Total
29755 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-3304 | 1 Deluxebb | 1 Deluxebb | 2025-04-03 | N/A |
| SQL injection vulnerability in cp.php in DeluxeBB 1.07 and earlier allows remote attackers to execute arbitrary SQL commands via the xmsn parameter. | ||||
| CVE-2006-3302 | 1 Cbsms | 1 Mambo Module | 2025-04-03 | N/A |
| PHP remote file inclusion vulnerability in mod_cbsms.php in CBSMS Mambo Module 1.0 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the mosC_a_path parameter. NOTE: the provenance of this information is unknown; portions of the details are obtained from third party information. | ||||
| CVE-2005-4407 | 1 Tmc Visionpool | 1 Mercury Cms | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in index.cfm in Mercury CMS 4.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) content and (2) criteria parameters. | ||||
| CVE-2006-1004 | 1 Cactusoft | 1 Parodia | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in agencyprofile.asp in Parodia 6.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the AG_ID parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | ||||
| CVE-2006-2263 | 1 Virtual Programming | 1 Vp-asp | 2025-04-03 | N/A |
| SQL injection vulnerability in shopcurrency.asp in VP-ASP 6.00 allows remote attackers to execute arbitrary SQL commands via the cid parameter. | ||||
| CVE-2003-0820 | 1 Microsoft | 2 Word, Works | 2025-04-03 | N/A |
| Microsoft Word 97, 98(J), 2000, and 2002, and Microsoft Works Suites 2001 through 2004, do not properly check the length of the "Macro names" data value, which could allow remote attackers to execute arbitrary code via a buffer overflow attack. | ||||
| CVE-2002-1293 | 1 Microsoft | 1 Java Virtual Machine | 2025-04-03 | N/A |
| The Microsoft Java implementation, as used in Internet Explorer, provides a public load0() method for the CabCracker class (com.ms.vm.loader.CabCracker), which allows remote attackers to bypass the security checks that are performed by the load() method. | ||||
| CVE-2001-1465 | 1 Surfcontrol | 1 Superscout Web Filter | 2025-04-03 | N/A |
| SurfControl SuperScout only filters packets containing both an HTTP GET request and a Host header, which allows local users to bypass filtering by fragmenting packets so that no packet contains both data elements. | ||||
| CVE-2002-1292 | 1 Microsoft | 1 Java Virtual Machine | 2025-04-03 | N/A |
| The Microsoft Java virtual machine (VM) build 5.0.3805 and earlier, as used in Internet Explorer, allows remote attackers to extend the Standard Security Manager (SSM) class (com.ms.security.StandardSecurityManager) and bypass intended StandardSecurityManager restrictions by modifying the (1) deniedDefinitionPackages or (2) deniedAccessPackages settings, causing a denial of service by adding Java applets to the list of applets that are prevented from running. | ||||
| CVE-2002-1288 | 1 Microsoft | 1 Java Virtual Machine | 2025-04-03 | N/A |
| The Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to determine the current directory of the Internet Explorer process via the getAbsolutePath() method in a File() call. | ||||
| CVE-2003-0703 | 1 Kismac | 1 Kismac | 2025-04-03 | N/A |
| KisMAC before 0.05d trusts user-supplied variables to load arbitrary kernels or kernel modules, which allows local users to gain privileges via the $DRIVER_KEXT environment variable as used in (1) viha_driver.sh, (2) macjack_load.sh, or (3) airojack_load.sh, or (4) via "similar techniques" using exchangeKernel.sh. | ||||
| CVE-2002-1286 | 1 Microsoft | 1 Java Virtual Machine | 2025-04-03 | N/A |
| The Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to steal cookies and execute script in a different security context via a URL that contains a colon in the domain portion, which is not properly parsed and loads an applet from a malicious site within the security context of the site that is being visited by the user. | ||||
| CVE-2002-1264 | 1 Oracle | 1 Oracle9i | 2025-04-03 | N/A |
| Buffer overflow in Oracle iSQL*Plus web application of the Oracle 9 database server allows remote attackers to execute arbitrary code via a long USERID parameter in the isqlplus URL. | ||||
| CVE-2006-0964 | 1 Ncp Network Communications | 1 Secure Client | 2025-04-03 | N/A |
| Client Firewall in NCP Network Communication Secure Client 8.11 Build 146, and possibly other versions, allows local users to bypass firewall program execution rules by replacing an allowed program with an arbitrary program. | ||||
| CVE-2006-0956 | 1 Nufw | 1 Nufw Firewall | 2025-04-03 | N/A |
| nuauth in NuFW before 1.0.21 does not properly handle blocking TLS sockets, which allows remote authenticated users to cause a denial of service (service hang) by flooding packets at the authentication server. | ||||
| CVE-2002-1580 | 1 Carnegie Mellon University | 1 Cyrus Imap Server | 2025-04-03 | N/A |
| Integer overflow in imapparse.c for Cyrus IMAP server 1.4 and 2.1.10 allows remote attackers to execute arbitrary code via a large length value that facilitates a buffer overflow attack, a different vulnerability than CVE-2002-1347. | ||||
| CVE-2003-1266 | 1 Etype | 1 Eserv | 2025-04-03 | N/A |
| The (1) FTP, (2) POP3, (3) SMTP, and (4) NNTP servers in EServer 2.92 through 2.97, and possibly 2.98, allow remote attackers to cause a denial of service (crash) via a large amount of data. | ||||
| CVE-2003-1260 | 1 Globalscape | 1 Cuteftp | 2025-04-03 | N/A |
| Buffer overflow in CuteFTP 5.0 allows remote attackers to execute arbitrary code via a long response to a LIST command. | ||||
| CVE-2006-4138 | 1 Microsoft | 1 Help File Viewer | 2025-04-03 | N/A |
| Multiple unspecified vulnerabilities in Microsoft Windows Help File viewer (winhlp32.exe) allow user-assisted attackers to execute arbitrary code via crafted HLP files. | ||||
| CVE-2002-1582 | 1 Mailreader.com | 1 Mailreader.com | 2025-04-03 | N/A |
| compose.cgi in Mailreader.com 2.3.30 and 2.3.31, when using Sendmail as the Mail Transfer Agent, allows remote attackers to execute arbitrary commands via shell metacharacters in the RealEmail configuration variable, which is used to call Sendmail in network.cgi. | ||||