Total
29753 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-3550 | 1 Toenda Software Development | 1 Toendacms | 2025-04-03 | N/A |
| Directory traversal vulnerability in admin.php in toendaCMS before 0.6.2 allows remote attackers to access arbitrary files via a .. (dot dot) in the id_user parameter. | ||||
| CVE-2002-0748 | 1 National Instruments | 1 Labview | 2025-04-03 | N/A |
| LabVIEW Web Server 5.1.1 through 6.1 allows remote attackers to cause a denial of service (crash) via an HTTP GET request that ends in two newline characters, instead of the expected carriage return/newline combinations. | ||||
| CVE-2002-0750 | 1 Cgiscript.net | 1 Csmailto | 2025-04-03 | N/A |
| CGIscript.net csMailto.cgi program allows remote attackers to read arbitrary files by specifying the target filename in the form-attachment field. | ||||
| CVE-2004-1763 | 1 Haht Commerce | 1 Hahtsite Scenario Server | 2025-04-03 | N/A |
| Buffer overflow in hsrun.exe for HAHTsite Scenario Server 5.1 Patch 06 (build 91) allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long project name. | ||||
| CVE-2002-0753 | 1 Talentsoft | 1 Web\+ Server | 2025-04-03 | N/A |
| Buffer overflow in Talentsoft Web+ 5.0 allows remote attackers to execute arbitrary code via an HTTP request with a long cookie. | ||||
| CVE-2002-0756 | 2 Usermin, Webmin | 2 Usermin, Webmin | 2025-04-03 | N/A |
| Cross-site scripting vulnerability in the authentication page for (1) Webmin 0.96 and (2) Usermin 0.90 allows remote attackers to insert script into an error page and possibly steal cookies. | ||||
| CVE-2005-3200 | 1 Utopia Software | 1 Utopia News Pro | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Utopia News Pro (UNP) 1.1.3 and 1.1.4 allow remote attackers to inject arbitrary web script or HTML via (1) the sitetitle parameter in header.php and (2) the version and (3) query_count parameters in footer.php. | ||||
| CVE-2004-1796 | 1 Hotnews | 1 Hotnews | 2025-04-03 | N/A |
| PHP remote file inclusion vulnerability in HotNews 0.7.2 and earlier allows remote attackers to execute arbitrary PHP code via the (1) config[header] parameter to hotnews-engine.inc.php3 or (2) config[incdir] parameter to hnmain.inc.php3. | ||||
| CVE-2004-1814 | 1 Vocaltec | 1 Vgw4 8 Telephony Gateway | 2025-04-03 | N/A |
| Directory traversal vulnerability in VocalTec VGW4/8 Gateway 8.0 allows remote attackers to read protected files via .. (dot dot) sequences in an HTTP request, as demonstrated using home.asp. | ||||
| CVE-2002-0794 | 1 Freebsd | 1 Freebsd | 2025-04-03 | N/A |
| The accept_filter mechanism in FreeBSD 4 through 4.5 does not properly remove entries from the incomplete listen queue when adding a syncache, which allows remote attackers to cause a denial of service (network service availability) via a large number of connection attempts, which fills the queue. | ||||
| CVE-2002-0807 | 2 Mozilla, Redhat | 2 Bugzilla, Powertools | 2025-04-03 | N/A |
| Cross-site scripting vulnerabilities in Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, could allow remote attackers to execute script as other Bugzilla users via the full name (real name) field, which is not properly quoted by editusers.cgi. | ||||
| CVE-2002-0817 | 1 William Deich | 1 Super | 2025-04-03 | N/A |
| Format string vulnerability in super for Linux allows local users to gain root privileges via a long command line argument. | ||||
| CVE-2004-1833 | 1 Borland Software | 1 Interbase | 2025-04-03 | N/A |
| The admin.ib file in Borland Interbase 7.1 for Linux has default world writable permissions, which allows local users to gain database administrative privileges. | ||||
| CVE-2003-0814 | 1 Microsoft | 2 Ie, Internet Explorer | 2025-04-03 | N/A |
| Internet Explorer 6 SP1 and earlier allows remote attackers to bypass zone restrictions and execute Javascript by setting the window's "href" to the malicious Javascript, then calling execCommand("Refresh") to refresh the page, aka BodyRefreshLoadsJPU or the "ExecCommand Cross Domain" vulnerability. | ||||
| CVE-2002-0883 | 1 Compaq | 1 Proliant Bl E-class Integrated Administrator Firmware | 2025-04-03 | N/A |
| Vulnerability in Compaq ProLiant BL e-Class Integrated Administrator 1.0 and 1.10, allows authenticated users with Telnet, SSH, or console access to conduct unauthorized activities. | ||||
| CVE-2004-2476 | 1 Microsoft | 1 Internet Explorer | 2025-04-03 | N/A |
| Microsoft Internet Explorer 6.0 allows remote attackers to cause a denial of service (infinite loop and crash) via an IFRAME with "?" as the file source. | ||||
| CVE-2006-4353 | 1 Sun | 1 Java System Content Delivery Server | 2025-04-03 | N/A |
| Unspecified vulnerability in Sun Java System Content Delivery Server 4.0, 4.1, and 5.0 allows local and remote attackers to read data from arbitrary files via unspecified vectors. | ||||
| CVE-2002-0905 | 1 Ibm | 1 Informix | 2025-04-03 | N/A |
| Buffer overflow in sqlexec for Informix SE-7.25 allows local users to gain root privileges via a long INFORMIXDIR environment variable. | ||||
| CVE-1999-1139 | 1 Hp | 1 Hp-ux | 2025-04-03 | N/A |
| Character-Terminal User Environment (CUE) in HP-UX 11.0 and earlier allows local users to overwrite arbitrary files and gain root privileges via a symlink attack on the IOERROR.mytty file. | ||||
| CVE-1999-1407 | 1 Redhat | 1 Linux | 2025-04-03 | N/A |
| ifdhcpc-done script for configuring DHCP on Red Hat Linux 5 allows local users to append text to arbitrary files via a symlink attack on the dhcplog file. | ||||