Total
29798 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-2304 | 1 Microsoft | 2 Internet Explorer, Live Messenger | 2025-04-03 | N/A |
| Microsoft MSN Messenger 9.0 and Internet Explorer 6.0 allows remote attackers to cause a denial of service (crash) via an image with an ICC Profile with a large Tag Count. | ||||
| CVE-2005-2308 | 1 Microsoft | 1 Ie | 2025-04-03 | N/A |
| The JPEG decoder in Microsoft Internet Explorer allows remote attackers to cause a denial of service (CPU consumption or crash) and possibly execute arbitrary code via certain crafted JPEG images, as demonstrated using (1) mov_fencepost.jpg, (2) cmp_fencepost.jpg, (3) oom_dos.jpg, or (4) random.jpg. | ||||
| CVE-2000-1206 | 1 Apache | 1 Http Server | 2025-04-03 | N/A |
| Vulnerability in Apache httpd before 1.3.11, when configured for mass virtual hosting using mod_rewrite, or mod_vhost_alias in Apache 1.3.9, allows remote attackers to retrieve arbitrary files. | ||||
| CVE-2005-4490 | 1 Commercial Interactive Media | 1 Scoop | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in SCOOP! 2.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) keyword and (2) invalid parameter to articleSearch.asp; (3) username and (4) invalid parameter to lostPassword.asp; (5) Username, (6) Password, and (7) invalid parameter to account_login.asp; (8) area, (9) articleZoneID, (10) r, and (11) invalid parameters to category.asp; and invalid parameters to (12) articleZone.asp, (13) prePurchaserRegistration.asp, and (14) requestDemo.asp. | ||||
| CVE-1999-0164 | 1 Sun | 1 Sunos | 2025-04-03 | N/A |
| A race condition in the Solaris ps command allows an attacker to overwrite critical files. | ||||
| CVE-2001-0108 | 3 Mandrakesoft, Php, Redhat | 3 Mandrake Linux, Php, Linux | 2025-04-03 | N/A |
| PHP Apache module 4.0.4 and earlier allows remote attackers to bypass .htaccess access restrictions via a malformed HTTP request on an unrestricted page that causes PHP to use those access controls on the next page that is requested. | ||||
| CVE-1999-0168 | 1 Sun | 1 Sunos | 2025-04-03 | N/A |
| The portmapper may act as a proxy and redirect service requests from an attacker, making the request appear to come from the local host, possibly bypassing authentication that would otherwise have taken place. For example, NFS file systems could be mounted through the portmapper despite export restrictions. | ||||
| CVE-1999-0170 | 1 Digital | 1 Ultrix | 2025-04-03 | N/A |
| Remote attackers can mount an NFS file system in Ultrix or OSF, even if it is denied on the access list. | ||||
| CVE-1999-0180 | 2025-04-03 | N/A | ||
| in.rshd allows users to login with a NULL username and execute commands. | ||||
| CVE-1999-0191 | 1 Microsoft | 1 Internet Information Server | 2025-04-03 | N/A |
| IIS newdsn.exe CGI script allows remote users to overwrite files. | ||||
| CVE-2000-0777 | 1 Microsoft | 1 Money | 2025-04-03 | N/A |
| The password protection feature of Microsoft Money can store the password in plaintext, which allows attackers with physical access to the system to obtain the password, aka the "Money Password" vulnerability. | ||||
| CVE-2005-4501 | 1 Mediawiki | 1 Mediawiki | 2025-04-03 | N/A |
| MediaWiki before 1.5.4 uses a hard-coded "internal placeholder string", which allows remote attackers to bypass protection against cross-site scripting (XSS) attacks and execute Javascript using inline style attributes, which are processed by Internet Explorer. | ||||
| CVE-1999-0508 | 2025-04-03 | N/A | ||
| An account on a router, firewall, or other network device has a default, null, blank, or missing password. | ||||
| CVE-2000-1204 | 1 Apache | 1 Http Server | 2025-04-03 | N/A |
| Vulnerability in the mod_vhost_alias virtual hosting module for Apache 1.3.9, 1.3.11 and 1.3.12 allows remote attackers to obtain the source code for CGI programs if the cgi-bin directory is under the document root. | ||||
| CVE-2002-0699 | 1 Microsoft | 6 Windows 2000, Windows 98, Windows 98se and 3 more | 2025-04-03 | N/A |
| Unknown vulnerability in the Certificate Enrollment ActiveX Control in Microsoft Windows 98, Windows 98 Second Edition, Windows Millennium, Windows NT 4.0, Windows 2000, and Windows XP allow remote attackers to delete digital certificates on a user's system via HTML. | ||||
| CVE-2002-0943 | 1 Metalinks | 1 Metacart2.sql | 2025-04-03 | N/A |
| MetaCart2.sql stores the user database under the web document root without access controls, which allows remote attackers to obtain sensitive information such as passwords and credit card numbers via a direct request for metacart.mdb. | ||||
| CVE-2000-0825 | 1 Ipswitch | 1 Imail | 2025-04-03 | N/A |
| Ipswitch Imail 6.0 allows remote attackers to cause a denial of service via a large number of connections in which a long Host: header is sent, which causes a thread to crash. | ||||
| CVE-2002-1078 | 1 Aprelium Technologies | 1 Abyss Web Server | 2025-04-03 | N/A |
| Abyss Web Server 1.0.3 allows remote attackers to list directory contents via an HTTP GET request that ends in a large number of / (slash) characters. | ||||
| CVE-2002-1083 | 1 Visualshapers | 1 Ezcontents | 2025-04-03 | N/A |
| Directory traversal vulnerabilities in ezContents 1.41 and earlier allow remote attackers to cause ezContents to (1) create directories using the Maintain Images:Add New:Create Subdirectory item, or (2) list directories using the Maintain Images file listing, via .. (dot dot) sequences. | ||||
| CVE-2006-4473 | 1 Joomla | 1 Joomla | 2025-04-03 | N/A |
| Unspecified vulnerability in com_content in Joomla! before 1.0.11, when $mosConfig_hideEmail is set, allows attackers to perform the emailform and emailsend tasks. | ||||