Total
29869 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-0051 | 3 Globetrotter, Sgi, Sun | 5 Flexlm, Irix, License Oeo and 2 more | 2025-04-03 | 7.2 HIGH | N/A |
|
Arbitrary file creation and program execution using FLEXlm LicenseManager, from versions 4.0 to 5.0, in IRIX.
|
|||||
| CVE-2005-3495 | 1 Ar-blog | 1 Ar-blog | 2025-04-03 | 7.5 HIGH | N/A |
|
Ar-blog 5.2 and earlier allows remote attackers to bypass authentication by modifying cookies.
|
|||||
| CVE-2001-0783 | 1 Cisco | 1 Tftp Server | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Cisco TFTP server 1.1 allows remote attackers to read arbitrary files via a ..(dot dot) attack in the GET command.
|
|||||
| CVE-2004-1472 | 1 Symantec | 10 Firewall Vpn Appliance 100, Firewall Vpn Appliance 200, Firewall Vpn Appliance 200r and 7 more | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 allow remote attackers to cause a denial of service (device freeze) via a fast UDP port scan on the WAN interface.
|
|||||
| CVE-2001-1340 | 1 Beck Ipc Gmbh | 1 Ipc At Chip Telnetd Server | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Beck GmbH IPC@Chip TelnetD service supports only one connection and does not disconnect a user who does not complete the login process, which allows remote attackers to lock out the administrator account by connecting to the service.
|
|||||
| CVE-2001-0574 | 1 Jason Rahaim | 1 Mp3mystic | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Directory traversal vulnerability in MP3Mystic prior to 1.04b3 allows a remote attacker to download arbitrary files via a '..' (dot dot) in the URL.
|
|||||
| CVE-2006-3164 | 1 Tpl Design | 1 Tplshop | 2025-04-03 | 7.5 HIGH | N/A |
|
SQL injection vulnerability in category.php in TPL Design tplShop 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the first_row parameter.
|
|||||
| CVE-2004-2513 | 1 Pmail | 1 Pegasus | 2025-04-03 | 10.0 HIGH | N/A |
|
Buffer overflow in the IMAP service of Mercury (Pegasus) Mail 4.01 allows remote attackers to execute arbitrary code via a long SELECT command.
|
|||||
| CVE-2001-0125 | 3 Debian, Exmh, Mandrakesoft | 4 Debian Linux, Exmh, Mandrake Linux and 1 more | 2025-04-03 | 1.2 LOW | N/A |
|
exmh 2.2 and earlier allows local users to overwrite arbitrary files via a symlink attack on the exmhErrorMsg temporary file.
|
|||||
| CVE-2005-0513 | 1 Pmachine | 1 Pmachine Pro | 2025-04-03 | 7.5 HIGH | N/A |
|
PHP remote file inclusion vulnerability in mail_autocheck.php in the Email This Entry add-on for pMachine Pro 2.4, and possibly other versions including pMachine Free, allows remote attackers to execute arbitrary PHP code by directly requesting mail_autocheck.php and modifying the pm_path parameter to reference a URL on a remote web server that contains the code, a different vulnerability than CVE-2003-1086.
|
|||||
| CVE-2001-0475 | 1 Jelsoft | 1 Vbulletin | 2025-04-03 | 7.5 HIGH | N/A |
|
index.php in Jelsoft vBulletin does not properly initialize a PHP variable that is used to store template information, which allows remote attackers to execute arbitrary PHP code via special characters in the templatecache parameter.
|
|||||
| CVE-2003-0493 | 1 Snitz Communications | 1 Snitz Forums 2000 | 2025-04-03 | 10.0 HIGH | N/A |
|
Snitz Forums 3.4.03 and earlier allows attackers to gain privileges as other users by stealing and replaying the encrypted password after obtaining a valid session ID.
|
|||||
| CVE-2006-2675 | 1 Ubbcentral | 1 Ubb.threads | 2025-04-03 | 5.1 MEDIUM | N/A |
|
PHP remote file inclusion vulnerability in ubbt.inc.php in UBBThreads 5.x and 6.x allows remote attackers to execute arbitrary PHP code via a URL in the (1) thispath or (2) configdir parameters.
|
|||||
| CVE-2000-1047 | 1 Lotus | 2 Domino Enterprise Server, Domino Mail Server | 2025-04-03 | 10.0 HIGH | N/A |
|
Buffer overflow in SMTP service of Lotus Domino 5.0.4 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long ENVID keyword in the "MAIL FROM" command.
|
|||||
| CVE-2004-1499 | 1 Webhost Automation | 1 Helm Control Panel | 2025-04-03 | 4.3 MEDIUM | N/A |
|
Cross-site scripting (XSS) vulnerability in the compose message form in HELM 3.1.19 and earlier allows remote attackers to execute arbitrary web script or HTML via the Subject field.
|
|||||
| CVE-2004-1232 | 1 Gadu-gadu | 1 Gadu-gadu Instant Messenger | 2025-04-03 | 10.0 HIGH | N/A |
|
Stack-based buffer overflow in the code that sends images in Gadu-Gadu allows remote attackers to execute arbitrary code via a large image filename.
|
|||||
| CVE-2001-0325 | 1 Qnx | 1 Rtp | 2025-04-03 | 7.5 HIGH | N/A |
|
Buffer overflow in QNX RTP 5.60 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a large number of arguments to the stat command.
|
|||||
| CVE-2002-1448 | 1 Avaya | 3 Cajun M770-atm, Cajun P130, Cajun P330 | 2025-04-03 | 7.5 HIGH | N/A |
|
An undocumented SNMP read/write community string ('NoGaH$@!') in Avaya P330, P130, and M770-ATM Cajun products allows remote attackers to gain administrative privileges.
|
|||||
| CVE-2004-1134 | 1 Microsoft | 1 W3who.dll | 2025-04-03 | 10.0 HIGH | N/A |
|
Buffer overflow in the Microsoft W3Who ISAPI (w3who.dll) allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long query string.
|
|||||
| CVE-2002-2223 | 1 Juniper | 2 Netscreen Remote Security Client, Netscreen Remote Vpn Client | 2025-04-03 | 5.1 MEDIUM | N/A |
|
Buffer overflow in NetScreen-Remote 8.0 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted Internet Key Exchange (IKE) response packets, possibly including (1) a large Security Parameter Index (SPI) field, (2) large number of payloads, or (3) a long payload.
|
|||||
| CVE-2004-0969 | 3 Gentoo, Gnu, Ubuntu | 3 Linux, Groff, Ubuntu Linux | 2025-04-03 | 2.1 LOW | N/A |
|
The groffer script in the Groff package 1.18 and later versions, as used in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files.
|
|||||
| CVE-2005-0258 | 1 Phpbb Group | 1 Phpbb | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Directory traversal vulnerability in (1) usercp_register.php and (2) usercp_avatar.php for phpBB 2.0.11, and possibly other versions, with gallery avatars enabled, allows remote attackers to delete (unlink) arbitrary files via "/../" sequences in the avatarselect parameter.
|
|||||
| CVE-2006-1008 | 1 Nathan Landry | 1 N8cms Sitesuite Cms | 2025-04-03 | 5.8 MEDIUM | N/A |
|
Multiple cross-site scripting (XSS) vulnerabilities in N8cms 1.1 and 1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) dir and (2) page_id parameter to (a) index.php and (3) userid parameter to (b) mailto.php. NOTE: it is possible that issues 1 and 2 are resultant from SQL injection.
|
|||||
| CVE-2004-2536 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 7.5 HIGH | N/A |
|
The exit_thread function (process.c) in Linux kernel 2.6 through 2.6.5 does not invalidate the per-TSS io_bitmap pointers if a process obtains IO access permissions from the ioperm function but does not drop those permissions when it exits, which allows other processes to access the per-TSS pointers, access restricted memory locations, and possibly gain privileges.
|
|||||
| CVE-2002-0703 | 1 Gisle Aas | 1 Digest-md5 | 2025-04-03 | 7.5 HIGH | N/A |
|
An interaction between the Perl MD5 module (perl-Digest-MD5) and Perl could produce incorrect MD5 checksums for UTF-8 data, which could prevent a system from properly verifying the integrity of the data.
|
|||||
| CVE-2005-0579 | 1 Freenx | 1 Freenx | 2025-04-03 | 4.6 MEDIUM | N/A |
|
nxagent in FreeNX before 0.2.8 does not properly handle when the XAUTHORITY environment variable is not set, which allows local users to access the X server without X authentication.
|
|||||
| CVE-1999-0599 | 2025-04-03 | 10.0 HIGH | N/A | ||
|
A network intrusion detection system (IDS) does not properly handle packets with improper sequence numbers.
|
|||||
| CVE-2006-1452 | 1 Apple | 1 Mac Os X | 2025-04-03 | 4.6 MEDIUM | N/A |
|
Stack-based buffer overflow in Preview in Apple Mac OS 10.4 up to 10.4.6 allows local users to execute arbitrary code via a deep directory hierarchy.
|
|||||
| CVE-2006-1927 | 1 Cisco | 1 Ios Xr | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Cisco IOS XR, when configured for Multi Protocol Label Switching (MPLS) and running on Cisco CRS-1 or Cisco 12000 series routers, allows remote attackers to cause a denial of service (Line card crash) via certain MPLS packets, as identified by Cisco bug ID CSCsc77475.
|
|||||
| CVE-2006-1494 | 1 Php | 1 Php | 2025-04-03 | 2.6 LOW | N/A |
|
Directory traversal vulnerability in file.c in PHP 4.4.2 and 5.1.2 allows local users to bypass open_basedir restrictions allows remote attackers to create files in arbitrary directories via the tempnam function.
|
|||||
| CVE-2005-4317 | 1 Limbo Cms | 1 Limbo Cms | 2025-04-03 | 6.8 MEDIUM | N/A |
|
Limbo CMS 1.0.4.2 and earlier, with register_globals off, does not protect the $_SERVER variable from external modification, which allows remote attackers to use the _SERVER[REMOTE_ADDR] parameter to (1) conduct cross-site scripting (XSS) attacks in the stats module or (2) execute arbitrary code via an eval injection attack in the wrapper option in index2.php.
|
|||||
| CVE-2000-1236 | 1 Oracle | 1 Application Server | 2025-04-03 | 7.5 HIGH | N/A |
|
SQL injection vulnerability in mod_sql in Oracle Internet Application Server (IAS) 3.0.7 and earlier allows remote attackers to execute arbitrary SQL commands via the query string of the URL.
|
|||||
| CVE-2003-0963 | 1 Alexander V. Lukyanov | 1 Lftp | 2025-04-03 | 7.5 HIGH | N/A |
|
Buffer overflows in (1) try_netscape_proxy and (2) try_squid_eplf for lftp 2.6.9 and earlier allow remote HTTP servers to execute arbitrary code via long directory names that are processed by the ls or rels commands.
|
|||||
| CVE-2002-0586 | 1 Aol | 1 Aol Server | 2025-04-03 | 7.5 HIGH | N/A |
|
Format string vulnerability in Ns_PdLog function for the external database driver proxy daemon library (libnspd.a) of AOLServer 3.0 through 3.4.2 allows remote attackers to execute arbitrary code via the Error or Notice parameters.
|
|||||
| CVE-2005-3123 | 1 Gnu | 1 Gnump3d | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Directory traversal vulnerability in GNUMP3D before 2.9.6 allows remote attackers to read arbitrary files via crafted sequences such as "/.//..//////././", which is collapsed into "/.././" after ".." and "//" sequences are removed.
|
|||||
| CVE-2000-0991 | 1 Hilgraeve | 1 Hyperterminal | 2025-04-03 | 7.5 HIGH | N/A |
|
Buffer overflow in Hilgraeve, Inc. HyperTerminal client on Windows 98, ME, and 2000 allows remote attackers to execute arbitrary commands via a long telnet URL, aka the "HyperTerminal Buffer Overflow" vulnerability.
|
|||||
| CVE-2002-1821 | 1 Ultimate Php Board | 1 Ultimate Php Board | 2025-04-03 | 4.6 MEDIUM | N/A |
|
Ultimate PHP Board (UPB) 1.0 and 1.0b allows remote authenticated users to gain privileges and perform unauthorized actions via direct requests to (1) admin_members.php, (2) admin_config.php, (3) admin_cat.php, or (4) admin_forum.php.
|
|||||
| CVE-2001-0165 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 7.2 HIGH | N/A |
|
Buffer overflow in ximp40 shared library in Solaris 7 and Solaris 8 allows local users to gain privileges via a long "arg0" (process name) argument.
|
|||||
| CVE-2005-2486 | 1 Portailphp | 1 Portailphp | 2025-04-03 | 7.5 HIGH | N/A |
|
SQL injection vulnerability in mod_forum/read_message.php in PortailPHP allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php with the affiche parameter set to "Forum-read_mess", a different vulnerability than CVE-2005-1701.
|
|||||
| CVE-2006-4664 | 1 Premod Shadow | 1 Premod Shadow | 2025-04-03 | 5.1 MEDIUM | N/A |
|
PHP remote file inclusion vulnerability in includes/functions_portal.php in Premod Shadow 2.7.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
|
|||||