Total
29739 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-1999-0771 | 1 Compaq | 2 Insight Management Agent, Power Management | 2025-04-03 | N/A |
| The web components of Compaq Management Agents and the Compaq Survey Utility allow a remote attacker to read arbitrary files via a .. (dot dot) attack. | ||||
| CVE-2000-0359 | 1 Acme Labs | 1 Thttpd | 2025-04-03 | N/A |
| Buffer overflow in Trivial HTTP (THTTPd) allows remote attackers to cause a denial of service or execute arbitrary commands via a long If-Modified-Since header. | ||||
| CVE-2000-0469 | 1 Selena Sol | 1 Webbanner | 2025-04-03 | N/A |
| Selena Sol WebBanner 4.0 allows remote attackers to read arbitrary files via a .. (dot dot) attack. | ||||
| CVE-2000-1234 | 1 Phorum | 1 Phorum | 2025-04-03 | N/A |
| violation.php3 in Phorum 3.0.7 allows remote attackers to send e-mails to arbitrary addresses and possibly use Phorum as a "spam proxy" by setting the Mod and ForumName parameters. | ||||
| CVE-2001-0133 | 1 Trend Micro | 1 Interscan Viruswall | 2025-04-03 | N/A |
| The web administration interface for Interscan VirusWall 3.6.x and earlier does not use encryption, which could allow remote attackers to obtain the administrator password to sniff the administrator password via the setpasswd.cgi program or other HTTP GET requests that contain base64 encoded usernames and passwords. | ||||
| CVE-2001-0761 | 1 Trend Micro | 1 Interscan Webmanager | 2025-04-03 | N/A |
| Buffer overflow in HttpSave.dll in Trend Micro InterScan WebManager 1.2 allows remote attackers to execute arbitrary code via a long value to a certain parameter. | ||||
| CVE-1999-1332 | 1 Redhat | 1 Linux | 2025-04-03 | N/A |
| gzexe in the gzip package on Red Hat Linux 5.0 and earlier allows local users to overwrite files of other users via a symlink attack on a temporary file. | ||||
| CVE-2002-0509 | 1 Oracle | 1 Oracle9i | 2025-04-03 | N/A |
| Transparent Network Substrate (TNS) Listener in Oracle 9i 9.0.1.1 allows remote attackers to cause a denial of service (CPU consumption) via a single malformed TCP packet to port 1521. | ||||
| CVE-2002-1473 | 1 Hp | 1 Hp-ux | 2025-04-03 | N/A |
| Multiple buffer overflows in lp subsystem for HP-UX 10.20 through 11.11 (11i) allow local users to cause a denial of service and possibly execute arbitrary code. | ||||
| CVE-2002-2139 | 1 Cisco | 1 Pix Firewall Software | 2025-04-03 | N/A |
| Cisco PIX Firewall 6.0.3 and earlier, and 6.1.x to 6.1.3, do not delete the duplicate ISAKMP SAs for a user's VPN session, which allows local users to hijack a session via a man-in-the-middle attack. | ||||
| CVE-2003-0755 | 1 Gtkftpd | 1 Gtkftp | 2025-04-03 | N/A |
| Buffer overflow in sys_cmd.c for gtkftpd 1.0.4 and earlier allows remote attackers to execute arbitrary code by creating long directory names and listing them with a LIST command. | ||||
| CVE-2005-1008 | 1 Asp-dev | 1 Xm Forum | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in posts.asp for ASP-DEv XM Forum RC3 allows remote attackers to inject arbitrary web script or HTML via a "javascript:" URL in an IMG tag. | ||||
| CVE-2005-2021 | 1 Cpanel | 1 Cpanel | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in cPanel 9.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the user parameter in the login page. | ||||
| CVE-2005-3034 | 1 Compuware | 1 Driverstudio | 2025-04-03 | N/A |
| Compuware DriverStudio Remote Control service (DSRsvc.exe) 2.7 and 3.0 beta 2 allows remote attackers to bypass authentication via a null session. | ||||
| CVE-2005-4337 | 1 Blackboard | 1 Academic Suite | 2025-04-03 | N/A |
| The login page in Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions before 6 allows remote attackers to bypass authentication and gain privileges as other users via a modified user_id parameter and a "/" in the encoded_pw parameter. | ||||
| CVE-2006-0349 | 1 Epic Designs | 1 Eggblog | 2025-04-03 | N/A |
| SQL injection vulnerability in eggblog 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter to blog.php. | ||||
| CVE-2006-1792 | 1 Mailenable | 3 Mailenable Enterprise, Mailenable Professional, Mailenable Standard | 2025-04-03 | N/A |
| Unspecified vulnerability in the POP service in MailEnable Standard Edition before 1.94, Professional Edition before 1.74, and Enterprise Edition before 1.22 has unknown attack vectors and impact related to "authentication exploits". NOTE: this is a different set of affected versions, and probably a different vulnerability than CVE-2006-1337. | ||||
| CVE-2006-2841 | 1 Associated | 1 Associated Cms | 2025-04-03 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in AssoCIateD (aka ACID) CMS 1.1.3 allow remote attackers to execute arbitrary PHP code via a URL in the root_path parameter to (1) menu.php, (2) profile.php, (3) users.php, (4) cache_mngt.php, and (5) gallery_functions.php. | ||||
| CVE-2006-3259 | 1 E107 | 1 E107 | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in e107 0.7.5 allow remote attackers to inject arbitrary web script or HTML via the (1) ep parameter to search.php and the (2) subject parameter in comment.php (aka the Subject field when posting a comment). | ||||
| CVE-2006-4958 | 1 Sun | 1 Secure Global Desktop | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Sun Secure Global Desktop (SSGD, aka Tarantella) before 4.20.983 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly involving (1) taarchives.cgi, (2) ttaAuthentication.jsp, (3) ttalicense.cgi, (4) ttawlogin.cgi, (5) ttawebtop.cgi, (6) ttaabout.cgi, or (7) test-cgi. NOTE: This information is based upon a vague initial disclosure. Details will be updated as they become available. | ||||