Total
29869 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0570 | 1 Centrinity | 1 Firstclass Intranet Server | 2025-04-03 | 5.0 MEDIUM | N/A |
|
FirstClass Internet Services server 5.770, and other versions before 6.1, allows remote attackers to cause a denial of service by sending an email with a long To: mail header.
|
|||||
| CVE-1999-0583 | 2025-04-03 | 10.0 HIGH | N/A | ||
|
There is a one-way or two-way trust relationship between Windows NT domains.
|
|||||
| CVE-2005-0364 | 1 Hp | 1 Hp-ux | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Unknown vulnerability in BIND 9.2.0 in HP-UX B.11.00, B.11.11, and B.11.23 allows remote attackers to cause a denial of service.
|
|||||
| CVE-2001-0544 | 1 Microsoft | 1 Internet Information Services | 2025-04-03 | 2.1 LOW | N/A |
|
IIS 5.0 allows local users to cause a denial of service (hang) via by installing content that produces a certain invalid MIME Content-Type header, which corrupts the File Type table.
|
|||||
| CVE-2002-1413 | 1 Novell | 1 Netware | 2025-04-03 | 7.5 HIGH | N/A |
|
RCONAG6 for Novell Netware SP2, while running RconJ in secure mode, allows remote attackers to bypass authentication using the RconJ "Secure IP" (SSL) option during a connection.
|
|||||
| CVE-2005-4695 | 1 Symantec | 1 Brightmail Antispam | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Symantec Brightmail AntiSpam 6.0 build 1 and 2 allows remote attackers to cause a denial of service (bmserver component termination) via malformed MIME messages.
|
|||||
| CVE-2000-0917 | 3 Caldera, Redhat, Trustix | 6 Openlinux, Openlinux Ebuilder, Openlinux Edesktop and 3 more | 2025-04-03 | 10.0 HIGH | N/A |
|
Format string vulnerability in use_syslog() function in LPRng 3.6.24 allows remote attackers to execute arbitrary commands.
|
|||||
| CVE-2006-1659 | 1 Softbiz | 1 Image Gallery | 2025-04-03 | 6.4 MEDIUM | N/A |
|
Multiple SQL injection vulnerabilities in Softbiz Image Gallery allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in image_desc.php, (2) provided parameter in template.php, (3) cid parameter in suggest_image.php, (4) img_id parameter in insert_rating.php, and (5) cid parameter in images.php.
|
|||||
| CVE-2005-2500 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 7.5 HIGH | N/A |
|
Buffer overflow in the xdr_xcode_array2 function in xdr.c in Linux kernel 2.6.12, as used in SuSE Linux Enterprise Server 9, might allow remote attackers to cause a denial of service and possibly execute arbitrary code via crafted XDR data for the nfsacl protocol.
|
|||||
| CVE-2005-1365 | 1 Pico Server | 1 Pico Server | 2025-04-03 | 10.0 HIGH | N/A |
|
Pico Server (pServ) 3.2 and earlier allows remote attackers to execute arbitrary commands via a URL with multiple leading "/" (slash) characters and ".." sequences.
|
|||||
| CVE-2003-1123 | 1 Sun | 2 Jdk, Jre | 2025-04-03 | 7.5 HIGH | N/A |
|
Sun Java Runtime Environment (JRE) and SDK 1.4.0_01 and earlier allows untrusted applets to access certain information within trusted applets, which allows attackers to bypass the restrictions of the Java security model.
|
|||||
| CVE-2006-1385 | 1 Kismac | 1 Kismac | 2025-04-03 | 5.1 MEDIUM | N/A |
|
Stack-based buffer overflow in the parseTaggedData function in WavePacket.mm in KisMAC R54 through R73p allows remote attackers to execute arbitrary code via multiple SSIDs in a Cisco vendor tag in a 802.11 management frame.
|
|||||
| CVE-2004-1580 | 1 Devellion | 1 Cubecart | 2025-04-03 | 7.5 HIGH | N/A |
|
SQL injection vulnerability in index.php in CubeCart 2.0.1 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter.
|
|||||
| CVE-2005-2426 | 1 Ftpshell | 1 Ftpshell Server | 2025-04-03 | 2.1 LOW | N/A |
|
FTPshell Server 3.38 allows remote authenticated users to cause a denial of service (application crash) by multiple connections and disconnections without using the QUIT command.
|
|||||
| CVE-2004-0821 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | 7.2 HIGH | N/A |
|
The CFPlugIn in Core Foundation framework in Mac OS X allows user supplied libraries to be loaded, which could allow local users to gain privileges.
|
|||||
| CVE-1999-1086 | 1 Novell | 1 Netware | 2025-04-03 | 10.0 HIGH | N/A |
|
Novell 5 and earlier, when running over IPX with a packet signature level less than 3, allows remote attackers to gain administrator privileges by spoofing the MAC address in IPC fragmented packets that make NetWare Core Protocol (NCP) calls.
|
|||||
| CVE-2005-0810 | 1 Notify Technology | 1 Notifylink | 2025-04-03 | 7.5 HIGH | N/A |
|
SQL injection vulnerability in NotifyLink before 3.0 allows remote attackers to execute arbitrary SQL commands via the URL.
|
|||||
| CVE-2002-1424 | 1 John G. Myers | 1 Mpack | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Buffer overflow in munpack in mpack 1.5 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code.
|
|||||
| CVE-2006-2947 | 1 Dmx Forum | 1 Dmx Forum | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Dmx Forum 2.1a allows remote attackers to obtain username and password information via a direct request to pops/edit.php with a modified membre parameter.
|
|||||
| CVE-2005-0114 | 2 Checkpoint, Zonelabs | 3 Check Point Integrity Client, Zonealarm, Zonealarm Wireless Security | 2025-04-03 | 2.1 LOW | N/A |
|
vsdatant.sys in Zone Lab ZoneAlarm before 5.5.062.011, ZoneAlarm Wireless before 5.5.080.000, Check Point Integrity Client 4.x before 4.5.122.000 and 5.x before 5.1.556.166 do not properly verify that the ServerPortName argument to the NtConnectPort function is a valid memory address, which allows local users to cause a denial of service (system crash) when ZoneAlarm attempts to dereference an invalid pointer.
|
|||||
| CVE-2005-3950 | 1 Nufw | 1 Nufw | 2025-04-03 | 6.8 MEDIUM | N/A |
|
nuauth in NuFW 1.0.x before 1.0.16 and 1.1 allows authenticated users to cause a denial of service via malformed packets.
|
|||||
| CVE-2004-0351 | 1 Spidersales | 1 Spidersales | 2025-04-03 | 2.1 LOW | N/A |
|
Spider Sales shopping cart stores the private key in the same database and table as the public key, which allows local users with access to the database to decrypt data.
|
|||||
| CVE-2006-3343 | 1 Crisoft Ricette | 1 Crisoft Ricette | 2025-04-03 | 7.5 HIGH | N/A |
|
PHP remote file inclusion vulnerability in recipe/cookbook.php in CrisoftRicette 1.0pre15b allows remote attackers to execute arbitrary PHP code via a URL in the crisoftricette parameter.
|
|||||
| CVE-2006-0846 | 1 Leif M. Wright | 1 Web Blog | 2025-04-03 | 4.3 MEDIUM | N/A |
|
Multiple cross-site scripting (XSS) vulnerabilities in Leif M. Wright's Blog 3.5 allow remote attackers to inject arbitrary web script or HTML via the (1) Referer and (2) User-Agent HTTP headers, which are stored in a log file and not sanitized when the administrator views the "Log" page, possibly using the ViewCommentsLog function.
|
|||||
| CVE-2004-2539 | 1 Network Appliance | 2 Data Ontap, Netcache | 2025-04-03 | 7.8 HIGH | N/A |
|
Unknown vulnerability in Network Appliance NetCache 5.2 and Data ONTAP 6.0 allows remote attackers to cause a denial of service (panic and reboot) and possibly other impacts via unknown attack vectors, possibly related to unspecified worms, as identified by bug ID
|
|||||
| CVE-2004-1749 | 1 Toplayer | 1 Attack Mitigator | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Attack Mitigator IPS 5500 3.11.008, and possibly other versions, when configured in a one-armed routing configuration, allows remote attackers to cause a denial of service (CPU consumption) via a large number of HTTP requests.
|
|||||
| CVE-2002-2315 | 1 Cisco | 1 Ios | 2025-04-03 | 7.8 HIGH | N/A |
|
Cisco IOS 11.2.x and 12.0.x does not limit the size of its redirect table, which allows remote attackers to cause a denial of service (memory consumption) via spoofed ICMP redirect packets to the router.
|
|||||
| CVE-2005-3891 | 1 Gadu-gadu | 1 Gadu-gadu Instant Messenger | 2025-04-03 | 7.8 HIGH | N/A |
|
Stack-based buffer overflow in Gadu-Gadu 7.20 allows remote attackers to cause a denial of service (crash) via an image filename between exactly 192 to 200 characters, which does not account for the "imgcache\" string that is added to the end of the buffer.
|
|||||
| CVE-2005-1896 | 1 Flatnuke | 1 Flatnuke | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Directory traversal vulnerability in thumb.php in FlatNuke 2.5.3 allows remote attackers to read arbitrary images or obtain the installation path via the image parameter.
|
|||||
| CVE-2003-1029 | 1 Lbl | 1 Tcpdump | 2025-04-03 | 5.0 MEDIUM | N/A |
|
The L2TP protocol parser in tcpdump 3.8.1 and earlier allows remote attackers to cause a denial of service (infinite loop and memory consumption) via a packet with invalid data to UDP port 1701, which causes l2tp_avp_print to use a bad length value when calling print_octets.
|
|||||
| CVE-2001-1581 | 1 Clearswift Limited | 1 Mailsweeper | 2025-04-03 | 7.5 HIGH | N/A |
|
The File Blocker feature in Clearswift MAILsweeper for SMTP 4.2 allows remote attackers to bypass e-mail attachment filtering policies via a modified name in a Content-Type header.
|
|||||
| CVE-2003-1156 | 1 Sun | 2 Jdk, Jre | 2025-04-03 | 4.6 MEDIUM | N/A |
|
Java Runtime Environment (JRE) and Software Development Kit (SDK) 1.4.2 through 1.4.2_02 allows local users to overwrite arbitrary files via a symlink attack on (1) unpack.log, as created by the unpack program, or (2) .mailcap1 and .mime.types1, as created by the RPM program.
|
|||||
| CVE-2006-4322 | 1 Bits-dont-bite | 1 Estateagent | 2025-04-03 | 7.5 HIGH | N/A |
|
PHP remote file inclusion vulnerability in estateagent.php in the EstateAgent component (com_estateagent) for Mambo, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
|
|||||
| CVE-2005-0681 | 1 Nokia | 1 Series | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Nokia Symbian 60 allows remote attackers to cause a denial of service (phone restart) via a Bluetooth nickname.
|
|||||
| CVE-2005-0834 | 1 Belkin | 1 Belkin 54g Wireless Router | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Belkin 54G (F5D7130) wireless router enables SNMP by default in a manner that allows remote attackers to obtain sensitive information.
|
|||||
| CVE-2004-1175 | 6 Debian, Gentoo, Midnight Commander and 3 more | 8 Debian Linux, Linux, Midnight Commander and 5 more | 2025-04-03 | 7.5 HIGH | N/A |
|
fish.c in midnight commander allows remote attackers to execute arbitrary programs via "insecure filename quoting," possibly using shell metacharacters.
|
|||||
| CVE-2006-3020 | 1 Planete Afrique | 1 Ws-album | 2025-04-03 | 6.8 MEDIUM | N/A |
|
Multiple cross-site scripting (XSS) vulnerabilities in FullPhoto.asp in WS-Album 1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) image and (2) PublisedDate parameters.
|
|||||
| CVE-2003-0363 | 1 Licq | 1 Licq | 2025-04-03 | 7.5 HIGH | N/A |
|
Format string vulnerability in LICQ 1.2.6, 1.0.3 and possibly other versions allows remote attackers to perform unknown actions via format string specifiers.
|
|||||
| CVE-2006-0185 | 1 Php-nuke | 2 News Module, Pool Module | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Multiple cross-site scripting vulnerabilities in the (1) Pool or (2) News Modules in Php-Nuke allow remote attackers to inject arbitrary web script or HTML via javascript in the SRC attribute of an IMG tag.
|
|||||
| CVE-2006-3739 | 2 X.org, Xfree86 Project | 2 X.org, Xfree86 X | 2025-04-03 | 7.2 HIGH | N/A |
|
Integer overflow in the CIDAFM function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted Adobe Font Metrics (AFM) files with a modified number of character metrics (StartCharMetrics), which leads to a heap-based buffer overflow.
|
|||||