Total
29802 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-1457 | 1 Leszek Krupinski | 1 L-forum | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in search.php for L-Forum 2.40 allows remote attackers to execute arbitrary SQL statements via the search parameter. | |||||
| CVE-2006-1255 | 1 Mercur | 1 Mercur Messaging | 2025-04-03 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in the IMAP service in Mercur Messaging 5.0 SP3 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long string to the (1) LOGIN or (2) SELECT command, a different set of attack vectors and possibly a different vulnerability than CVE-2003-1177. | |||||
| CVE-2004-1636 | 1 Net Integration Technologies Inc. | 1 Wvtftp | 2025-04-03 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in the WvTFTPServer::new_connection function in wvtftpserver.cc for WvTftp 0.9 allows remote attackers to execute arbitrary code via a long option string in a TFTP packet. | |||||
| CVE-2005-4652 | 1 Phlymail | 1 Phlymail | 2025-04-03 | 6.4 MEDIUM | N/A |
| SQL injection vulnerability in PHlyMail 3.02.01 allows remote attackers to execute arbitrary SQL commands via unknown attack vectors. | |||||
| CVE-2005-2369 | 1 Ekg | 1 Ekg | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple integer signedness errors in libgadu, as used in ekg before 1.6rc2 and other packages, may allow remote attackers to cause a denial of service or execute arbitrary code. | |||||
| CVE-2005-2111 | 1 Community Link Pro Web Editor | 1 Community Link Pro Web Editor | 2025-04-03 | 7.5 HIGH | N/A |
| login.cgi in Community Link Pro Web Editor allows remote attackers to execute arbitrary commands via the file parameter. | |||||
| CVE-2001-0598 | 1 Symantec | 1 Norton Ghost | 2025-04-03 | 5.0 MEDIUM | N/A |
| Symantec Ghost 6.5 and earlier allows a remote attacker to create a denial of service by sending large (> 45Kb) amounts of data to the Ghost Configuration Server on port 1347, which triggers an error that is not properly handled. | |||||
| CVE-2002-0599 | 1 Blahz-dns | 1 Blahz-dns | 2025-04-03 | 10.0 HIGH | N/A |
| Blahz-DNS 0.2 and earlier allows remote attackers to bypass authentication and modify configuration by directly requesting CGI programs such as dostuff.php instead of going through the login screen. | |||||
| CVE-2006-2029 | 1 Simplog | 1 Simplog | 2025-04-03 | 6.4 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in Jeremy Ashcraft Simplog 0.9.3 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) tid parameter in (a) preview.php; the (2) cid, (3) pid, and (4) eid parameters in (b) archive.php; and the (5) pid parameter in (c) comments.php. | |||||
| CVE-1999-0555 | 2025-04-03 | 10.0 HIGH | N/A | ||
| A Unix account with a name other than "root" has UID 0, i.e. root privileges. | |||||
| CVE-2001-1184 | 1 Denicomp | 1 Winsock Rshd Nt | 2025-04-03 | 5.0 MEDIUM | N/A |
| wrshdsp.exe in Denicomp Winsock RSHD/NT 2.21.00 and earlier allows remote attackers to cause a denial of service (CPU consumption) via (1) in 2.20.00 and earlier, an invalid port number such as a negative number, which causes a connection attempt to that port and all ports below 1024, and (2) in 2.21.00, a port number of 1024. | |||||
| CVE-2001-0940 | 1 Checkpoint | 1 Firewall-1 | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the GUI authentication code of Check Point VPN-1/FireWall-1 Management Server 4.0 and 4.1 allows remote attackers to execute arbitrary code via a long user name. | |||||
| CVE-2005-3621 | 1 Phpmyadmin | 1 Phpmyadmin | 2025-04-03 | 5.0 MEDIUM | N/A |
| CRLF injection vulnerability in phpMyAdmin before 2.6.4-pl4 allows remote attackers to conduct HTTP response splitting attacks via unspecified scripts. | |||||
| CVE-2000-0287 | 1 Cnc | 1 Technology Bizdb | 2025-04-03 | 10.0 HIGH | N/A |
| The BizDB CGI script bizdb-search.cgi allows remote attackers to execute arbitrary commands via shell metacharacters in the dbname parameter. | |||||
| CVE-2001-0506 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in ssinc.dll in IIS 5.0 and 4.0 allows local users to gain system privileges via a Server-Side Includes (SSI) directive for a long filename, which triggers the overflow when the directory name is added, aka the "SSI privilege elevation" vulnerability. | |||||
| CVE-2006-1571 | 1 R2xdesign | 1 Qlitenews | 2025-04-03 | 5.1 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in loginprocess.php in qliteNews 2005.07.01 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameters. | |||||
| CVE-2001-1360 | 1 Mostang | 1 Sane | 2025-04-03 | 7.2 HIGH | N/A |
| Vulnerability in Scanner Access Now Easy (SANE) before 1.0.5, related to pnm and saned. | |||||
| CVE-2006-4076 | 1 Wim Fleischhauer | 1 Docpile We | 2025-04-03 | 5.1 MEDIUM | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Wim Fleischhauer docpile: wim's edition (docpile:we) 0.2.2 allow remote attackers to execute arbitrary PHP code via a URL in the INIT_PATH parameter to (1) lib/access.inc.php, (2) lib/folders.inc.php, (3) lib/init.inc.php or (4) lib/templates.inc.php. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | |||||
| CVE-2005-4724 | 1 Phptagcool | 1 Phptagcool | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in post.php in PhpTagCool 1.0.3 allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For field in an HTTP header. | |||||
| CVE-2005-2186 | 1 Mcafee | 1 Intrushield Security Management System | 2025-04-03 | 1.9 LOW | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in McAfee IntruShield Security Management System allow remote authenticated users to inject arbitrary web script or HTML via the (1) thirdMenuName or (2) resourceName parameter to SystemEvent.jsp. | |||||