Search Results (29815 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-4884 1 Idevspot 1 Isupport 2025-04-03 N/A
Multiple cross-site scripting (XSS) vulnerabilities in IDevSpot iSupport 1.8 allow remote attackers to inject arbitrary web script or HTML via (1) the suser parameter in support/rightbar.php, (2) the ticket_id parameter in support/open_tickets.php, and (3) the cons_page_title parameter in index.php. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
CVE-1999-0440 2 Netscape, Sun 3 Communicator, Navigator, Java 2025-04-03 N/A
The byte code verifier component of the Java Virtual Machine (JVM) allows remote execution through malicious web pages.
CVE-2002-0382 2 Redhat, Xchat 3 Enterprise Linux, Linux, Xchat 2025-04-03 N/A
XChat IRC client allows remote attackers to execute arbitrary commands via a /dns command on a host whose DNS reverse lookup contains shell metacharacters.
CVE-1999-0441 1 Qbik 1 Wingate 2025-04-03 N/A
Remote attackers can perform a denial of service in WinGate machines using a buffer overflow in the Winsock Redirector Service.
CVE-2005-3725 1 Zyxel 1 Prestige 2000w V.1voip Wi-fi Phone 2025-04-03 N/A
Zyxel P2000W Version 1 VOIP WIFI Phone Wj.00.10 uses hardcoded IP addresses for its DNS servers, which could allow remote attackers to cause a denial of service or hijack Zyxel phones by attacking or spoofing the hardcoded DNS servers. NOTE: it could be argued that this issue reflects an inherent limitation of DNS itself, so perhaps it should not be included in CVE.
CVE-1999-0444 1 Microsoft 3 Windows 95, Windows 98, Windows Nt 2025-04-03 N/A
Remote attackers can perform a denial of service in Windows machines using malicious ARP packets, forcing a message box display for each packet or filling up log files.
CVE-2002-0387 1 Sun 1 One Application Server 2025-04-03 N/A
Buffer overflow in gxnsapi6.dll NSAPI plugin of the Connector Module for Sun ONE Application Server before 6.5 allows remote attackers to execute arbitrary code via a long HTTP request URL.
CVE-2005-3304 1 Francisco Burzi 1 Php-nuke 2025-04-03 N/A
Multiple SQL injection vulnerabilities in PHP-Nuke 7.8 allow remote attackers to modify SQL queries and execute arbitrary PHP code via (1) the username parameter in the Your Account page, (2) the url parameter in the Downloads module, and (3) the description parameter in the Web_Links module.
CVE-2003-0797 1 Sgi 1 Irix 2025-04-03 N/A
Unknown vulnerability in rpc.mountd in SGI IRIX 6.5 through 6.5.22 allows remote attackers to cause a denial of service (process death) via unknown attack vectors.
CVE-2005-3315 1 Novell 1 Zenworks Patch Management Server 2025-04-03 N/A
Multiple SQL injection vulnerabilities in Novell ZENworks Patch Management 6.x before 6.2.2.181 allow remote attackers to execute arbitrary SQL commands via the (1) Direction parameter to computers/default.asp, and the (2) SearchText, (3) StatusFilter, and (4) computerFilter parameters to reports/default.asp.
CVE-2001-0428 1 Cisco 1 Vpn 3000 Concentrator Series Software 2025-04-03 N/A
Cisco VPN 3000 series concentrators before 2.5.2(F) allow remote attackers to cause a denial of service via an IP packet with an invalid IP option.
CVE-2003-0827 1 Ibm 1 Db2 Universal Database 2025-04-03 N/A
The DB2 Discovery Service for IBM DB2 before FixPak 10a allows remote attackers to cause a denial of service (crash) via a long packet to UDP port 523.
CVE-2005-3316 1 Symantec 2 Discovery, On Command Discovery 2025-04-03 N/A
The installation of ON Symantec Discovery 4.5.x and Symantec Discovery 6.0 creates the (1) DiscoveryWeb and (2) DiscoveryRO database accounts with null passwords, which could allow attackers to gain privileges or prevent Discovery from running by setting another password.
CVE-2003-0830 1 Marbles 1 Marbles 2025-04-03 N/A
Buffer overflow in marbles 1.0.2 and earlier allows local users to gain privileges via a long HOME environment variable.
CVE-2003-0832 1 Webfs 1 Webfs 2025-04-03 N/A
Directory traversal vulnerability in webfs before 1.20 allows remote attackers to read arbitrary files via .. (dot dot) sequences in a Hostname header.
CVE-2003-0842 1 Dag Apt Repository 1 Mod Gzip 2025-04-03 N/A
Stack-based buffer overflow in mod_gzip_printf for mod_gzip 1.3.26.1a and earlier, and possibly later official versions, when running in debug mode, allows remote attackers to execute arbitrary code via a long filename in a GET request with an "Accept-Encoding: gzip" header.
CVE-2003-0856 2 Redhat, Stephen Hemminger 3 Enterprise Linux, Linux, Iproute 2025-04-03 N/A
iproute 2.4.7 and earlier allows local users to cause a denial of service via spoofed messages as other users to the kernel netlink interface.
CVE-2003-0859 5 Gnu, Intel, Quagga and 2 more 8 Glibc, Zebra, Ia64 and 5 more 2025-04-03 N/A
The getifaddrs function in GNU libc (glibc) 2.2.4 and earlier allows local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface.
CVE-2003-0864 1 Ircnet 1 Ircnet Ircd 2025-04-03 N/A
Buffer overflow in m_join in channel.c for IRCnet IRCD 2.10.x to 2.10.3p3 allows remote attackers to cause a denial of service.
CVE-2003-0866 1 Apache 1 Tomcat 2025-04-03 N/A
The Catalina org.apache.catalina.connector.http package in Tomcat 4.0.x up to 4.0.3 allows remote attackers to cause a denial of service via several requests that do not follow the HTTP protocol, which causes Tomcat to reject later requests.