Total
29551 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-1117 | 1 All4www | 1 All4www-homepagecreator | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in index.php in All4WWW-Homepagecreator 1.0a allows remote attackers to execute arbitrary PHP code by modifying the site parameter to reference a URL on a remote web server that contains the code. | |||||
| CVE-2000-1234 | 1 Phorum | 1 Phorum | 2025-04-03 | 5.0 MEDIUM | N/A |
| violation.php3 in Phorum 3.0.7 allows remote attackers to send e-mails to arbitrary addresses and possibly use Phorum as a "spam proxy" by setting the Mod and ForumName parameters. | |||||
| CVE-2006-2697 | 1 Easy-content Forums | 1 Easy-content Forums | 2025-04-03 | 6.4 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in Easy-Content Forums 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) startletter parameter in userview.asp and the (2) forumname parameter in topics.asp. | |||||
| CVE-2001-1160 | 1 Microburst | 1 Udirectory | 2025-04-03 | 7.5 HIGH | N/A |
| udirectory.pl in Microburst Technologies uDirectory 2.0 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the category_file field. | |||||
| CVE-2006-0566 | 1 Communigate | 1 Communigate Pro Core Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| The LDAP component in CommuniGate Pro Core Server 5.0.7 allows remote attackers to cause a denial of service (application crash) via LDAP messages that contain Distinguished Names (DN) fields with a large number of elements. | |||||
| CVE-1999-0724 | 1 Openbsd | 1 Openbsd | 2025-04-03 | 4.6 MEDIUM | N/A |
| Buffer overflow in OpenBSD procfs and fdescfs file systems via uio_offset in the readdir() function. | |||||
| CVE-2002-0662 | 1 Dan Mueth | 1 Scrollkeeper | 2025-04-03 | 2.1 LOW | N/A |
| scrollkeeper-get-cl in ScrollKeeper 0.3 to 0.3.11 allows local users to create and overwrite files via a symlink attack on the scrollkeeper-tempfile.x temporary files. | |||||
| CVE-2005-1703 | 1 Black Cactus | 1 Warrior Kings Battles | 2025-04-03 | 5.0 MEDIUM | N/A |
| Warrior Kings: Battles 1.23 and earlier allows remote attackers to cause a denial of service (server crash) via a partial join packet that triggers a NULL pointer dereference. | |||||
| CVE-2004-0996 | 4 Cscope, Debian, Gentoo and 1 more | 4 Cscope, Debian Linux, Linux and 1 more | 2025-04-03 | 2.1 LOW | N/A |
| main.c in cscope 15-4 and 15-5 creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack. | |||||
| CVE-2004-2039 | 1 E107 | 1 E107 | 2025-04-03 | 5.0 MEDIUM | N/A |
| e107 0.615 allows remote attackers to obtain sensitive information via a direct request to (1) alt_news.php, (2) backend_menu.php, (3) clock_menu.php, (4) counter_menu.php, (5) login_menu.php, and other files, which reveal the full path in a PHP error message. | |||||
| CVE-2003-0454 | 1 Joe Rumsey | 1 Xgalaga | 2025-04-03 | 7.2 HIGH | N/A |
| Multiple buffer overflows in xgalaga 2.0.34 and earlier allow local users to gain privileges via a long HOME environment variable. | |||||
| CVE-2004-1025 | 3 Enlightenment, Gentoo, Redhat | 3 Imlib, Linux, Linux | 2025-04-03 | 10.0 HIGH | N/A |
| Multiple heap-based buffer overflows in imlib 1.9.14 and earlier, which is used by gkrellm and several window managers, allow remote attackers to cause a denial of service (application crash) and execute arbitrary code via certain image files. | |||||
| CVE-2001-0801 | 1 Sgi | 1 Irix | 2025-04-03 | 7.2 HIGH | N/A |
| lpstat in IRIX 6.5.13f and earlier allows local users to gain root privileges by specifying a Trojan Horse nettype shared library. | |||||
| CVE-2005-0248 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 7.5 HIGH | N/A |
| The Solaris Management Console (SMC) GUI for Solaris 8 and 9, when creating user accounts that are configured for password aging, creates the accounts with a blank password, which allows remote or local attackers to break into those accounts. | |||||
| CVE-1999-0575 | 1 Microsoft | 1 Windows Nt | 2025-04-03 | 7.5 HIGH | N/A |
| A Windows NT system's user audit policy does not log an event success or failure, e.g. for Logon and Logoff, File and Object Access, Use of User Rights, User and Group Management, Security Policy Changes, Restart, Shutdown, and System, and Process Tracking. | |||||
| CVE-2001-0618 | 1 Lucent | 1 Orinoco Rg-1000 | 2025-04-03 | 7.5 HIGH | N/A |
| Orinoco RG-1000 wireless Residential Gateway uses the last 5 digits of the 'Network Name' or SSID as the default Wired Equivalent Privacy (WEP) encryption key. Since the SSID occurs in the clear during communications, a remote attacker could determine the WEP key and decrypt RG-1000 traffic. | |||||
| CVE-2003-0645 | 1 Andries Brouwer | 1 Man | 2025-04-03 | 4.6 MEDIUM | N/A |
| man-db 2.3.12 and 2.3.18 to 2.4.1 uses certain user-controlled DEFINE directives from the ~/.manpath file, even when running setuid, which could allow local users to gain privileges. | |||||
| CVE-2002-0175 | 1 Avaya | 1 Libsafe | 2025-04-03 | 4.6 MEDIUM | N/A |
| libsafe 2.0-11 and earlier allows attackers to bypass protection against format string vulnerabilities via format strings that use the "'" and "I" characters, which are implemented in libc but not libsafe. | |||||
| CVE-2004-1382 | 1 Gnu | 1 Glibc | 2025-04-03 | 2.1 LOW | N/A |
| The glibcbug script in glibc 2.3.4 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files, a different vulnerability than CVE-2004-0968. | |||||
| CVE-2004-1497 | 1 Minihttpserver.net | 1 Web Forums Server | 2025-04-03 | 4.6 MEDIUM | N/A |
| Web Forums Server 1.6 and 2.0 Power Pack stores passwords in plaintext in the Username.ini file, which allows local users to gain privileges. | |||||