Total
29557 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-0631 | 1 Adobe | 1 Acrobat Reader | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in the uudecoding feature for Adobe Acrobat Reader 5.0.5 and 5.0.6 for Unix and Linux, and possibly other versions including those before 5.0.9, allows remote attackers to execute arbitrary code via a long filename for the PDF file that is provided to the uudecode command. | |||||
| CVE-2006-2027 | 1 Pablo Software Solutions | 1 Quick N Easy Ftp Server | 2025-04-03 | 6.5 MEDIUM | N/A |
| Buffer overflow in Unicode processing in the logging functionality in Pablo Software Solutions Quick 'n Easy FTP Server Professional and Lite, probably 3.0, allows remote authenticated users to execute arbitrary code by sending a command with a long argument, which triggers a buffer overflow when an admin selects the Logging section in the FTP server main window. NOTE: the original researcher claims that the vendor disputes this issue. | |||||
| CVE-2001-0348 | 1 Microsoft | 1 Windows 2000 | 2025-04-03 | 5.0 MEDIUM | N/A |
| Microsoft Windows 2000 telnet service allows attackers to cause a denial of service (crash) via a long logon command that contains a backspace. | |||||
| CVE-2002-0164 | 1 Caldera | 2 Openlinux Server, Openlinux Workstation | 2025-04-03 | 4.6 MEDIUM | N/A |
| Vulnerability in the MIT-SHM extension of the X server on Linux (XFree86) 4.2.1 and earlier allows local users to read and write arbitrary shared memory, possibly to cause a denial of service or gain privileges. | |||||
| CVE-2005-3894 | 1 Otrs | 1 Otrs | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index.pl in Open Ticket Request System (OTRS) 1.0.0 through 1.3.2 and 2.0.0 through 2.0.3 allow remote authenticated users to inject arbitrary web script or HTML via (1) hex-encoded values in the QueueID parameter and (2) Action parameters. | |||||
| CVE-1999-1460 | 1 Bmc | 1 Patrol Agent | 2025-04-03 | 7.2 HIGH | N/A |
| BMC PATROL SNMP Agent before 3.2.07 allows local users to create arbitrary world-writeable files as root by specifying the target file as the second argument to the snmpmagt program. | |||||
| CVE-1999-0731 | 1 Caldera | 1 Openlinux | 2025-04-03 | 4.6 MEDIUM | N/A |
| The KDE klock program allows local users to unlock a session using malformed input. | |||||
| CVE-2001-0393 | 1 Navision | 1 Financials Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Navision Financials Server 2.0 allows remote attackers to cause a denial of service via a series of connections to the server without providing a username/password combination, which consumes the license limits. | |||||
| CVE-2004-2166 | 1 Canon | 2 Imagerunner 5000i, Imagerunner C3200 | 2025-04-03 | 7.5 HIGH | N/A |
| The print-from-email feature in the Canon ImageRUNNER (iR) 5000i and C3200 digital printer, when not using IP address range filtering, allows remote attackers to print arbitrary text without authentication via a text/plain email to TCP port 25. | |||||
| CVE-2001-0743 | 1 Oreilly | 1 Webboard | 2025-04-03 | 5.0 MEDIUM | N/A |
| Paging function in O'Reilly WebBoard Pager 4.10 allows remote attackers to cause a denial of service via a message with an escaped ' character followed by JavaScript commands. | |||||
| CVE-2005-1582 | 1 1two | 1 1two News | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php for 1Two News 1.0 allows remote attackers to inject arbitrary web script or HTML via the (1) nom, (2) email, (3) siteweb, or (4) commentaire variables. | |||||
| CVE-2003-1146 | 1 John Beatty | 1 Easy Php Photo Album | 2025-04-03 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in John Beatty Easy PHP Photo Album 1.0 allows remote attackers to inject arbitrary web script or HTML via the dir parameter. | |||||
| CVE-2005-1747 | 2 Bea, Oracle | 2 Weblogic Server, Weblogic Portal | 2025-04-03 | 6.8 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in BEA WebLogic Server and Express 8.1 through Service Pack 4, and 7.0 through Service Pack 6, allow remote attackers to inject arbitrary web script or HTML, and possibly gain administrative privileges, via the (1) j_username or (2) j_password parameters in the login page (LoginForm.jsp), (3) parameters to the error page in the Administration Console, (4) unknown vectors in the Server Console while the administrator has an active session to obtain the ADMINCONSOLESESSION cookie, or (5) an alternate vector in the Server Console that does not require an active session but also leaks the username and password. | |||||
| CVE-2004-0053 | 3 Clearswift, F-secure, Paul L Daniels | 3 Mailsweeper, Internet Gatekeeper, Ripmime | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use fields that use RFC2047 encoding, which may be interpreted differently by mail clients. | |||||
| CVE-2000-0346 | 1 Apple | 1 Appleshare | 2025-04-03 | 5.0 MEDIUM | N/A |
| AppleShare IP 6.1 and later allows a remote attacker to read potentially sensitive information via an invalid range request to the web server. | |||||
| CVE-2006-0167 | 1 Myphpim | 1 Myphpim | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in MyPhPim 01.05 allows remote attackers to execute arbitrary SQL commands via the (1) cal_id parameter in calendar.php3 and the (2) password field on the login page. | |||||
| CVE-1999-1211 | 1 Sun | 1 Sunos | 2025-04-03 | 7.2 HIGH | N/A |
| Vulnerability in in.telnetd in SunOS 4.1.1 and earlier allows local users to gain root privileges. | |||||
| CVE-1999-0005 | 2 Netscape, University Of Washington | 2 Messaging Server, Imap | 2025-04-03 | 10.0 HIGH | N/A |
| Arbitrary command execution via IMAP buffer overflow in authenticate command. | |||||
| CVE-2005-1012 | 1 Iatek | 1 Siteenable | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Iatek SiteEnable allows remote attackers to inject arbitrary web script or HTML via (1) the contenttype parameter to content.asp, (2) the title, or (3) the description. | |||||
| CVE-2001-0388 | 3 Freebsd, Mandrakesoft, Suse | 3 Freebsd, Mandrake Linux, Suse Linux | 2025-04-03 | 10.0 HIGH | N/A |
| time server daemon timed allows remote attackers to cause a denial of service via malformed packets. | |||||