated products rather than myBloggie itself. | |||||
| CVE-2003-0042 | 1 Apache | 1 Tomcat | 2025-04-03 | 5.0 MEDIUM | N/A |
| Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, allows remote attackers to list directories even with an index.html or other file present, or obtain unprocessed source code for a JSP file, via a URL containing a null character. | |||||
| CVE-2005-4551 | 1 Simpbook | 1 Simpbook | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in sign.php in codegrrl SimpBook 1.0, when html_enable is on, allows remote attackers to inject arbitrary web script or HTML via the message parameter to index.php. | |||||
| CVE-2001-0018 | 1 Microsoft | 1 Windows 2000 | 2025-04-03 | 5.0 MEDIUM | N/A |
| Windows 2000 domain controller in Windows 2000 Server, Advanced Server, or Datacenter Server allows remote attackers to cause a denial of service via a flood of malformed service requests. | |||||
| CVE-2004-1979 | 1 Props | 1 Props | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in do_search.php in PROPS 0.6.1 allows remote attackers to inject arbitrary HTML or web script via the search_string parameter. | |||||
| CVE-2004-2554 | 1 Novell | 1 Client Firewall | 2025-04-03 | 7.2 HIGH | N/A |
| Novell Client Firewall (NCF) 2.0, as based on the Agnitum Outpost Firewall, allows local users to execute arbitrary code with SYSTEM privileges by opening the NCF tray icon and using the Help functionality to launch programs with SYSTEM privileges. | |||||
| CVE-2005-0115 | 1 Datarescue | 1 Ida | 2025-04-03 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in DataRescue Interactive Disassembler (IDA) Pro 4.7 allows attackers to execute arbitrary code via a PE file with an Import Address Table containing a long import library name. | |||||
| CVE-2004-2254 | 1 Netwin | 1 Surgeldap | 2025-04-03 | 7.5 HIGH | N/A |
| SurgeLDAP 1.0g (Build 12), and possibly other versions before 1.0h, allows remote attackers to bypass authentication for the administration interface via a direct request to admin.cgi with a modified utoken parameter. | |||||