Total
29869 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-3236 | 1 Thinkfactory | 1 Thinkwms | 2025-04-03 | 7.5 HIGH | N/A |
|
Multiple SQL injection vulnerabilities in thinkWMS 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in (a) index.php or (b) printarticle.php, and the (2) catid parameter in index.php.
|
|||||
| CVE-2005-0875 | 1 Cerulean Studios | 1 Trillian | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Multiple buffer overflows in the Yahoo plug-in for Trillian 2.0, 3.0, and 3.1 allow remote web servers to cause a denial of service (application crash) via a long string in an HTTP 1.1 response header.
|
|||||
| CVE-1999-1213 | 1 Hp | 1 Hp-ux | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Vulnerability in telnet service in HP-UX 10.30 allows attackers to cause a denial of service.
|
|||||
| CVE-2005-0497 | 1 Adp | 1 Elite System Max 9000 | 2025-04-03 | 7.2 HIGH | N/A |
|
ADP Elite System Max 9000 allows remote authenticated users to gain privileges by uploading a .profile that sets the ADPROOT environment variable to the root directory.
|
|||||
| CVE-2003-1069 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 5.0 MEDIUM | N/A |
|
The Telnet daemon (in.telnetd) for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (CPU consumption by infinite loop).
|
|||||
| CVE-1999-0076 | 1 Washington University | 1 Wu-ftpd | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Buffer overflow in wu-ftp from PASV command causes a core dump.
|
|||||
| CVE-2002-0193 | 1 Microsoft | 1 Internet Explorer | 2025-04-03 | 7.5 HIGH | N/A |
|
Microsoft Internet Explorer 5.01 and 6.0 allow remote attackers to execute arbitrary code via malformed Content-Disposition and Content-Type header fields that cause the application for the spoofed file type to pass the file back to the operating system for handling rather than raise an error message, aka the first variant of the "Content Disposition" vulnerability.
|
|||||
| CVE-2005-3492 | 1 Johannes F. Kuhlmann | 1 Flatfrag | 2025-04-03 | 5.0 MEDIUM | N/A |
|
FlatFrag 0.3 and earlier allows remote attackers to cause a denial of service (crash) by sending an NT_CONN_OK command from a client that is not connected, which triggers a null dereference.
|
|||||
| CVE-2006-0227 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 2.6 LOW | N/A |
|
Multiple unspecified vulnerabilities in lpsched in Sun Solaris 8, 9, and 10 allow local users to delete arbitrary files or disable the LP print service via unknown attack vectors.
|
|||||
| CVE-2004-1278 | 2 Abc2ps, John Chambers | 2 Abc2ps, Jcabc2ps | 2025-04-03 | 10.0 HIGH | N/A |
|
Buffer overflow in the switch_voice function in parse.c for jcabc2ps 20040902 allows remote attackers to execute arbitrary code via a crafted ABC file.
|
|||||
| CVE-2005-1554 | 1 Wowbb | 1 Wowbb Web Forum | 2025-04-03 | 7.5 HIGH | N/A |
|
SQL injection vulnerability in view_user.php in WowBB 1.6, 1.61, and 1.62 allows remote attackers to execute arbitrary SQL commands via the sort_by parameter.
|
|||||
| CVE-2005-2553 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 2.1 LOW | N/A |
|
The find_target function in ptrace32.c in the Linux kernel 2.4.x before 2.4.29 does not properly handle a NULL return value from another function, which allows local users to cause a denial of service (kernel crash/oops) by running a 32-bit ltrace program with the -i option on a 64-bit executable program.
|
|||||
| CVE-2001-1384 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 7.2 HIGH | N/A |
|
ptrace in Linux 2.2.x through 2.2.19, and 2.4.x through 2.4.9, allows local users to gain root privileges by running ptrace on a setuid or setgid program that itself calls an unprivileged program, such as newgrp.
|
|||||
| CVE-2005-2085 | 1 Infradig Systems | 1 Inframail Advantage | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Buffer overflow in Inframail Advantage Server Edition 6.0 through 6.7 allows remote attackers to cause a denial of service (process crash) via a long (1) SMTP FROM field or possibly (2) FTP NLST command.
|
|||||
| CVE-2004-0829 | 1 Samba | 1 Samba | 2025-04-03 | 5.0 MEDIUM | N/A |
|
smbd in Samba before 2.2.11 allows remote attackers to cause a denial of service (daemon crash) by sending a FindNextPrintChangeNotify request without a previous FindFirstPrintChangeNotify, as demonstrated by the SMB client in Windows XP SP2.
|
|||||
| CVE-2002-1195 | 1 Gabriele Bartolini | 1 Ht Check | 2025-04-03 | 4.3 MEDIUM | N/A |
|
Cross-site scripting vulnerability (XSS) in the PHP interface for ht://Check 1.1 allows remote web servers to insert arbitrary HTML, including script, via a web page.
|
|||||
| CVE-2006-3197 | 1 Invision Power Services | 1 Invision Power Board | 2025-04-03 | 4.3 MEDIUM | N/A |
|
Cross-site scripting (XSS) vulnerability in Invision Power Board (IPB) 2.1.6 and earlier allows remote attackers to inject arbitrary web script or HTML via a POST that contains hexadecimal-encoded HTML.
|
|||||
| CVE-2004-1905 | 1 Panda | 1 Activescan | 2025-04-03 | 5.0 MEDIUM | N/A |
|
ascontrol.dll in Panda ActiveScan 5.0 allows remote attackers to cause a denial of service (crash) by calling the SetSitesFile function.
|
|||||
| CVE-2006-2003 | 1 Community Architect | 1 Community Architect Guestbook | 2025-04-03 | 4.3 MEDIUM | N/A |
|
Cross-site scripting (XSS) vulnerability in cgi-bin/guest in Community Architect Guestbook allows remote attackers to inject arbitrary web script or HTML by signing the guestbook, which is displayed by fsguestbook.html. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
|
|||||
| CVE-2005-0460 | 1 Mercuryboard | 1 Mercuryboard | 2025-04-03 | 5.0 MEDIUM | N/A |
|
index.php in MercuryBoard 1.0.x and 1.1.x allows remote attackers to obtain sensitive information by setting the debug parameter.
|
|||||
| CVE-2005-0078 | 3 Debian, Kde, Redhat | 5 Debian Linux, Kde, Enterprise Linux and 2 more | 2025-04-03 | 4.6 MEDIUM | N/A |
|
The KDE screen saver in KDE before 3.0.5 does not properly check the return value from a certain function call, which allows attackers with physical access to cause a crash and access the desktop session.
|
|||||
| CVE-2005-2535 | 1 Broadcom | 4 Arcserve Backup 2000, Brightstor Arcserve Backup, Brightstor Arcserve Backup Hp and 1 more | 2025-04-03 | 7.5 HIGH | N/A |
|
Buffer overflow in the Discovery Service in BrightStor ARCserve Backup 9.0 through 11.1 allows remote attackers to execute arbitrary commands via a large packet to TCP port 41523, a different vulnerability than CVE-2005-0260.
|
|||||
| CVE-2005-3556 | 1 Tincan | 1 Phplist | 2025-04-03 | 4.3 MEDIUM | N/A |
|
Multiple cross-site scripting (XSS) vulnerabilities in PHPlist 2.10.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) listname parameter in (a) admin/editlist.php, (2) title parameter in (b) admin/spageedit.php, (3) title field in (c) admin/template.php, (4) filter, (5) delete, and (6) start parameters in (d) admin/eventlog.php, (7) id parameter in (e) admin/configure.php, (8) find parameter in (f) admin/users.php, (9) start parameter in (g) admin/admin.php, ...
Show More |
|||||
| CVE-2005-4236 | 1 Cartkeeper | 1 Ckgold Shopping Cart | 2025-04-03 | 4.3 MEDIUM | N/A |
|
Cross-site scripting (XSS) vulnerability in search.php in CKGOLD allows remote attackers to inject arbitrary web script or HTML via the search parameters.
|
|||||
| CVE-2004-0040 | 1 Checkpoint | 2 Firewall-1, Vpn-1 | 2025-04-03 | 10.0 HIGH | N/A |
|
Stack-based buffer overflow in Check Point VPN-1 Server 4.1 through 4.1 SP6 and Check Point SecuRemote/SecureClient 4.1 through 4.1 build 4200 allows remote attackers to execute arbitrary code via an ISAKMP packet with a large Certificate Request packet.
|
|||||
| CVE-2005-0773 | 1 Symantec Veritas | 1 Backup Exec | 2025-04-03 | 7.5 HIGH | N/A |
|
Stack-based buffer overflow in VERITAS Backup Exec Remote Agent 9.0 through 10.0 for Windows, and 9.0.4019 through 9.1.307 for Netware allows remote attackers to execute arbitrary code via a CONNECT_CLIENT_AUTH request with authentication method type 3 (Windows credentials) and a long password argument.
|
|||||
| CVE-2006-2591 | 1 E107 | 1 E107 | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in e107 before 0.7.5 has unknown impact and remote attack vectors related to an "emailing exploit".
|
|||||
| CVE-2000-0272 | 1 Realnetworks | 1 Realserver | 2025-04-03 | 7.8 HIGH | N/A |
|
RealNetworks RealServer allows remote attackers to cause a denial of service by sending malformed input to the server at port 7070.
|
|||||
| CVE-2004-2200 | 1 Duware | 1 Duforum | 2025-04-03 | 4.3 MEDIUM | N/A |
|
Cross-site scripting (XSS) vulnerability in DUware DUforum 3.0 through 3.1 allows remote attackers to inject arbitrary web script or HTML via via the message text.
|
|||||
| CVE-2005-3683 | 1 Freeftpd | 1 Freeftpd | 2025-04-03 | 7.5 HIGH | N/A |
|
Stack-based buffer overflow in freeFTPd before 1.0.9 with Logging enabled, allows remote attackers to cause a denial of service (application crash), and possibly execute arbitrary code, via a long USER command.
|
|||||
| CVE-2003-0198 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | 6.4 MEDIUM | N/A |
|
Mac OS X before 10.2.5 allows guest users to modify the permissions of the DropBox folder and read unauthorized files.
|
|||||
| CVE-2003-0590 | 1 Splatt | 1 Splatt Forum | 2025-04-03 | 7.1 HIGH | N/A |
|
Cross-site scripting (XSS) vulnerability in Splatt Forum allows remote attackers to insert arbitrary HTML and web script via the post icon (image_subject) field.
|
|||||
| CVE-2002-2158 | 1 Zendocs | 1 Zentrack | 2025-04-03 | 5.0 MEDIUM | N/A |
|
zenTrack 2.0.3 and earlier allows remote attackers to obtain the full path to the web root via an invalid ticket ID, which leaks the path in an error message.
|
|||||
| CVE-2001-1540 | 1 David F. Mischler | 1 Iproute | 2025-04-03 | 5.0 MEDIUM | N/A |
|
IPRoute 0.973, 0.974 and 1.18 allows remote attackers to cause a denial of service via fragmented IP packets that split the TCP header.
|
|||||
| CVE-2004-0004 | 1 Openca | 1 Openca | 2025-04-03 | 7.5 HIGH | N/A |
|
The libCheckSignature function in crypto-utils.lib for OpenCA 0.9.1.6 and earlier only compares the serial of the signer's certificate and the one in the database, which can cause OpenCA to incorrectly accept a signature if the certificate's chain is trusted by OpenCA's chain directory, allowing remote attackers to spoof requests from other users.
|
|||||
| CVE-2002-0029 | 2 Astaro, Isc | 2 Security Linux, Bind | 2025-04-03 | 7.5 HIGH | N/A |
|
Buffer overflows in the DNS stub resolver library in ISC BIND 4.9.2 through 4.9.10, and other derived libraries such as BSD libc and GNU glibc, allow remote attackers to execute arbitrary code via DNS server responses that trigger the overflow in the (1) getnetbyname, or (2) getnetbyaddr functions, aka "LIBRESOLV: buffer overrun" and a different vulnerability than CVE-2002-0684.
|
|||||
| CVE-2005-2533 | 1 Openvpn | 1 Openvpn | 2025-04-03 | 2.1 LOW | N/A |
|
OpenVPN before 2.0.1, when running in "dev tap" Ethernet bridging mode, allows remote authenticated clients to cause a denial of service (memory exhaustion) via a flood of packets with a large number of spoofed MAC addresses.
|
|||||
| CVE-2001-0791 | 1 Trend Micro | 1 Interscan Viruswall | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Trend Micro InterScan VirusWall for Windows NT allows remote attackers to make configuration changes by directly calling certain CGI programs, which do not restrict access.
|
|||||
| CVE-2003-1169 | 1 Datev | 1 Nutzungskontrolle | 2025-04-03 | 4.6 MEDIUM | N/A |
|
DATEV Nutzungskontrolle 2.1 and 2.2 has insecure write permissions for critical registry keys, which allows local users to bypass access restrictions by importing NukoInfo values in certain DATEV keys, which disables Nutzungskontrolle.
|
|||||
| CVE-2005-0574 | 1 Cupidsystems | 1 Cis Webserver | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Directory traversal vulnerability in CIS WebServer 3.5.13 allows remote attackers to read arbitrary files via .. (dot dot) sequences in the URL.
|
|||||