Total
29099 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-33604 | 1 Vaadin | 2 Flow-server, Vaadin | 2024-09-17 | 2.5 Low |
| URL encoding error in development mode handler in com.vaadin:flow-server versions 2.0.0 through 2.6.1 (Vaadin 14.0.0 through 14.6.1), 3.0.0 through 6.0.9 (Vaadin 15.0.0 through 19.0.8) allows local user to execute arbitrary JavaScript code by opening crafted URL in browser. | ||||
| CVE-2002-1823 | 1 Lonerunner | 1 Zeroo Http Server | 2024-09-17 | N/A |
| Buffer overflow in the HttpGetRequest function in Zeroo HTTP server 1.5 allows remote attackers to execute arbitrary code via a long HTTP request. | ||||
| CVE-2005-4028 | 1 Amember | 1 Amember | 2024-09-17 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in aMember allow remote attackers to inject arbitrary web script or HTML via the (1) lamember_login parameter to sendpass.php and (2) login parameter to member.php. | ||||
| CVE-2019-8275 | 2 Siemens, Uvnc | 4 Sinumerik Access Mymachine\/p2p, Sinumerik Pcu Base Win10 Software\/ipc, Sinumerik Pcu Base Win7 Software\/ipc and 1 more | 2024-09-17 | 9.8 Critical |
| UltraVNC revision 1211 has multiple improper null termination vulnerabilities in VNC server code, which result in out-of-bound data being accessed by remote users. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1212. | ||||
| CVE-2006-7220 | 1 Sap | 2 Saplpd, Sapsprint | 2024-09-17 | N/A |
| Unspecified vulnerability in SAP SAPLPD and SAPSPRINT allows remote attackers to cause a denial of service (application crash) via a certain print job request. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2002-1888 | 1 Commonname | 1 Commonname Toolbar | 2024-09-17 | N/A |
| CommonName Toolbar 3.5.2.0 sends unqualified domain name requests to the CommonName organization and possibly other web servers for name resolution, which allows those organizations to obtain internal server names. | ||||
| CVE-2003-0942 | 1 Sap | 1 Sap Db | 2024-09-17 | N/A |
| Buffer overflow in Web Agent Administration service in web-tools for SAP DB before 7.4.03.30 allows remote attackers to execute arbitrary code via a long Name parameter to waadmin.wa. | ||||
| CVE-2012-4756 | 1 Cyberlink | 1 Labelprint | 2024-09-17 | N/A |
| Multiple untrusted search path vulnerabilities in CyberLink LabelPrint 2.5.3602 allow local users to gain privileges via a Trojan horse (1) mfc71loc.dll or (2) mfc71enu.dll file in the current working directory, as demonstrated by a directory that contains a .lpp file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2007-3025 | 2 Clam Anti-virus, Sun | 2 Clamav, Solaris | 2024-09-17 | N/A |
| Unspecified vulnerability in libclamav/phishcheck.c in ClamAV before 0.90.3 and 0.91 before 0.91rc1, when running on Solaris, allows remote attackers to cause a denial of service (hang) via unknown vectors related to the isURL function and regular expressions. | ||||
| CVE-2020-28503 | 1 Gulpjs | 1 Copy-props | 2024-09-17 | 7.3 High |
| The package copy-props before 2.0.5 are vulnerable to Prototype Pollution via the main functionality. | ||||
| CVE-2022-38974 | 1 Wpml | 1 Wpml | 2024-09-17 | 4.3 Medium |
| Broken Access Control vulnerability in WPML Multilingual CMS premium plugin <= 4.5.10 on WordPress allows users with subscriber or higher user roles to change the status of the translation jobs. | ||||
| CVE-2022-22562 | 1 Dell | 1 Emc Powerscale Onefs | 2024-09-17 | 7.5 High |
| Dell PowerScale OneFS, versions 8.2.0-9.3.0, contain a improper handling of missing values exploit. An unauthenticated network attacker could potentially exploit this denial-of-service vulnerability. | ||||
| CVE-2005-2174 | 1 Mozilla | 1 Bugzilla | 2024-09-17 | N/A |
| Bugzilla 2.17.x, 2.18 before 2.18.2, 2.19.x, and 2.20 before 2.20rc1 inserts a bug into the database before it is marked private, which introduces a race condition and allows attackers to access information about the bug via buglist.cgi before MySQL replication is complete. | ||||
| CVE-2003-0654 | 1 Autorespond | 1 Autorespond | 2024-09-17 | N/A |
| Buffer overflow in autorespond may allow remote attackers to execute arbitrary code as the autorespond user via qmail. | ||||
| CVE-2003-1527 | 2 Ibm, Iss | 2 Internet Security Systems Blackice Defender, Blackice Server Protection | 2024-09-17 | N/A |
| BlackICE Defender 2.9.cap and Server Protection 3.5.cdf, when configured to automatically block attacks, allows remote attackers to block IP addresses and cause a denial of service via spoofed packets. | ||||
| CVE-2010-0587 | 1 Cisco | 1 Unified Communications Manager | 2024-09-17 | N/A |
| Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x before 4.3(2)SR2, 6.x before 6.1(5), 7.x before 7.1(3a)su1, and 8.x before 8.0(1) allows remote attackers to cause a denial of service (process failure) via a malformed SCCP StationCapabilitiesRes message with an invalid MaxCap field, aka Bug ID CSCtc38985. | ||||
| CVE-2005-2228 | 1 Bdc Enterprises | 1 Web Wiz Forums | 2024-09-17 | N/A |
| Web Wiz Forums 7.9 and 8.0 allows remote attackers to view message titles of a hidden forum. | ||||
| CVE-2022-40216 | 1 Wordplus | 1 Better Messages | 2024-09-17 | 4.3 Medium |
| Auth. (subscriber+) Messaging Block Bypass vulnerability in Better Messages plugin <= 1.9.10.69 on WordPress. | ||||
| CVE-2010-5264 | 1 Prof-uis | 1 Prof-uis | 2024-09-17 | N/A |
| Untrusted search path vulnerability in the CExtDWM::CExtDWM method in ProfUIS290m.dll and ProfUIS290m-RDE.dll in Prof-UIS before 2.9.1 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2005-1308 | 1 Inter7 | 1 Sqwebmail | 2024-09-17 | N/A |
| SqWebMail allows remote attackers to inject arbitrary web script or HTML via CRLF sequences in the redirect parameter followed by the desired script or HTML. | ||||