Total
29763 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-2145 | 1 Pd9 Software | 1 Megabbs | 2025-04-03 | N/A |
| SQL injection vulnerability in PD9 Software MegaBBS 2 and 2.1 allows remote attackers to execute arbitrary SQL commands via the (1) sortdir or (2) criteria parameter to ladder-log.asp or the (3) memberid or (4) teamid parameter to view-profile.asp. | ||||
| CVE-2004-2167 | 1 Latex2rtf | 1 Latex2rtf | 2025-04-03 | N/A |
| Multiple buffer overflows in LaTeX2rtf 1.9.15, and possibly other versions, allow remote attackers to execute arbitrary code via (1) the expandmacro function, and possibly (2) Environments and (3) TranslateCommand. | ||||
| CVE-2006-3161 | 1 Saphp | 1 Saphplesson | 2025-04-03 | N/A |
| SQL injection vulnerability in misc.php in SaphpLesson 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the action parameter. | ||||
| CVE-2004-2168 | 1 Baardsen Software | 1 Basomail Server | 2025-04-03 | N/A |
| BaSoMail 1.24 allows remote attackers to cause a denial of service (CPU consumption) via multiple connections to TCP port (1) 25 (SMTP) or (2) 110 (POP3). | ||||
| CVE-2004-2170 | 1 Niti Telecom | 1 Caravan Business Server | 2025-04-03 | N/A |
| Directory traversal vulnerability in sample_showcode.html in Caravan 2.00/03d and earlier allows remote attackers to read arbitrary files via the fname parameter. | ||||
| CVE-2004-2188 | 1 Dmxready | 1 Dmxready Site Chassis Manager | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in DMXReady Site Chassis Manager allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | ||||
| CVE-2004-0013 | 1 Jabber Software Foundation | 1 Jabber Server | 2025-04-03 | N/A |
| jabber 1.4.2, 1.4.2a, and possibly earlier versions, does not properly handle SSL connections, which allows remote attackers to cause a denial of service (crash). | ||||
| CVE-2004-2198 | 1 Duware | 1 Duclassmate | 2025-04-03 | N/A |
| account.asp in DUware DUclassmate 1.0 through 1.1 allows remote attackers to change the passwords for arbitrary users by modifying the MM_recordId parameter on the "My Account" page. | ||||
| CVE-1999-0869 | 2 Microsoft, Netscape | 2 Internet Explorer, Navigator | 2025-04-03 | N/A |
| Internet Explorer 3.x to 4.01 allows a remote attacker to insert malicious content into a frame of another web site, aka frame spoofing. | ||||
| CVE-2000-0916 | 1 Freebsd | 1 Freebsd | 2025-04-03 | N/A |
| FreeBSD 4.1.1 and earlier, and possibly other BSD-based OSes, uses an insufficient random number generator to generate initial TCP sequence numbers (ISN), which allows remote attackers to spoof TCP connections. | ||||
| CVE-2006-3308 | 1 Zoid Technologies | 1 Project Eros Bbsengine | 2025-04-03 | N/A |
| Unspecified vulnerability in the wpprop code for Project EROS bbsengine before 20060622-0315 has unknown impact and remote attack vectors via [img] tags, possibly cross-site scripting (XSS). | ||||
| CVE-2000-1236 | 1 Oracle | 1 Application Server | 2025-04-03 | N/A |
| SQL injection vulnerability in mod_sql in Oracle Internet Application Server (IAS) 3.0.7 and earlier allows remote attackers to execute arbitrary SQL commands via the query string of the URL. | ||||
| CVE-2006-3177 | 1 Bible Portal Project | 1 Bible Portal Project | 2025-04-03 | N/A |
| PHP remote file inclusion vulnerability in Admin/rtf_parser.php in The Bible Portal Project 2.12 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the destination parameter. | ||||
| CVE-2002-2103 | 1 Apache | 1 Http Server | 2025-04-03 | N/A |
| Apache before 1.3.24, when writing to the log file, records a spoofed hostname from the reverse lookup of an IP address, even when a double-reverse lookup fails, which allows remote attackers to hide the original source of activities. | ||||
| CVE-2006-3309 | 1 Internet Scout Project | 1 Scout Portal Toolkit | 2025-04-03 | N/A |
| SQL injection vulnerability in SPT--ForumTopics.php in Scout Portal Toolkit (SPT) 1.4.0 and earlier allows remote attackers to execute arbitrary SQL commands via the forumid parameter. | ||||
| CVE-2004-2204 | 1 Macromedia | 1 Coldfusion | 2025-04-03 | N/A |
| Macromedia ColdFusion MX 6.0 and 6.1 application server, when running with the CreateObject function or CFOBJECT tag enabled, allows local users to conduct unauthorized activities and obtain administrative passwords by creating CFML scripts that use CreateObject or CFOBJECT. | ||||
| CVE-2004-0040 | 1 Checkpoint | 2 Firewall-1, Vpn-1 | 2025-04-03 | N/A |
| Stack-based buffer overflow in Check Point VPN-1 Server 4.1 through 4.1 SP6 and Check Point SecuRemote/SecureClient 4.1 through 4.1 build 4200 allows remote attackers to execute arbitrary code via an ISAKMP packet with a large Certificate Request packet. | ||||
| CVE-2004-0049 | 1 Realnetworks | 2 Helix Universal Mobile Server, Helix Universal Server | 2025-04-03 | N/A |
| Helix Universal Server/Proxy 9 and Mobile Server 10 allow remote attackers to cause a denial of service via certain HTTP POST messages to the Administration System port. | ||||
| CVE-2004-2217 | 1 Ychat | 1 Ychat | 2025-04-03 | N/A |
| Multiple unknown vulnerabilities in yhttpd in yChat before 0.7 allow remote attackers to cause a denial of service (segmentation fault) via unknown vectors. | ||||
| CVE-2004-2219 | 1 Microsoft | 2 Ie, Internet Explorer | 2025-04-03 | N/A |
| Microsoft Internet Explorer 6 allows remote attackers to spoof the address bar to facilitate phishing attacks via Javascript that uses an invalid URI, modifies the Location field, then uses history.back to navigate to the previous domain, aka NullyFake. | ||||