Services
CVE Board
Type de vulnerabilité
CVE
Authentication Issues
110
Buffer Errors
740
Code Injection
499
Configuration
55
Credentials Management
54
Cross-Site Request Forgery (CSRF)
75
Cross-Site Scripting (XSS)
817
Cryptographic Issues
37
Design Error
300
Format String Vulnerability
38
Information Leak / Disclosure
175
Input Validation
377
Insufficient Information
367
Link Following
12
Not in CWE
6
Numeric Errors
143
OS Command Injections
7
Other
14
Path Traversal
355
Permissions, Privileges, and Access Control
295
Race Conditions
13
Resource Management Errors
168
SQL Injection
700
_RealmAdmin/login.asp in Realm CMS 2.3 and earlier ...
Unrestricted file upload vulnerability in upload/u ...
The DownloaderActiveX Control (DownloaderActiveX.o ...
Apple Safari does not prompt the user before downl ...
admin/userform.php in RoomPHPlanning 1.5 does not ...
The OCSP functionality in stunnel before 4.24 does ...
The Admin Server in Sun Java Active Server Pages ( ...
Unrestricted file upload vulnerability in WordPres ...
Zomplog 3.8.2 and earlier allows remote attackers ...
MeltingIce File System 1.0 allows remote attackers ...
AlkalinePHP 0.77.35 and earlier allows remote atta ...
News Manager 2.0 allows remote attackers to bypass ...
Interspire ActiveKB 1.5 and earlier allows remote ...
Unspecified vulnerability in Citrix Presentation S ...
The admin.php file in Rantx allows remote attacker ...
Pet Grooming Management System 2.0 allows remote a ...
admin.php in Multi-Page Comment System (MPCS) 1.0 ...
The Site Documentation Drupal module 5.x before 5. ...
Unspecified vulnerability in the export feature in ...
Unrestricted file upload vulnerability in src/yopy ...
Multiple unspecified vulnerabilities in Robin Raws ...
wp-includes/vars.php in Wordpress before 2.2.3 doe ...
Oracle Application Server (OracleAS) Portal 10g al ...
email_in.pl in Bugzilla 2.23.4, 3.0.x before 3.0.3 ...
The WebService in Bugzilla 3.1.3 allows remote aut ...
MySQL 4.1.x before 4.1.24, 5.0.x before 5.0.60, 5. ...
Robocode before 1.6.0 allows user-assisted remote ...
Cisco Adaptive Security Appliance (ASA) and Cisco ...
The CAPTCHA implementation as used in (1) Francisc ...
Simple Machines Forum (SMF), probably 1.1.4, relie ...
Sun Java System Directory Proxy Server 6.0, 6.1, a ...
Acidcat CMS 3.4.1 does not restrict access to the ...
Unrestricted file upload vulnerability in the file ...
phShoutBox Final 1.5 and earlier only checks passw ...
Sony Mylo COM-2 Japanese model firmware before 1.0 ...
The user form processing (userform.py) in MoinMoin ...
swfdec_load_object.c in Swfdec before 0.6.4 does n ...
Unrestricted file upload vulnerability in iScripts ...
Prozilla Topsites 1.0 allows remote attackers to p ...
Prozilla Reviews 1.0 allows remote attackers to de ...
CRLF injection vulnerability in Akamai Download Ma ...
The Simple Access module for Drupal 5.x through 5. ...
Unspecified vulnerability in IBM DB2 Content Manag ...
OpenSSH 4.4 and other versions before 4.9 allows r ...
Adobe ColdFusion 8 and 8.0.1 does not properly imp ...
CDS Invenio 0.92.1 and earlier allows remote authe ...
The BMP and GIF image decoding engine in ImageIO i ...
ZyXEL Prestige routers, including P-660 and P-661 ...
The SOAP interface in OTRS 2.1.x before 2.1.8 and ...
The password reset feature in PunBB 1.2.16 and ear ...
The xml-rpc server in Roundup 1.4.4 does not check ...
Microsoft Windows XP Professional SP2, Vista, and ...
Check Point VPN-1 Power/UTM, with NGX R60 through ...
A certain incorrect Sun Solaris 10 image on SPARC ...
Unspecified vulnerability in Asterisk Open Source ...
Unspecified vulnerability in the Windows client AP ...
The Zyxel P-2602HW-D1A router with 3.40(AJZ.1) fir ...
The ZyXEL P-660HW series router maintains authenti ...
The web interface on the Linksys WRT54g router wit ...
The control panel on the Belkin F5D7230-4 router w ...
_macro_Getval in wikimacro.py in MoinMoin 1.5.8 an ...
Unspecified vulnerability in the Internet Protocol ...
The scheduler in CUPS in Apple Mac OS X 10.5 befor ...
Incomplete blacklist vulnerability in CoreTypes in ...
Apple Filing Protocol (AFP) Server in Apple Mac OS ...
Multiple F-Secure anti-virus products, including I ...
Session fixation vulnerability in BEA WebLogic Ser ...
The distributed queue feature in JMS in BEA WebLog ...
Unspecified vulnerability in BEA WebLogic Server 9 ...
BEA WebLogic Portal 10.0 and 9.2 through MP1, when ...
Red Hat Administration Server, as used by Red Hat ...
Admin Tools in BEA WebLogic Portal 8.1 SP3 through ...
IBM Lotus Notes 6.0, 6.5, 7.0, and 8.0 signs an un ...
StatCounteX 3.0 and 3.1 allows remote attackers to ...
lib/Driver/sql.php in Turba 2 (turba2) Contact Man ...
Unrestricted file upload vulnerability in image.ph ...
Multiple F-Secure anti-virus products, including I ...
Unspecified vulnerability in the PropFilePasswordE ...
The Linux kernel before 2.6.18.8-0.8 in SUSE openS ...
Unspecified vulnerability in the SSH server in HP ...
ActivationHandler in Magnolia CE 3.5.x before 3.5. ...
Unspecified vulnerability in the ADMIN_SP_C proced ...
IBM DB2 UDB before 8.2 Fixpak 16 does not properly ...
The XML-RPC implementation (xmlrpc.php) in WordPre ...
Multiple unspecified vulnerabilities in the Java R ...
The XML parsing code in Sun Java Runtime Environme ...
The Project Issue Tracking module 5.x-2.x-dev befo ...
The Comment Upload 4.7.x before 4.7.x-0.1 and 5.x ...
Cross-site request forgery (CSRF) vulnerability in ...
Absolute path traversal vulnerability in explorerd ...
Unspecified vulnerability in IBM WebSphere Busines ...
Unspecified vulnerability in OKI C5510MFP Printer ...
8e6 R3000 Internet Filter 2.0.05.33, and other ver ...
admin/index.php in Evilsentinel 1.0.9 and earlier ...
LulieBlog 1.0.1 and 1.0.2 does not restrict access ...
Unspecified vulnerability in cron.php in FreeSeat ...
The Atom 4.7 before 4.7.x-1.0 and 5.x before 5.x-1 ...
admin.php in UploadScript 1.0 does not check for t ...
admin.php in UploadImage 1.0 does not check for th ...
Unrestricted file upload vulnerability in Zero CMS ...
Multiple unspecified vulnerabilities in HP Storage ...
Multiple unspecified vulnerabilities in HP Select ...
Plugin/passwordauth.pm (aka the passwordauth plugi ...
TUTOS 1.3 does not restrict access to php/admin/cm ...
Unspecified vulnerability in glob in PHP before 4. ...
Snitz Forums 2000 3.4.06 and earlier stores sensit ...
The Application Firewall in Apple Mac OS X 10.5.2 ...
Unspecified vulnerability in AFP Server in Apple M ...
X11 in Apple Mac OS X 10.5 through 10.5.1 does not ...
The Cisco Linksys WAG54GS Wireless-G ADSL Gateway ...
The Gallery Remote module in Menalto Gallery befor ...
Unspecified vulnerability in the Publish XP module ...
The b_system_comments_show function in htdocs/modu ...
admin/uploadgames.php in MySpace Content Zone (MCZ ...
Unrestricted file upload vulnerability in fisheye/ ...
Unspecified vulnerability in Joomla! before 1.5 RC ...
Joomla! before 1.5 RC4 allows remote authenticated ...
Creammonkey 0.9 through 1.1 and GreaseKit 1.2 thro ...
March Networks DVR 3204 stores sensitive informati ...
Unspecified vulnerability in the StorageFarabDb mo ...
The Setup Wizard in Atlassian JIRA Enterprise Edit ...
Hot or Not Clone has insufficient access control f ...
PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8. ...
Dovecot before 1.0.10, with certain configuration ...
PHP MySQL Banner Exchange 2.2.1 stores sensitive i ...
SpntSvc.exe daemon in Trend Micro ServerProtect 5. ...
Multiple unspecified vulnerabilities in Hosting Co ...
Unspecified vulnerability in Hosting Controller 6. ...
Unspecified vulnerability in Hosting Controller 6. ...
Unspecified vulnerability in Hosting Controller 6. ...
Hosting Controller 6.1 Hot fix 3.3 and earlier (1) ...
Hosting Controller 6.1 Hot fix 3.3 and earlier all ...
inc_newuser.asp in Hosting Controller 6.1 Hot fix ...
Unspecified vulnerability in Plain Black WebGUI 7. ...
Unrestricted file upload vulnerability in the "My ...
phpRPG 0.8 stores sensitive information under the ...
registry.pl in Fonality Trixbox 2.0 PBX products, ...
Sun Solaris 10 with the 120011-04 and 120012-04 pa ...
Flat PHP Board 1.2 and earlier stores sensitive in ...
The DAV component in Chandler Server (Cosmo) befor ...
Gekko 0.8.2 and earlier stores sensitive informati ...
scponly 4.6 and earlier allows remote authenticate ...
Ingres 2.5 and 2.6 on Windows, as used in multiple ...
Multiple unspecified vulnerabilities in Lyris List ...
MySQL Server 5.1.x before 5.1.23 and 6.0.x before ...
The CheckCustomerAccess function in functions.php ...
Unspecified vulnerability in rsync before 3.0.0pre ...
PHPDevShell before 0.7.0 allows remote authenticat ...
Mail in Apple Mac OS X Leopard (10.5.1) allows use ...
AdventNet EventLog Analyzer build 4030 for Windows ...
frame.html in Aida-Web (Aida Web) allows remote at ...
IBM DB2 UDB 9.1 before Fixpak 4 assigns incorrect ...
IBM DB2 UDB 9.1 before Fixpak 4 uses incorrect per ...
Unspecified vulnerability in the DB2DART tool in I ...
Invensys Wonderware InTouch 8.0 creates a NetDDE s ...
IMP Webmail Client 4.1.5, Horde Application Framew ...
blocks/shoutbox_block.php in BtiTracker 1.4.4 does ...
details.php in BtiTracker before 1.4.5, when torre ...
MySQL Community Server 5.0.x before 5.0.51, Enterp ...
QSslSocket in Trolltech Qt 4.3.0 through 4.3.2 doe ...
USVN before 0.6.5 allows remote attackers to obtai ...
The reDirect function in lib/controllers/RepViewCo ...
MyWebFTP, possibly 5.3.2, stores sensitive informa ...
Quick Look in Apple Mac OS X 10.5.1 does not preve ...
Quick Look Apple Mac OS X 10.5.1, when previewing ...
Micro Login System 1.0 stores sensitive informatio ...
Blue-Collar Productions i-Gallery 3.4 stores sensi ...
Flatnuke 3 (aka FlatnuX) allows remote attackers t ...
eFileMan 7.1.0.87-88 stores sensitive information ...
Lussumo Vanilla 1.1.3 and earlier does not require ...
The hook_comments API in Drupal 4.7.x before 4.7.8 ...
Cisco Firewall Services Module (FWSM) 3.1(6), and ...
The SMS handler for Windows Mobile 2005 Pocket PC ...
dotProject before 2.1 does not properly check priv ...
** DISPUTED ** OpenSER 1.2.2 does not verify the D ...
Cisco CallManager 5.1.1.3000-5 does not verify the ...
ioncube_loader_win_5.2.dll in the ionCube Loader 6 ...
CMS Made Simple 1.1.3.1 does not check the permiss ...
CMS Made Simple 1.1.3.1 does not check the permiss ...
CA (formerly Computer Associates) eTrust ITM (Thre ...
The conversion utility for converting CiscoWorks W ...
The default catalina.policy in the JULI logging co ...
The Message Engine RPC service in CA BrightStor AR ...
Zomplog 3.8.1 and earlier stores potentially sensi ...
ASP-CMS 1.0 stores sensitive information under the ...
Java Web Start in Sun JDK and JRE 6 Update 2 and e ...
Java Web Start in Sun JDK and JRE 6 Update 2 and e ...
Java Web Start in Sun JDK and JRE 5.0 Update 12 an ...
admin/upload_files.php in Zomplog 3.8.1 and earlie ...
Multiple unspecified vulnerabilities in AlstraSoft ...
Arbor Networks Peakflow SP before 3.5.1 patch 14, ...
Unspecified vulnerability in Quicksilver Forums be ...
Unspecified vulnerability in the embedded service ...
Incomplete blacklist vulnerability in editor/filem ...
Cisco Catalyst 6500 and Cisco 7600 series devices ...
Unspecified vulnerability in IBM Rational ClearQue ...
account.php in Adam Scheinberg Flip 3.0 and earlie ...
The offer_account_by_email function in User.pm in ...
dBlog CMS, probably 2.0, stores sensitive informat ...
CS Guestbook stores sensitive information under th ...
Interpretation conflict in WinSCP before 4.0.4 all ...
SimpNews 2.41.03 stores sensitive information unde ...
curl/interface.c in the cURL library (aka libcurl) ...
The HPRevolutionRegistryManager ActiveX control in ...
reprepro 1.3.0 through 2.2.3 does not properly ver ...
The Aztech DSL600EU router, when WAN access to the ...
Unspecified vulnerability in WebKit on Apple Mac O ...
The default configuration of Safari in Apple Mac O ...
The NSURL component in Apple Mac OS X 10.4 through ...
CFFTP in CFNetwork for Apple Mac OS X 10.4 through ...
The Services API in Firebird before 2.0.2 allows r ...
Unspecified vulnerability in the server in Firebir ...
Unspecified vulnerability in Adobe Connect Enterpr ...
Multiple unspecified vulnerabilities in Gallery be ...
newswire/uploadmedia.cgi in 2coolcode Our Space (O ...
Unrestricted file upload vulnerability in index.ph ...
BEA WebLogic Server 9.1 does not properly handle p ...
Unrestricted file upload vulnerability in config/u ...
eyeOS uses predictable checksum values in the chec ...
A regression error in tcp-wrappers 7.6.dbs-10 and ...
The WebService (XML-RPC) interface in Bugzilla 2.2 ...
Multiple unspecified vulnerabilities in the Intuit ...
The Drupal Project module before 5.x-1.0, 4.7.x-2. ...
The Command Line Interface (CLI), aka Adonis Admin ...
index.php in Ryan Haudenschilt Family Connections ...
Tor before 0.1.2.16, when ControlPort is enabled, ...
The kadm5_modify_policy_internal function in lib/k ...
The (1) MySQL and (2) MySQLi extensions in PHP 4 b ...
MySQL Community Server before 5.0.45 allows remote ...
Xeweb XEForum allows remote attackers to gain priv ...
cgiChkMasterPwd.exe before 8.0.0.142 in Trend Micr ...
Mozilla Firefox before 2.0.0.5, when run on Window ...
The Menu Manager Mod for (1) web-app.net WebAPP (a ...
Apple Safari Beta 3.0.1 for Windows allows remote ...
PHP 5 before 5.2.3 does not enforce the open_based ...
Pheap 2.0 allows remote attackers to bypass authen ...
WabCMS 1.0 stores sensitive information under the ...
The "hit-highlighting" functionality in webhits.dl ...
The IOS FTP Server in Cisco IOS 11.3 through 12.4 ...
Sun Java Web Start in JDK and JRE 5.0 Update 10 an ...
Apple QuickTime for Java 7.1.6 on Mac OS X and Win ...
The Scheduler Service (VxSchedService.exe) in Syma ...
The APOP protocol allows remote attackers to guess ...
Novell Access Management 3 SSLVPN Server allows re ...
