Total
29798 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-1999-0528 | 2025-04-03 | N/A | ||
| A router or firewall forwards external packets that claim to come from inside the network that the router/firewall is in front of. | ||||
| CVE-2000-0966 | 1 Hp | 1 Hp-ux | 2025-04-03 | N/A |
| Buffer overflows in lpspooler in the fileset PrinterMgmt.LP-SPOOL of HP-UX 11.0 and earlier allows local users to gain privileges. | ||||
| CVE-1999-0560 | 1 Microsoft | 1 Windows Nt | 2025-04-03 | N/A |
| A system-critical Windows NT file or directory has inappropriate permissions. | ||||
| CVE-1999-0578 | 1 Microsoft | 1 Windows Nt | 2025-04-03 | N/A |
| A Windows NT system's registry audit policy does not log an event success or failure for security-critical registry keys. | ||||
| CVE-1999-0591 | 2025-04-03 | N/A | ||
| An event log in Windows NT has inappropriate access permissions. | ||||
| CVE-1999-0594 | 2025-04-03 | N/A | ||
| A Windows NT system does not restrict access to removable media drives such as a floppy disk drive or CDROM drive. | ||||
| CVE-2004-0908 | 2 Mozilla, Redhat | 3 Mozilla, Thunderbird, Enterprise Linux | 2025-04-03 | N/A |
| Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows untrusted Javascript code to read and write to the clipboard, and possibly obtain sensitive information, via script-generated events such as Ctrl-Ins. | ||||
| CVE-2005-4619 | 1 Phpoutsourcing | 1 Zorum | 2025-04-03 | N/A |
| SQL injection vulnerability in index.php in phpoutsourcing Zorum Forum 3.5 and earlier allows remote attackers to execute arbitrary SQL commands via the rollid parameter in the showhtmllist method. | ||||
| CVE-2004-0914 | 6 Gentoo, Lesstif, Redhat and 3 more | 8 Linux, Lesstif, Enterprise Linux and 5 more | 2025-04-03 | N/A |
| Multiple vulnerabilities in libXpm for 6.8.1 and earlier, as used in XFree86 and other packages, include (1) multiple integer overflows, (2) out-of-bounds memory accesses, (3) directory traversal, (4) shell metacharacter, (5) endless loops, and (6) memory leaks, which could allow remote attackers to obtain sensitive information, cause a denial of service (application crash), or execute arbitrary code via a certain XPM image file. NOTE: it is highly likely that this candidate will be SPLIT into other candidates in the future, per CVE's content decisions. | ||||
| CVE-2004-0976 | 2 Larry Wall, Redhat | 2 Perl, Enterprise Linux | 2025-04-03 | N/A |
| Multiple scripts in the perl package in Trustix Secure Linux 1.5 through 2.1 and other operating systems allows local users to overwrite files via a symlink attack on temporary files. | ||||
| CVE-1999-0601 | 2025-04-03 | N/A | ||
| A network intrusion detection system (IDS) does not properly handle data within TCP handshake packets. | ||||
| CVE-2004-2673 | 1 Argosoft | 1 Ftp Server | 2025-04-03 | N/A |
| Multiple buffer overflows in ArGoSoft FTP Server before 1.4.1.6 allow remote authenticated users to cause a denial of service and possibly execute arbitrary code via (1) a SITE ZIP command with a long first or second argument, or (2) a SITE COPY with a long argument. | ||||
| CVE-2005-2777 | 1 Looking Glass | 1 Looking Glass | 2025-04-03 | N/A |
| Looking Glass 20040427 allows remote attackers to execute arbitrary commands via shell metacharacters in the DNS lookup query field. | ||||
| CVE-2006-1008 | 1 Nathan Landry | 1 N8cms Sitesuite Cms | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in N8cms 1.1 and 1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) dir and (2) page_id parameter to (a) index.php and (3) userid parameter to (b) mailto.php. NOTE: it is possible that issues 1 and 2 are resultant from SQL injection. | ||||
| CVE-2006-1020 | 1 Johnny Vegas | 1 Vegas Forum | 2025-04-03 | N/A |
| SQL injection vulnerability in forumlib.php in Johnny_Vegas Vegas Forum 1.0 allows remote attackers to execute arbitrary SQL commands via the postid parameter. | ||||
| CVE-2006-1967 | 1 Kcscripts | 2 Kcscripts Calendar, Portal Pack | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in calendar/Visitor.cgi in KCScripts Calendar, distributed individually and as part of Portal Pack 6.0 and earlier, allows remote attackers to inject arbitrary web script or HTML via the sort_order parameter. | ||||
| CVE-2006-2566 | 1 Alstrasoft | 1 Article Manager Pro | 2025-04-03 | N/A |
| Alstrasoft Article Manager Pro 1.6 allows remote attackers to obtain sensitive information via (1) a quote character or possibly an invalid value in the action parameter in a request to mrarticles.php or (2) a login QUERY_STRING to admin.php without any additional parameters, which reveal the path in various error messages. | ||||
| CVE-2006-3000 | 1 Okscripts | 1 Okarticles | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in search.php in OkScripts OkArticles 1.0 allows remote attackers to inject arbitrary web script or HTML via the q parameter. | ||||
| CVE-1999-0611 | 2025-04-03 | N/A | ||
| A system-critical Windows NT registry key has an inappropriate value. | ||||
| CVE-2006-3004 | 1 Scriptsez | 1 Ez Ringtone Manager | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Ez Ringtone Manager allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter in player.php and (2) keyword parameter when performing a search. | ||||