Search Results (29815 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-1403 1 Phystech 1 Dhcpcd 2025-04-03 N/A
dhcpcd DHCP client daemon 1.3.22 and earlier allows local users to execute arbitrary code via shell metacharacters that are fed from a dhcpd .info script into a .exe script.
CVE-2001-1158 1 Checkpoint 1 Firewall-1 2025-04-03 N/A
Check Point VPN-1/FireWall-1 4.1 base.def contains a default macro, accept_fw1_rdp, which can allow remote attackers to bypass intended restrictions with forged RDP (internal protocol) headers to UDP port 259 of arbitrary hosts.
CVE-2001-1198 1 Hp 1 Hp-ux 2025-04-03 N/A
RLPDaemon in HP-UX 10.20 and 11.0 allows local users to overwrite arbitrary files and gain privileges by specifying the target file in the -L option.
CVE-2001-1199 1 Steve Kneizys 1 Agora.cgi 2025-04-03 N/A
Cross-site scripting vulnerability in agora.cgi for Agora 3.0a through 4.0g, when debug mode is enabled, allows remote attackers to execute Javascript on other clients via the cart_id parameter.
CVE-2006-1792 1 Mailenable 3 Mailenable Enterprise, Mailenable Professional, Mailenable Standard 2025-04-03 N/A
Unspecified vulnerability in the POP service in MailEnable Standard Edition before 1.94, Professional Edition before 1.74, and Enterprise Edition before 1.22 has unknown attack vectors and impact related to "authentication exploits". NOTE: this is a different set of affected versions, and probably a different vulnerability than CVE-2006-1337.
CVE-2001-1200 1 Microsoft 1 Windows Xp 2025-04-03 N/A
Microsoft Windows XP allows local users to bypass a locked screen and run certain programs that are associated with Hot Keys.
CVE-2005-0612 1 Cisco 7 Ipvc-3510-mcu, Ipvc-3520-gw-2b, Ipvc-3520-gw-2b2v and 4 more 2025-04-03 N/A
Cisco IP/VC Videoconferencing System 3510, 3520, 3525 and 3530 contain hard-coded default SNMP community strings, which allows remote attackers to gain access, cause a denial of service, and modify configuration.
CVE-2006-2689 1 Eva-web 1 Eva-web 2025-04-03 N/A
Multiple cross-site scripting (XSS) vulnerabilities in EVA-Web 2.1.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) debut_image parameter in (a) article-album.php3, (2) date parameter in (b) rubrique.php3, and the (3) perso and (4) aide parameters to (c) an unknown script, probably index.php.
CVE-2001-1218 1 Microsoft 1 Ie 2025-04-03 N/A
Microsoft Internet Explorer for Unix 5.0SP1 allows local users to possibly cause a denial of service (crash) in CDE or the X server on Solaris 2.6 by rapidly scrolling Chinese characters or maximizing the window.
CVE-2001-1219 1 Microsoft 1 Internet Explorer 2025-04-03 N/A
Microsoft Internet Explorer 6.0 and earlier allows malicious website operators to cause a denial of service (client crash) via JavaScript that continually refreshes the window via self.location.
CVE-2006-2873 1 Enigma Haber 1 Enigma Haber 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in hava.asp in Enigma Haber 4.2 allows remote attackers to inject arbitrary web script or HTML via the il parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2006-4525 1 Devellion 1 Cubecart 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in CubeCart 3.0.12 and earlier, when register_globals is enabled, allows remote attackers to inject arbitrary web script or HTML via the links array.
CVE-2001-1224 1 Les Vanbrunt 1 Adrotate Pro 2025-04-03 N/A
get_input in adrotate.pm for Les VanBrunt AdRotate Pro 2.0 allows remote attackers to modify the database and possibly execute arbitrary commands via a SQL code injection attack.
CVE-2002-1434 1 Kerio 1 Kerio Mailserver 2025-04-03 N/A
Multiple cross-site scripting (XSS) vulnerabilities in the Web mail module of Kerio MailServer 5.0 allow remote attackers to execute HTML script as other users via certain URLs.
CVE-2003-0748 1 Sap 1 Internet Transaction Server 2025-04-03 N/A
Directory traversal vulnerability in wgate.dll for SAP Internet Transaction Server (ITS) 4620.2.0.323011 allows remote attackers to read arbitrary files via ..\ (dot-dot backslash) sequences in the ~theme parameter and a ~template parameter with a filename followed by space characters, which can prevent SAP from effectively adding a .html extension to the filename.
CVE-2001-1230 2 Icecast, Redhat 2 Icecast, Powertools 2025-04-03 N/A
Buffer overflows in Icecast before 1.3.10 allow remote attackers to cause a denial of service (crash) and execute arbitrary code.
CVE-2005-3564 1 Hp 1 Hp-ux 2025-04-03 N/A
envd daemon in HP-UX B.11.00 through B.11.11 allows local users to obtain privileges via unknown attack vectors.
CVE-2006-4964 1 Maxdev 1 Md-pro 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in MAXdev MDPro 1.0.76 before 20060918 allows remote attackers to inject arbitrary web script or HTML via (1) vectors that bypass the XSS protection mechanisms of the pnVarCleanFromInput function, and (2) unspecified vectors related to the AntiCracker.
CVE-2000-0318 1 Atrium Software 1 Mercur Mailserver 2025-04-03 N/A
Atrium Mercur Mail Server 3.2 allows local attackers to read other user's email and create arbitrary files via a dot dot (..) attack.
CVE-2005-0635 1 Foxmail 1 Foxmail Email Server 2025-04-03 N/A
Buffer overflow in Foxmail Server 2.0 allows remote attackers to execute arbitrary code via a long USER command.