Total
315 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-6899 | 2 Bluez Project, Redhat | 2 Bluez, Enterprise Linux | 2025-04-09 | N/A |
| hidd in BlueZ (bluez-utils) before 2.25 allows remote attackers to obtain control of the (1) Mouse and (2) Keyboard Human Interface Device (HID) via a certain configuration of two HID (PSM) endpoints, operating as a server, aka HidAttack. | ||||
| CVE-2008-6638 | 1 Versalsoft | 1 Http File Upload Activex Control | 2025-04-09 | N/A |
| Insecure method vulnerability in the Versalsoft HTTP Image Uploader ActiveX control (UUploaderSvrD.dll 6.0.0.35) allows remote attackers to delete arbitrary files via the RemoveFileOrDir method. | ||||
| CVE-2009-1211 | 1 Bluecoat | 19 Proxysg, Proxysg Sg210-10, Proxysg Sg210-25 and 16 more | 2025-04-09 | N/A |
| Blue Coat ProxySG, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet sites, via a crafted web page that causes a client to send HTTP requests with a modified Host header. | ||||
| CVE-2002-2263 | 1 Hp | 2 Hp-ux, Visualize Conference Ftp | 2025-04-03 | N/A |
| The installation program for HP-UX Visualize Conference B.11.00.11 running on HP-UX 11.00 and 11.11 installs /etc/dt and its subdirecties with insecure permissions, which allows local users to read or write arbitrary files. | ||||
| CVE-2003-1457 | 1 Auerswald | 1 Comsuite Cti Controlcenter | 2025-04-03 | N/A |
| Auerswald COMsuite CTI ControlCenter 3.1 creates a default "runasositron" user account with an easily guessable password, which allows local users or remote attackers to gain access. | ||||
| CVE-2003-1452 | 1 Qualcomm | 1 Qpopper | 2025-04-03 | N/A |
| Untrusted search path vulnerability in Qualcomm qpopper 4.0 through 4.05 allows local users to execute arbitrary code by modifying the PATH environment variable to reference a malicious smbpasswd program. | ||||
| CVE-2002-2234 | 1 Netscreen | 1 Screenos | 2025-04-03 | N/A |
| NetScreen ScreenOS before 4.0.1 allows remote attackers to bypass the Malicious-URL blocking feature by splitting the URL into fragmented IP requests. | ||||
| CVE-2003-1449 | 1 Aladdin Knowledge Systems | 1 Esafe Gateway | 2025-04-03 | N/A |
| Aladdin Knowlege Systems eSafe Gateway 3.5.126.0 does not check the entire stream of Content Vectoring Protocol (CVP) data, which allows remote attackers to bypass virus protection. | ||||
| CVE-2003-1422 | 1 Gentoo | 1 Syslinux | 2025-04-03 | N/A |
| Multiple unspecified vulnerabilities in the installer for SYSLINUX 2.01, when running setuid root, allow local users to gain privileges via unknown vectors. | ||||
| CVE-2002-2247 | 1 Mambo | 1 Mambo Site Server | 2025-04-03 | N/A |
| The administrator/phpinfo.php script in Mambo Site Server 4.0.11 allows remote attackers to obtain sensitive information such as the full web root path via phpinfo.php, which calls the phpinfo function. | ||||
| CVE-2002-2373 | 1 Apple | 2 Apple Laserwriter, Tcp Ip Configuration Utility | 2025-04-03 | N/A |
| The default configuration of the TCP/IP printer configuration utility in Apple LaserWriter 12/640 PS printer contains a blank Telnet password, which allows remote attackers to gain access. | ||||
| CVE-2002-2285 | 1 Broadcom | 1 Inoculateit | 2025-04-03 | N/A |
| eTrust InoculateIT 6.0 with the "Incremental Scan" option enabled may certify that a file is free of viruses before the file has been completely downloaded, which allows remote attackers to bypass virus detection. | ||||
| CVE-1999-0875 | 2 Microsoft, Sun | 5 Windows 2000, Windows 95, Windows 98se and 2 more | 2025-04-03 | N/A |
| DHCP clients with ICMP Router Discovery Protocol (IRDP) enabled allow remote attackers to modify their default routes. | ||||
| CVE-2002-2331 | 1 Cascadesoft | 1 W3mail | 2025-04-03 | N/A |
| W3Mail 1.0.2 through 1.0.5 with server side scripting (SSI) enabled in the attachments directory does not properly restrict the types of files that can be uploaded as attachments, which allows remote attackers to execute arbitrary code by sending code in MIME attachments, then requesting the attachments. | ||||
| CVE-2002-2335 | 1 John Drake | 1 Killer Protection | 2025-04-03 | N/A |
| Killer Protection 1.0 stores the vars.inc include file under the web root with insufficient access control, which allows remote attackers to obtain user names and passwords and log in using protection.php. | ||||
| CVE-2003-1352 | 1 Gabber | 1 Gabber | 2025-04-03 | N/A |
| Gabber 0.8.7 sends an email to a specific address during user login and logout, which allows remote attackers to obtain user session activity and Gabber version number by sniffing. | ||||
| CVE-2006-0848 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | N/A |
| The "Open 'safe' files after downloading" option in Safari on Apple Mac OS X allows remote user-assisted attackers to execute arbitrary commands by tricking a user into downloading a __MACOSX folder that contains metadata (resource fork) that invokes the Terminal, which automatically interprets the script using bash, as demonstrated using a ZIP file that contains a script with a safe file extension. | ||||
| CVE-2003-1357 | 2 Microsoft, Replicom | 2 Windows Nt, Proxyview | 2025-04-03 | N/A |
| ProxyView has a default administrator password of Administrator for Embedded Windows NT, which allows remote attackers to gain access. | ||||
| CVE-2004-2692 | 1 Kyberdigi Labs | 1 Php-exec-dir | 2025-04-03 | N/A |
| The exec_dir PHP patch (php-exec-dir) 4.3.2 through 4.3.7 with safe mode disabled allows remote attackers to bypass restrictions and execute arbitrary commands via a backtick operator, which is not handled using the php_escape_shell_cmd function. | ||||
| CVE-2002-2280 | 1 Openbsd | 1 Openbsd | 2025-04-03 | N/A |
| syslogd on OpenBSD 2.9 through 3.2 does not change the source IP address of syslog packets when the machine's IP addressed is changed without rebooting, e.g. via ifconfig, which can cause incorrect information to be sent to the syslog server. | ||||