Total
29109 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-2517 | 1 Apple | 2 Mac Os X, Safari | 2024-09-17 | N/A |
| Safari in Mac OS X 10.3.9 and 10.4.2 submits forms from an XSL formatted page to the next page that is browsed by the user, which causes form data to be sent to the wrong site. | ||||
| CVE-2005-1673 | 1 Ubertec | 1 Help Center Live | 2024-09-17 | N/A |
| Multiple SQL injection vulnerabilities in Help Center Live allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to index.php, (2) tid parameter to view.php, fid parameter to (3) download.php or (4) chat_download.php, (5) status parameter to icon.php, TICKET_tid parameter to (6) index.php or (7) view.php. | ||||
| CVE-2022-38134 | 1 Cusrev | 1 Customer Reviews For Woocommerce | 2024-09-17 | 4.3 Medium |
| Authenticated (subscriber+) Broken Access Control vulnerability in Customer Reviews for WooCommerce plugin <= 5.3.5 at WordPress. | ||||
| CVE-2002-2029 | 1 Apache | 1 Http Server | 2024-09-17 | N/A |
| PHP, when installed on Windows with Apache and ScriptAlias for /php/ set to c:/php/, allows remote attackers to read arbitrary files and possibly execute arbitrary programs via an HTTP request for php.exe with a filename in the query string. | ||||
| CVE-2005-4423 | 1 Phpfm | 1 Phpfm | 2024-09-17 | N/A |
| Unrestricted file upload vulnerability in PHPFM before 0.2.3 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension to an accessible directory, as demonstrated using a file with a .php extension, aka "upload phpshell." | ||||
| CVE-2002-2043 | 1 Cyrus | 1 Sasl | 2024-09-17 | N/A |
| SQL injection vulnerability in the LDAP and MySQL authentication patch for Cyrus SASL 1.5.24 and 1.5.27 allows remote attackers to execute arbitrary SQL commands and log in as arbitrary POP mail users via the password. | ||||
| CVE-2002-2206 | 1 Symantec | 1 Norton Antivirus | 2024-09-17 | N/A |
| The POP3 proxy service (POPROXY.EXE) in Norton AntiVirus 2001 allows local users to cause a denial of service (CPU consumption and crash) via a long username with multiple /localhost entries. | ||||
| CVE-2005-4660 | 1 Ipcop | 1 Ipcop | 2024-09-17 | N/A |
| Race condition in IPCop (aka IPCop Firewall) before 1.4.10 might allow local users to overwrite system configuration files and gain privileges by replacing a backup archive during the time window when the archive is owned by "nobody" but not yet encrypted, then executing ipcoprscfg to restore from this backup. | ||||
| CVE-2009-4323 | 1 Zen-cart | 1 Zen Cart | 2024-09-17 | N/A |
| The installation for Zen Cart stores sensitive information and insecure programs under the (1) docs, (2) extras, and (3) zc_install folders, and (4) install.txt, which allows remote attackers to obtain sensitive information, delete the database, and conduct other attacks via a direct request, different vulnerabilities than CVE-2009-4321 and CVE-2009-4322. | ||||
| CVE-2004-2147 | 1 Symantec | 1 Norton Antivirus | 2024-09-17 | N/A |
| Unknown versions of Symantec Norton AntiVirus and Microsoft Outlook allow attackers to cause a denial of service (crash) via malformed e-mail messages (1) without a body or (2) without a carriage return ("\n") separating the headers from the body. | ||||
| CVE-2002-2161 | 1 Kerio | 1 Personal Firewall | 2024-09-17 | N/A |
| Kerio Personal Firewall (KPF) 2.1.4 and earlier allows remote attackers to cause a denial of service (hang and CPU consumption) via a SYN packet flood. | ||||
| CVE-2009-0618 | 1 Cisco | 1 Application Networking Manager | 2024-09-17 | N/A |
| Unspecified vulnerability in the Java agent in Cisco Application Networking Manager (ANM) before 2.0 Update A allows remote attackers to gain privileges, and cause a denial of service (service outage) by stopping processes, or obtain sensitive information by reading configuration files. | ||||
| CVE-2002-2152 | 1 Software602 | 1 602pro Lan Suite | 2024-09-17 | N/A |
| The Czech edition of Software602's Web Server before 2002.0.02.0916 allows remote attackers to gain administrator privileges via direct HTTP requests to the /admin/ directory, which is not password protected. | ||||
| CVE-2022-36425 | 1 Fastlinemedia | 1 Beaver Builder | 2024-09-17 | 5.4 Medium |
| Broken Access Control vulnerability in Beaver Builder plugin <= 2.5.4.3 at WordPress. | ||||
| CVE-2011-4768 | 1 Parallels | 1 Parallels Plesk Small Business Panel | 2024-09-17 | N/A |
| The Site Editor (aka SiteBuilder) feature in Parallels Plesk Small Business Panel 10.2.0 omits the Content-Type header's charset parameter for certain resources, which might allow remote attackers to have an unspecified impact by leveraging an interpretation conflict involving Wizard/Edit/Modules/Image and certain other files. NOTE: it is possible that only clients, not the Plesk product, could be affected by this issue. | ||||
| CVE-2005-2994 | 1 Ibm | 1 Rational Clearquest | 2024-09-17 | N/A |
| Unspecified vulnerability in the web client for IBM Rational ClearQuest 2002.05.00 and 2002.05.20, and 2003.06.00 through 2003.06.15 before SR5, allows remote attackers to execute XML Style Sheets (XSS). | ||||
| CVE-2010-1756 | 1 Apple | 2 Iphone Os, Ipod Touch | 2024-09-17 | N/A |
| The Settings application in Apple iOS before 4 on the iPhone and iPod touch does not properly report the wireless network that is in use, which might make it easier for remote attackers to trick users into communicating over an unintended network. | ||||
| CVE-2005-2216 | 1 Photogal | 1 Photogal Photo Gallery | 2024-09-17 | N/A |
| PHP remote file inclusion vulnerability in gals.php in PhotoGal Photo Gallery 1.5 and earlier allows remote attackers to execute arbitrary code via the news_file parameter. | ||||
| CVE-2002-2197 | 1 Sun | 2 Solaris, Sunos | 2024-09-17 | N/A |
| Unknown vulnerability in Sun Solaris 8.0 allows local users to cause a denial of service (kernel panic) via a program that uses /dev/poll, triggering a NULL pointer dereference. | ||||
| CVE-2002-1786 | 1 Sgi | 1 Irix | 2024-09-17 | N/A |
| SGI IRIX 6.5 through 6.5.14 applies a umask of 022 to root core dumps, which allows local users to read the core dumps and possibly obtain sensitive information. | ||||