Total
29737 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-1502 | 1 Dave Brul | 1 Xbreaky | 2025-04-03 | N/A |
| Symbolic link vulnerability in xbreaky before 0.5.5 allows local users to overwrite arbitrary files via a symlink from the user's .breakyhighscores file to the target file. | ||||
| CVE-2001-1380 | 2 Openbsd, Redhat | 2 Openssh, Linux | 2025-04-03 | N/A |
| OpenSSH before 2.9.9, while using keypairs and multiple keys of different types in the ~/.ssh/authorized_keys2 file, may not properly handle the "from" option associated with a key, which could allow remote attackers to login from unauthorized IP addresses. | ||||
| CVE-2005-3751 | 1 Apsis | 1 Pound | 2025-04-03 | N/A |
| HTTP request smuggling vulnerability in Pound before 1.9.4 allows remote attackers to poison web caches, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with conflicting Content-length and Transfer-encoding headers. | ||||
| CVE-2006-1710 | 1 Design Nation | 1 Dnguestbook | 2025-04-03 | N/A |
| SQL injection vulnerability in admin.php in Design Nation DNGuestbook 2.0 allows remote attackers to execute arbitrary SQL commands via the (1) email and (2) id parameters. | ||||
| CVE-2000-0396 | 1 Pacific Software | 1 Carello | 2025-04-03 | N/A |
| The add.exe program in the Carello shopping cart software allows remote attackers to duplicate files on the server, which could allow the attacker to read source code for web scripts such as .ASP files. | ||||
| CVE-2001-1400 | 2 Linux, Redhat | 2 Linux Kernel, Linux | 2025-04-03 | N/A |
| Unknown vulnerabilities in the UDP port allocation for Linux kernel before 2.2.19 could allow local users to cause a denial of service (deadlock). | ||||
| CVE-2005-0813 | 1 Initial Redirect | 1 Initial Redirect Squid Proxy Plug-in | 2025-04-03 | N/A |
| Buffer overflow in Initial Redirect (ir) Squid Proxy Plug-In 0.1 and 0.2 may allow attackers to cause a denial of service and execute arbitrary code via unknown vectors. | ||||
| CVE-2002-1508 | 2 Openldap, Redhat | 3 Openldap, Enterprise Linux, Linux | 2025-04-03 | N/A |
| slapd in OpenLDAP2 (OpenLDAP 2) 2.2.0 and earlier allows local users to overwrite arbitrary files via a race condition during the creation of a log file for rejected replication requests. | ||||
| CVE-2000-0406 | 1 Netscape | 1 Communicator | 2025-04-03 | N/A |
| Netscape Communicator before version 4.73 and Navigator 4.07 do not properly validate SSL certificates, which allows remote attackers to steal information by redirecting traffic from a legitimate web server to their own malicious server, aka the "Acros-Suencksen SSL" vulnerability. | ||||
| CVE-2001-0148 | 1 Microsoft | 1 Windows Media Player | 2025-04-03 | N/A |
| The WMP ActiveX Control in Windows Media Player 7 allows remote attackers to execute commands in Internet Explorer via javascript URLs, a variant of the "Frame Domain Verification" vulnerability. | ||||
| CVE-2001-1231 | 1 Novell | 1 Groupwise | 2025-04-03 | N/A |
| GroupWise 5.5 and 6 running in live remote or smart caching mode allows remote attackers to read arbitrary users' mailboxes by extracting usernames and passwords from sniffed network traffic, as addressed by the "Padlock" fix. | ||||
| CVE-2005-3909 | 1 Post Affiliate Pro | 1 Post Affiliate Pro | 2025-04-03 | N/A |
| SQL injection vulnerability in merchants/index.php in Post Affiliate Pro 2.0.4 and earlier allows remote attackers to execute arbitrary SQL commands via the sortorder parameter. | ||||
| CVE-2006-3238 | 1 Vbzoom | 1 Vbzoom | 2025-04-03 | N/A |
| Multiple SQL injection vulnerabilities in VBZooM 1.00 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) MemberID parameter to rank.php, and the (2) QuranID parameter to lng.php. | ||||
| CVE-2000-0419 | 1 Microsoft | 10 Access, Excel, Frontpage and 7 more | 2025-04-03 | N/A |
| The Office 2000 UA ActiveX Control is marked as "safe for scripting," which allows remote attackers to conduct unauthorized activities via the "Show Me" function in Office Help, aka the "Office 2000 UA Control" vulnerability. | ||||
| CVE-2006-3267 | 1 Infinite Core Technologies | 1 Ict | 2025-04-03 | N/A |
| SQL injection vulnerability in index.php in Infinite Core Technologies (ICT) 1.0 Gold and earlier allows remote attackers to execute arbitrary SQL commands via the post parameter. | ||||
| CVE-2001-1425 | 1 Alcatel | 1 Speed Touch Home | 2025-04-03 | N/A |
| The challenge-response authentication of the EXPERT user for Alcatel Speed Touch running firmware KHDSAA.108 and KHDSAA.132 through KHDSAA.134 allows remote attackers to gain privileges by directly computing the response based on information that is provided by the device during login. | ||||
| CVE-2000-0435 | 1 Matthew Redman | 1 Allmanage | 2025-04-03 | N/A |
| The allmanageup.pl file upload CGI script in the Allmanage Website administration software 2.6 can be called directly by remote attackers, which allows them to modify user accounts or web pages. | ||||
| CVE-2001-1301 | 2 Gnu, Xemacs | 2 Emacs, Xemacs | 2025-04-03 | N/A |
| rcs2log, as used in Emacs 20.4, xemacs 21.1.10 and other versions before 21.4, and possibly other packages, allows local users to modify files of other users via a symlink attack on a temporary file. | ||||
| CVE-2002-1541 | 1 Working Resources Inc. | 1 Badblue | 2025-04-03 | N/A |
| BadBlue 1.7 allows remote attackers to bypass password protections for directories and files via an HTTP request containing an extra / (slash). | ||||
| CVE-2003-0032 | 1 Mcrypt | 1 Libmcrypt | 2025-04-03 | N/A |
| Memory leak in libmcrypt before 2.5.5 allows attackers to cause a denial of service (memory exhaustion) via a large number of requests to the application, which causes libmcrypt to dynamically load algorithms via libtool. | ||||