Total
29869 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-1934 | 1 Ethereal Group | 1 Ethereal | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Multiple buffer overflows in Ethereal 0.10.x up to 0.10.14 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the (1) ALCAP dissector, (2) Network Instruments file code, or (3) NetXray/Windows Sniffer file code.
|
|||||
| CVE-2004-0445 | 1 Symantec | 5 Client Firewall, Client Security, Norton Antispam and 2 more | 2025-04-03 | 2.6 LOW | N/A |
|
The SYMDNS.SYS driver in Symantec Norton Internet Security and Professional 2002 through 2004, Norton Personal Firewall 2002 through 2004, Norton AntiSpam 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 through 2.0 allows remote attackers to cause a denial of service (CPU consumption from infinite loop) via a DNS response with a compressed name pointer that points to itself.
|
|||||
| CVE-2003-1313 | 1 Eternalmart | 1 Mailing List Manager | 2025-04-03 | 7.5 HIGH | N/A |
|
Multiple PHP remote file inclusion vulnerabilities in EternalMart Mailing List Manager (EMLM) 1.32 allow remote attackers to execute arbitrary PHP code via a URL in (1) the emml_admin_path parameter to admin/auth.php or (2) the emml_path parameter to emml_email_func.php.
|
|||||
| CVE-2005-1312 | 1 Yappa-ng | 1 Yappa-ng | 2025-04-03 | 7.5 HIGH | N/A |
|
PHP remote file inclusion vulnerability in Yappa-NG before 2.3.2 allows remote attackers to execute arbitrary PHP code via unknown vectors.
|
|||||
| CVE-1999-1488 | 1 Ibm | 1 System Data Repository | 2025-04-03 | 5.0 MEDIUM | N/A |
|
sdrd daemon in IBM SP2 System Data Repository (SDR) allows remote attackers to read files without authentication.
|
|||||
| CVE-2006-0970 | 1 Activecampaign | 6 1-2-all, General, Isalient and 3 more | 2025-04-03 | 7.5 HIGH | N/A |
|
PHP remote file inclusion vulnerability in index.php in one or more ActiveCampaign products, possibly SupportTrio, allows remote attackers to include and execute arbitrary files via the page parameter.
|
|||||
| CVE-1999-0350 | 1 Rational Software | 1 Clearcase | 2025-04-03 | 6.2 MEDIUM | N/A |
|
Race condition in the db_loader program in ClearCase gives local users root access by setting SUID bits.
|
|||||
| CVE-2006-1065 | 1 Mybulletinboard | 1 Mybulletinboard | 2025-04-03 | 5.0 MEDIUM | N/A |
|
SQL injection vulnerability in search.php in MyBulletinBoard (MyBB) 1.04 allows remote attackers to execute arbitrary SQL commands via the forums[] parameter.
|
|||||
| CVE-2004-1342 | 1 Cvs | 1 Cvs | 2025-04-03 | 7.5 HIGH | N/A |
|
CVS 1.12 and earlier on Debian GNU/Linux, when using the repouid patch, allows remote attackers to bypass authentication via the pserver access method.
|
|||||
| CVE-1999-0771 | 1 Compaq | 2 Insight Management Agent, Power Management | 2025-04-03 | 5.0 MEDIUM | N/A |
|
The web components of Compaq Management Agents and the Compaq Survey Utility allow a remote attacker to read arbitrary files via a .. (dot dot) attack.
|
|||||
| CVE-1999-0938 | 1 University College London | 1 Sdr | 2025-04-03 | 7.5 HIGH | N/A |
|
MBone SDR Package allows remote attackers to execute commands via shell metacharacters in Session Initiation Protocol (SIP) messages.
|
|||||
| CVE-2006-0632 | 1 Phpbb Group | 1 Phpbb | 2025-04-03 | 6.4 MEDIUM | N/A |
|
The gen_rand_string function in phpBB 2.0.19 uses insufficiently random data (small value space) to create the activation key ("validation ID") that is sent by e-mail when establishing a password, which makes it easier for remote attackers to obtain the key and modify passwords for existing accounts or create new accounts.
|
|||||
| CVE-2006-0794 | 1 V-webmail | 1 V-webmail | 2025-04-03 | 5.0 MEDIUM | N/A |
|
help.php in V-webmail 1.6.2 allows remote attackers to obtain the installation path via unspecified invalid parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
|
|||||
| CVE-2000-0626 | 1 Computer Software Manufaktur | 1 Alibaba | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Buffer overflow in Alibaba web server allows remote attackers to cause a denial of service via a long GET request.
|
|||||
| CVE-2006-1186 | 1 Microsoft | 2 Ie, Internet Explorer | 2025-04-03 | 10.0 HIGH | N/A |
|
Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via by instantiating the (1) Mdt2gddr.dll, (2) Mdt2dd.dll, and (3) Mdt2gddo.dll COM objects as ActiveX controls, which leads to memory corruption.
|
|||||
| CVE-2001-0405 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 7.5 HIGH | N/A |
|
ip_conntrack_ftp in the IPTables firewall for Linux 2.4 allows remote attackers to bypass access restrictions for an FTP server via a PORT command that lists an arbitrary IP address and port number, which is added to the RELATED table and allowed by the firewall.
|
|||||
| CVE-2004-1227 | 1 Sugarcrm | 1 Sugar Sales | 2025-04-03 | 10.0 HIGH | N/A |
|
Directory traversal vulnerability in SugarCRM Sugar Sales 2.0.1c and earlier allows remote attackers to read arbitrary files and possibly execute arbitrary PHP code via .. (dot dot) sequences in the (1) module, (2) action, or (3) theme parameters to index.php, (4) the theme parameter to Login.php, and possibly other parameters or scripts.
|
|||||
| CVE-2005-2586 | 1 Mentor | 1 Adslfr4ii | 2025-04-03 | 2.1 LOW | N/A |
|
Mentor ADSL-FR4II router running firmware 2.00.0111 stores the web administration password in cleartext in the backup configuration file, which allows local users to obtain sensitive information.
|
|||||
| CVE-2004-0697 | 1 4d | 1 Webstar | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Unknown vulnerability in 4D WebSTAR 5.3.2 and earlier allows remote attackers to read the php.ini configuration file and possibly obtain sensitive information.
|
|||||
| CVE-2005-1869 | 1 Appindex | 1 Mwchat | 2025-04-03 | 7.5 HIGH | N/A |
|
PHP remote file inclusion vulnerability in start_lobby.php in MWChat 6.x allows remote attackers to execute arbitrary PHP code via the CONFIG[MWCHAT_Libs] parameter.
|
|||||
| CVE-2004-1804 | 1 Invicta | 1 Wmcam Server | 2025-04-03 | 5.0 MEDIUM | N/A |
|
wMCam server 2.1.348 allows remote attackers to cause a denial of service (no new connections) via multiple malformed HTTP requests without the GET command.
|
|||||
| CVE-2004-1359 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 4.6 MEDIUM | N/A |
|
Multiple buffer overflows in uucp for Sun Solaris 2.6, 7, 8, and 9 allow local users to execute arbitrary code as the uucp user.
|
|||||
| CVE-2006-1518 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2025-04-03 | 6.5 MEDIUM | N/A |
|
Buffer overflow in the open_table function in sql_base.cc in MySQL 5.0.x up to 5.0.20 might allow remote attackers to execute arbitrary code via crafted COM_TABLE_DUMP packets with invalid length values.
|
|||||
| CVE-2004-1534 | 1 Zonelabs | 1 Zonealarm | 2025-04-03 | 5.0 MEDIUM | N/A |
|
ZoneAlarm and ZoneAlarm Pro before 5.5.062, with ad-blocking enabled, allows remote web sites to cause a denial of service (application instability or system hang) via certain JavaScript.
|
|||||
| CVE-2002-1087 | 1 Visualshapers | 1 Ezcontents | 2025-04-03 | 5.0 MEDIUM | N/A |
|
The scripts (1) createdir.php, (2) removedir.php and (3) uploadfile.php for ezContents 1.41 and earlier do not check credentials, which allows remote attackers to create or delete directories and upload files via a direct HTTP POST request.
|
|||||
| CVE-1999-1510 | 1 Bisonware | 1 Bisonware Ftp Server | 2025-04-03 | 7.5 HIGH | N/A |
|
Buffer overflows in Bisonware FTP server prior to 4.1 allow remote attackers to cause a denial of service, and possibly execute arbitrary commands, via long (1) USER, (2) LIST, or (3) CWD commands.
|
|||||
| CVE-2004-2457 | 1 3com | 1 3crwe754g72-a | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in 3Com OfficeConnect ADSL 11g Router allows remote attackers to cause a denial of service (crash) via a large amount of UDP traffic.
|
|||||
| CVE-2000-0452 | 1 Lotus | 2 Domino Enterprise Server, Domino Mail Server | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Buffer overflow in the ESMTP service of Lotus Domino Server 5.0.1 allows remote attackers to cause a denial of service via a long MAIL FROM command.
|
|||||
| CVE-2001-0687 | 1 Transsoft | 1 Broker Ftp Server | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Broker FTP server 5.9.5 for Windows NT and 9x allows a remote attacker to retrieve privileged web server system information by (1) issuing a CD command (CD C:) followed by the LS command, (2) specifying arbitrary paths in the UNC format (\\computername\sharename).
|
|||||
| CVE-2000-0388 | 1 Freebsd | 1 Freebsd | 2025-04-03 | 7.5 HIGH | N/A |
|
Buffer overflow in FreeBSD libmytinfo library allows local users to execute commands via a long TERMCAP environmental variable.
|
|||||
| CVE-2005-0802 | 1 Asp Press | 1 Acs Blog | 2025-04-03 | 4.3 MEDIUM | N/A |
|
Cross-site scripting (XSS) vulnerability in search.asp in ACS Blog 0.8 through 1.1b allows remote attackers to execute arbitrary web script or HTML via the search parameter.
|
|||||
| CVE-2004-1170 | 3 Gnu, Sun, Suse | 3 A2ps, Java Desktop System, Suse Linux | 2025-04-03 | 10.0 HIGH | N/A |
|
a2ps 4.13 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename.
|
|||||
| CVE-2001-0991 | 1 Scott R. Lemmon | 1 Proxomitron Naoko-4 | 2025-04-03 | 7.5 HIGH | N/A |
|
Cross-site scripting vulnerability in Proxomitron Naoko-4 BetaFour and earlier allows remote attackers to execute arbitrary script on other clients via an incorrect URL containing the malicious script, which is printed back in an error message.
|
|||||
| CVE-1999-0716 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2025-04-03 | 4.6 MEDIUM | N/A |
|
Buffer overflow in Windows NT 4.0 help file utility via a malformed help file.
|
|||||
| CVE-2005-4786 | 1 Hauri | 3 Hauri Livecall, Virobot, Vrazmain.dll | 2025-04-03 | 4.0 MEDIUM | N/A |
|
Buffer overflow in the archive decompression library (vrAZMain.dll 5.8.22.137), as used in HAURI anti-virus products including (1) ViRobot Expert 4.0, (2) ViRobot Advanced Server, and (3) HAURI LiveCall, allows user-assisted attackers to execute arbitrary code via an ALZ archive containing a file with a long filename.
|
|||||
| CVE-2005-3323 | 2 Debian, Zope | 2 Debian Linux, Zope | 2025-04-03 | 7.5 HIGH | N/A |
|
docutils in Zope 2.6, 2.7 before 2.7.8, and 2.8 before 2.8.2 allows remote attackers to include arbitrary files via include directives in RestructuredText functionality.
|
|||||
| CVE-2006-1768 | 1 Tritanium Scripts | 1 Tritanium Bulletin Board | 2025-04-03 | 5.1 MEDIUM | N/A |
|
Multiple cross-site scripting (XSS) vulnerabilities in register.php in Tritanium Bulletin Board (TBB) 1.2.3 allow remote attackers to inject arbitrary web script or HTML via the (1) newuser_name, (2) newuser_email, and (3) newuser_hp parameters in the faction=register mode in index.php.
|
|||||
| CVE-1999-0149 | 1 Sgi | 1 Irix | 2025-04-03 | 7.5 HIGH | N/A |
|
The wrap CGI program in IRIX allows remote attackers to view arbitrary directory listings via a .. (dot dot) attack.
|
|||||
| CVE-2002-0612 | 1 Craig Patchett | 1 Fileseek | 2025-04-03 | 7.5 HIGH | N/A |
|
FileSeek.cgi allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) head or (2) foot parameters.
|
|||||
| CVE-2006-2744 | 1 Facile Interactive Web | 1 Facile Interactive Web | 2025-04-03 | 7.5 HIGH | N/A |
|
PHP remote file inclusion vulnerability in p-popupgallery.php in F@cile Interactive Web 0.8.41 through 0.8.5 allows remote attackers to execute arbitrary PHP code via a URL in the l parameter.
|
|||||