Services
CVE Board
Type de vulnerabilité
CVE
Authentication Issues
110
Buffer Errors
740
Code Injection
499
Configuration
55
Credentials Management
54
Cross-Site Request Forgery (CSRF)
75
Cross-Site Scripting (XSS)
817
Cryptographic Issues
37
Design Error
300
Format String Vulnerability
38
Information Leak / Disclosure
175
Input Validation
377
Insufficient Information
367
Link Following
12
Not in CWE
6
Numeric Errors
143
OS Command Injections
7
Other
14
Path Traversal
355
Permissions, Privileges, and Access Control
295
Race Conditions
13
Resource Management Errors
168
SQL Injection
700
Realm CMS 2.3 and earlier allows remote attackers ...
Unspecified vulnerability in Sun Java System Appli ...
The POP3 server (EPSTPOP3S.EXE) 4.22 in E-Post Mai ...
miniBB 2.2, and possibly earlier, when register_gl ...
Open redirect vulnerability in WebID/IISWebAgentIF ...
The AssignUser function in template.class.php in P ...
BadBlue 2.72 Personal Edition stores multiple prog ...
Unspecified vulnerability in phpMyAdmin before 2.1 ...
phpdemo/viewsource.php in Advanced Software Engine ...
WoltLab Community Framework (WCF) 1.0.6 in WoltLab ...
PHP-Nuke Platinum 7.6.b.5 allows remote attackers ...
The PPTP VPN service in Watchguard Firebox before ...
CFNetwork in Safari in Apple Mac OS X before 10.5. ...
Wiki Server in Apple Mac OS X 10.5 before 10.5.3 a ...
BolinOS 4.6.1 allows remote attackers to obtain se ...
ZyXEL Prestige routers, including P-660, P-661, an ...
PEEL, possibly 3.x and earlier, allows remote atta ...
Multiple unspecified vulnerabilities in Roundup be ...
Unspecified vulnerability in the Windows client AP ...
Unspecified vulnerability in MediaWiki 1.11 before ...
ViewVC before 1.0.5 provides revision metadata wit ...
ViewVC before 1.0.5 stores sensitive information u ...
ViewVC before 1.0.5 includes "all-forbidden" files ...
IBM Rational ClearQuest 7.0.1.1 and 7.0.0.2 might ...
mod_userdir in lighttpd 1.4.18 and earlier, when u ...
The Linksys WRT54G router stores passwords and key ...
b_banner.stm (aka the login page) on the Deutsche ...
Juniper Networks Secure Access 2000 5.5 R1 (build ...
Flyspray 0.9.9.4 generates different error message ...
Unspecified vulnerability in the Multicast Virtual ...
Cisco Network Admission Control (NAC) Appliance 3. ...
OMEGA (aka Omegasoft) INterneSErvicesLosungen (INS ...
Vocera Communications wireless handsets, when usin ...
Cisco Unified Wireless IP Phone 7921, when using P ...
mod_cgi in lighttpd 1.4.18 sends the source code o ...
The scheduler in CUPS in Apple Mac OS X 10.5 befor ...
Apple QuickTime before 7.4.5 does not properly han ...
The Printing component in Apple Mac OS X 10.5.2 us ...
Preview in Apple Mac OS X 10.5.2 uses 40-bit RC4 w ...
Double-Take 5.0.0.2865 and earlier, distributed un ...
Unspecified vulnerability in the download servlet ...
BEA WebLogic Server and Express 7.0 through 10.0 a ...
BEA WebLogic Server and WebLogic Express 9.0 and 9 ...
graph.php in Cacti 0.8.7 before 0.8.7b and 0.8.6 b ...
admin/SA_shipFedExMeter.asp in CandyPress (CP) 4.1 ...
Level Platforms, Inc. (LPI) Managed Workplace Serv ...
Gecko-based browsers, including Mozilla Firefox be ...
modules/libpr0n/decoders/bmp/nsBMPDecoder.cpp in M ...
Kayako SupportSuite 3.11.01 allows remote attacker ...
Mozilla Firefox 2.0.0.11, 3.0b2, and possibly earl ...
PhotoKorn allows remote attackers to obtain databa ...
PHP Webquest 2.6 allows remote attackers to retrie ...
WordPress 2.0.11 and earlier allows remote attacke ...
WordPress 2.2.x and 2.3.x allows remote attackers ...
Snitz Forums 2000 3.4.05 allows remote attackers t ...
CoreServices in Apple Mac OS X 10.4.11 treats .ief ...
CFNetwork in Apple Mac OS X 10.4.11 allows remote ...
Parental Controls in Apple Mac OS X 10.5 through 1 ...
goform/QuickStart_c0 on the GoAhead Web Server on ...
2z project 0.9.6.1 allows remote attackers to obta ...
OpenBiblio 0.5.2-pre4 and earlier allows remote at ...
OpenBiblio 0.5.2-pre4 and earlier allows remote at ...
The Custom Button Installer dialog in Google Toolb ...
Opera before 9.25 allows remote attackers to obtai ...
Apache HTTP Server, when running on Linux with a d ...
HP eSupportDiagnostics ActiveX control (hpediag.dl ...
PHP MySQL Banner Exchange 2.2.1 stores sensitive i ...
Hosting Controller 6.1 Hot fix 3.3 and earlier all ...
GF-3XPLORER 2.4 allows remote attackers to obtain ...
IBM Tivoli Provisioning Manager Express provides u ...
Sergey Lyubka Simple HTTPD (shttpd) 1.38 and earli ...
TuMusika Evolution 1.7R5 allows remote attackers t ...
The Plumtree portal in BEA AquaLogic Interaction 5 ...
The web management interface in Citrix NetScaler 8 ...
The HTTP daemon in the Cisco Unified IP Phone, whe ...
index.php in Tilde CMS 4.x and earlier allows remo ...
The SIP component in Ingate Firewall before 4.6.0 ...
The CryptGenRandom function in Microsoft Windows 2 ...
X.Org Xserver before 1.4.1 allows local users to d ...
The LOB functionality in PEAR MDB2 before 2.5.0a1 ...
The modules/mdop.m in the Cypress 1.0k script for ...
The output_add_rewrite_var function in PHP before ...
dialog.php in CONTENTCustomizer 3.1mp and earlier ...
Mobile Spy (1) stores login credentials in clearte ...
index.php in the File Manager module in Flatnuke 3 ...
LiteSpeed Web Server before 3.2.4 allows remote at ...
The Nortel UNIStim IP Softphone 2050, IP Phone 114 ...
The Nortel UNIStim IP Softphone 2050, IP Phone 114 ...
Oracle allows remote attackers to obtain server me ...
Unspecified vulnerability in Cisco IOS allows remo ...
StaticFileHandler.cs in System.Web in Mono before ...
CMS Made Simple 1.1.3.1 allows remote attackers to ...
CA (formerly Computer Associates) eTrust ITM (Thre ...
Stride 1.0 has a default administrator username of ...
include/imageupload.js in the MyFTPUploader module ...
The 3Com 3CRWER100-75 router with 1.2.10ww softwar ...
Layton HelpBox 3.7.1 generates different responses ...
Rails before 1.2.4, as used for Ruby on Rails, all ...
Mozilla Firefox before 2.0.0.8 and SeaMonkey befor ...
Mozilla Firefox 2.0 before 2.0.0.8 allows remote a ...
Apache Tomcat 6.0.0 through 6.0.14, 5.5.0 through ...
Battlefront Dropteam 1.3.3 and earlier sends the c ...
Unspecified vulnerability in the SSL implementatio ...
Unspecified vulnerability in the SSL implementatio ...
Quicksilver Forums before 1.4.1 allows remote atta ...
SimpGB 1.46.02 stores sensitive information under ...
ELinks before 0.11.3, when sending a POST request ...
Dibbler 0.6.0 on Linux uses weak world-writable pe ...
Unspecified vulnerability in certain IBM Tivoli St ...
The SOCKS4 Proxy in Microsoft Internet Security an ...
SAXON 5.4, with display_errors enabled, allows rem ...
Safari in Apple Mac OS X 10.4 through 10.4.10 allo ...
The Services API in Firebird before 2.0.2 allows r ...
Multiple directory traversal vulnerabilities in CG ...
The DNS server in Microsoft Windows 2000 Server SP ...
Mozilla Firefox before 1.8.0.13 and 1.8.1.x before ...
Apache Tomcat 6.0.0 to 6.0.13, 5.5.0 to 5.5.24, 5. ...
Apache Tomcat 6.0.0 to 6.0.13, 5.5.0 to 5.5.24, 5. ...
Mbedthis AppWeb before 2.2.2 enables the HTTP TRAC ...
Nokia Intellisync Mobile Suite 6.4.31.2, 6.6.0.107 ...
QuickTime for Java in Apple Quicktime before 7.2 d ...
Apache Axis 1.0 allows remote attackers to obtain ...
Exponent CMS 0.96.6 Alpha and earlier allows remot ...
Adobe Macromedia Flash Player 7 and 9, when used w ...
inc/filebrowser/browser.php in deV!L`z Clanportal ...
Pearson Education PowerSchool 4.3.6 allows remote ...
Unspecified vulnerability in LifeType before 1.1.6 ...
Interpretation conflict in ASP.NET in Microsoft .N ...
The web portal interface in Citrix Access Gateway ...
attachment.php in Headstart Solutions DeskPRO allo ...
muforum (µforum) 0.4c stores membres/members. ...
Multiple unspecified vulnerabilities in IBM WebSph ...
BT Voyager 2091 Wireless firmware 2.21.05.08m_A2pB ...
A component in Microsoft Outlook Express 6 allows ...
TYPO3 3.8.0 and earlier allows remote attackers to ...
Unspecified vulnerability in Jetty before 5.1.6 al ...
modifyUser.asp in Cool Cafe (Cool Café) Chat ...
** DISPUTED ** JavaMail API 1.1.3 through 1.3, as ...
Novell iChain Mini FTP Server 2.3 displays differe ...
viewreport.pl in NetIQ WebTrends Reporting Center ...
Unspecified vulnerability in Tincan Limited PHPlis ...
ScozNet ScozBook 1.1 BETA allows remote attackers ...
Haakon Nilsen Simple Internet Publishing System (S ...
XOOPS 2.0, and possibly earlier versions, allows r ...
MyABraCaDaWeb 1.0.2 and earlier allows remote atta ...
WF-Chat 1.0 Beta stores sensitive information unde ...
Justice Guestbook 1.3 allows remote attackers to o ...
PHP-Nuke 7.0 allows remote attackers to obtain the ...
cart.pl in Dansie shopping cart allows remote atta ...
Phorum 3.4 through 3.4.2 allows remote attackers t ...
CommuniGate Pro 3.1 through 4.0.6 sends the sessio ...
The default configuration of ColdFusion MX has the ...
The Web_Links module in PHP-Nuke 6.0 through 6.5 f ...
Apache HTTP Server 1.3.22 through 1.3.27 on OpenBS ...
TOPo 1.43 allows remote attackers to obtain sensit ...
Lotus Domino Server 5.0 and 6.0 allows remote atta ...
DotBr 0.1 stores config.inc with insufficient acce ...
Cisco IOS 12.0 through 12.2, when IP routing is di ...
clarkconnectd in ClarkConnect Linux 1.2 allows rem ...
ProxyView has a default administrator password of ...
Trend Micro Virus Control System (TVCS) Log Collec ...
VisNetic WebSite 3.5 allows remote attackers to ob ...
openwebmail.pl in Open WebMail 1.7 and 1.71 reveal ...
Photon microGUI in QNX Neutrino realtime operating ...
NetDSL ADSL Modem 800 with Microsoft Network firmw ...
Perception LiteServe 2.0 allows remote attackers t ...
phpinfo.php in phpBBmod 1.3.3 executes the phpinfo ...
phpBB 2.0 through 2.0.3 generates names for upload ...
Bannermatic 1, 2, and 3 stores the (1) ban.log, (2 ...
Memory leak in the (1) httpd, (2) nntpd, and (3) v ...
soinfo.php in BadBlue 1.7.1 calls the phpinfo func ...
Mambo Site Server 4.0.11 allows remote attackers t ...
Ultimate PHP Board (UPB) 1.0 allows remote attacke ...
IIS 5 and 5.1 supporting WebDAV methods allows rem ...
IIS 4.0 allows remote attackers to obtain the inte ...
