Total
29804 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-1236 | 1 Crossfire | 1 Crossfire | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the SetUp function in socket/request.c in CrossFire 1.9.0 allows remote attackers to execute arbitrary code via a long setup sound command, a different vulnerability than CVE-2006-1010. | |||||
| CVE-2001-1358 | 1 Phpheaven | 1 Phpmychat | 2025-04-03 | 7.2 HIGH | N/A |
| Vulnerabilities in phpMyChat before 0.14.4 allow local and possibly remote attackers to gain privileges by specifying an alternate library file in the L (localization) parameter. | |||||
| CVE-2005-1724 | 1 Apple | 1 Mac Os X Server | 2025-04-03 | 7.5 HIGH | N/A |
| NFS on Apple Mac OS X 10.4.x up to 10.4.1 does not properly obey the -network or -mask flags for a filesystem and exports it to everyone, which allows remote attackers to bypass intended access restrictions. | |||||
| CVE-2005-0984 | 1 Lucasarts | 1 Star Wars Jedi Knight Jedi Academy | 2025-04-03 | 5.0 MEDIUM | N/A |
| Buffer overflow in the G_Printf function in Star Wars Jedi Knight: Jedi Academy 1.011 and earlier allows remote attackers to execute arbitrary code via a long message using commands such as (1) say and (2) tell. | |||||
| CVE-2006-4305 | 2 Mysql, Sap-db | 2 Maxdb, Sap-db | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in SAP DB and MaxDB before 7.6.00.30 allows remote attackers to execute arbitrary code via a long database name when connecting via a WebDBM client. | |||||
| CVE-2004-2362 | 1 Phpx | 1 Phpx | 2025-04-03 | 5.0 MEDIUM | N/A |
| PHPX 3.2.6 and earlier allows remote attackers to obtain the physical path of PHPX via a null or invalid value in the limit parameter, which leaks the pathname in a database error message, as demonstrated using forums.php. | |||||
| CVE-2004-2332 | 1 Cpan | 1 Www Form | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in CPAN WWW::Form before 1.13 allow remote attackers to inject arbitrary web script or HTML via unknown vectors. | |||||
| CVE-2006-0383 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| IPSec when used with VPN networks in Mac OS X 10.4 through 10.4.5 allows remote attackers to cause a denial of service (application crash) via unspecified vectors involving the "incorrect handling of error conditions". | |||||
| CVE-1999-1398 | 1 Sgi | 1 Irix | 2025-04-03 | 6.2 MEDIUM | N/A |
| Vulnerability in xfsdump in SGI IRIX may allow local users to obtain root privileges via the bck.log log file, possibly via a symlink attack. | |||||
| CVE-2006-3221 | 1 Softnews Media Group | 1 Datalife Engine | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in DataLife Engine 4.1 and earlier allows remote attackers to execute arbitrary SQL commands via double-encoded values in the user parameter in a userinfo subaction. | |||||
| CVE-2005-3696 | 1 Arki-db | 1 Arki-db | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Arki-DB 1.0 and 2.0 allows remote attackers to execute arbitrary SQL commands via the catid parameter in a view action (view.php) to index.php. | |||||
| CVE-2006-0516 | 1 Sun | 1 Solaris | 2025-04-03 | 2.1 LOW | N/A |
| Unspecified vulnerability in the kernel processing in Solaris 10 64 bit platform, when running in 64-bit mode, allows local users to cause a denial of service (system panic) via unknown attack vectors. | |||||
| CVE-2004-0122 | 1 Microsoft | 1 Msn Messenger | 2025-04-03 | 5.0 MEDIUM | N/A |
| Microsoft MSN Messenger 6.0 and 6.1 does not properly handle certain requests, which allows remote attackers to read arbitrary files. | |||||
| CVE-2006-4429 | 1 Phlymail | 1 Phlymail Lite | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in handlers/email/mod.output.php in PHlyMail Lite 3.4.4 and earlier (Build 3.04.04) allows remote attackers to execute arbitrary PHP code via a URL in the _PM_[path][handler] parameter, a different vector than CVE-2006-4291. NOTE: This issue has been disputed by a third party, who states that the _IN_PHM_ declaration prevents this file from being called directly | |||||
| CVE-2006-3624 | 1 Flv | 1 Flv Player | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in FLV Players 8 allow remote attackers to inject arbitrary web script or HTML via the url parameter to (1) player.php or (2) popup.php. | |||||
| CVE-2005-2477 | 1 Naxtor | 1 Shopping Cart | 2025-04-03 | 5.0 MEDIUM | N/A |
| shop_display_products.php in Naxtor Shopping Cart 1.0 allows remote attackers to obtain sensitive information via a cat_id with a "'" (single quote), which reveals the path in an error message, possibly due to an SQL injection vulnerability. | |||||
| CVE-2006-4798 | 1 Dws Systems Inc. | 1 Sql-ledger | 2025-04-03 | 5.0 MEDIUM | N/A |
| SQL-Ledger before 2.4.4 stores a password in a query string, which might allow context-dependent attackers to obtain the password via a Referer field or browser history. | |||||
| CVE-2004-0261 | 1 Openjournal | 1 Openjournal | 2025-04-03 | 10.0 HIGH | N/A |
| oj.cgi in OpenJournal 2.0 through 2.0.5 allows remote attackers to bypass authentication and access the control panel via a 0 in the uid parameter. | |||||
| CVE-2000-1130 | 1 Network Associates | 1 Webshield Smtp | 2025-04-03 | 7.5 HIGH | N/A |
| McAfee WebShield SMTP 4.5 allows remote attackers to bypass email content filtering rules by including Extended ASCII characters in name of the attachment. | |||||
| CVE-2004-1096 | 10 Broadcom, Ca, Eset Software and 7 more | 22 Brightstor Arcserve Backup, Etrust Antivirus, Etrust Antivirus Gateway and 19 more | 2025-04-03 | 7.5 HIGH | N/A |
| Archive::Zip Perl module before 1.14, when used by antivirus programs such as amavisd-new, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. | |||||