Total
29099 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-17890 | 1 Nuuo | 1 Nuuo Cms | 2024-09-17 | 9.8 Critical |
| NUUO CMS all versions 3.1 and prior, The application uses insecure and outdated software components for functionality, which could allow arbitrary code execution. | ||||
| CVE-2012-1194 | 1 Microsoft | 1 Windows Server 2008 | 2024-09-17 | N/A |
| The resolver in the DNS Server service in Microsoft Windows Server 2008 before R2 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a "ghost domain names" attack. | ||||
| CVE-2002-2028 | 1 Microsoft | 3 Windows 2000, Windows Nt, Windows Xp | 2024-09-17 | N/A |
| The screensaver on Windows NT 4.0, 2000, XP, and 2002 does not verify if a domain account has already been locked when a valid password is provided, which makes it easier for users with physical access to conduct brute force password guessing. | ||||
| CVE-2002-2103 | 1 Apache | 1 Http Server | 2024-09-17 | N/A |
| Apache before 1.3.24, when writing to the log file, records a spoofed hostname from the reverse lookup of an IP address, even when a double-reverse lookup fails, which allows remote attackers to hide the original source of activities. | ||||
| CVE-2002-2186 | 1 Macromedia | 1 Jrun | 2024-09-17 | N/A |
| Macromedia JRun 3.0, 3.1, and 4.0 allow remote attackers to view the source code of .JSP files via Unicode encoded character values in a URL. | ||||
| CVE-2006-4995 | 1 Joomla | 1 Bsq Sitestats | 2024-09-17 | N/A |
| PHP remote file inclusion vulnerability in BSQ Sitestats (bsq_sitestats) before 2.1.1 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | ||||
| CVE-2006-6166 | 1 Ryan Demmer | 1 Joomla Content Editor | 2024-09-17 | N/A |
| Cross-site scripting (XSS) vulnerability in jce.php in the JCE Admin Component in Ryan Demmer Joomla Content Editor (JCE) 1.0.4 for Joomla! (com_jce), without the 20060821 jce_patch, allows remote attackers to inject arbitrary web script or HTML via the mosConfig_live_site parameter. | ||||
| CVE-2002-2188 | 1 Openbsd | 1 Openbsd | 2024-09-17 | N/A |
| OpenBSD before 3.2 allows local users to cause a denial of service (kernel crash) via a call to getrlimit(2) with invalid arguments, possibly due to an integer signedness error. | ||||
| CVE-2005-1607 | 1 Remote Cart | 1 Remote Cart | 2024-09-17 | N/A |
| Cross-site scripting (XSS) vulnerability in shop.cgi in Remote Cart allows remote attackers to inject arbitrary web script or HTML via the (1) merchant or (2) demo parameters. | ||||
| CVE-2003-0705 | 1 Nicolas Boullis | 1 Mah-jong | 2024-09-17 | N/A |
| Buffer overflow in mah-jong 1.5.6 and earlier allows remote attackers to execute arbitrary code. | ||||
| CVE-2002-1839 | 1 Trend Micro | 1 Interscan Viruswall For Windows Nt | 2024-09-17 | N/A |
| Trend Micro InterScan VirusWall for Windows NT 3.52 does not record the sender's IP address in the headers for a mail message when it is passed from VirusWall to the MTA, which allows remote attackers to hide the origin of the message. | ||||
| CVE-2005-1395 | 1 Swlink | 1 Ce Ceterm | 2024-09-17 | N/A |
| Buffer overflow in Ce/Ceterm (aka ARPUS/Ce) 2.5.4 and earlier may allow local users to gain privileges via a long (1) XAPPLRESLANGPATH or (2) XAPPLRESDIR environment variable, or (3) command line argument. | ||||
| CVE-2002-2109 | 1 Matt Wright | 1 Formmail | 2024-09-17 | N/A |
| Matt Wright FormMail 1.9 and earlier allows remote attackers to bypass the HTTP_REFERER check and conduct unauthorized activities via (1) a blank referer, (2) a spoofed referer with a trusted domain/URL after the beginning of the referer, or (3) a spoofed referer with a trusted domain/URL in the beginning (hostname) portion of the referer. | ||||
| CVE-2002-1860 | 1 Pramati | 1 Pramati Server | 2024-09-17 | N/A |
| Pramati Server 3.0, when running on Windows, allows remote attackers to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF directory with a trailing dot ("WEB-INF."). | ||||
| CVE-2005-2223 | 1 Mailenable | 2 Mailenable Professional, Mailenable Standard | 2024-09-17 | N/A |
| Unknown vulnerability in the SMTP service in MailEnable Standard before 1.9 and Professional before 1.6 allows remote attackers to cause a denial of service (crash) during authentication. | ||||
| CVE-2005-2807 | 1 Frox | 1 Frox | 2024-09-17 | N/A |
| frox 0.7.18, when running setuid root, does not properly drop privileges when reading a configuration file, which allows local users to read portions of arbitrary files via the -f command line option. | ||||
| CVE-2001-1551 | 1 Linux | 1 Linux Kernel | 2024-09-17 | N/A |
| Linux kernel 2.2.19 enables CAP_SYS_RESOURCE for setuid processes, which allows local users to exceed disk quota restrictions during execution of setuid programs. | ||||
| CVE-2004-2207 | 1 Ideal Science | 1 Idealbb | 2024-09-17 | N/A |
| Cross-site scripting (XSS) vulnerability in Ideal Science IdealBB 1.4.9 through 1.5.3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | ||||
| CVE-2001-1557 | 1 Ibm | 1 Aix | 2024-09-17 | N/A |
| Buffer overflow in ftpd in IBM AIX 4.3 and 5.1 allows attackers to gain privileges. | ||||
| CVE-2002-2139 | 1 Cisco | 1 Pix Firewall Software | 2024-09-17 | N/A |
| Cisco PIX Firewall 6.0.3 and earlier, and 6.1.x to 6.1.3, do not delete the duplicate ISAKMP SAs for a user's VPN session, which allows local users to hijack a session via a man-in-the-middle attack. | ||||