Total
29551 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-1332 | 1 Phpoutsourcing | 1 Noahs Classifieds | 2025-04-03 | 6.4 MEDIUM | N/A |
| Noah's Classifieds 1.3 and earlier allows remote attackers to obtain sensitive information via an invalid list parameter in the showdetails method to index.php, which reveals the path in an error message. | |||||
| CVE-2000-1244 | 1 Broadcom | 1 Inoculateit Agent For Exchange | 2025-04-03 | 7.5 HIGH | N/A |
| Computer Associates InoculateIT Agent for Exchange Server does not recognize an e-mail virus attachment if the SMTP header is missing the "From" field, which allows remote attackers to bypass virus protection. | |||||
| CVE-1999-0408 | 1 Sun | 1 Cobalt Raq | 2025-04-03 | 10.0 HIGH | N/A |
| Files created from interactive shell sessions in Cobalt RaQ microservers (e.g. .bash_history) are world readable, and thus are accessible from the web server. | |||||
| CVE-2002-0846 | 1 Macromedia | 1 Shockwave Flash | 2025-04-03 | 7.5 HIGH | N/A |
| The decoder for Macromedia Shockwave Flash allows remote attackers to execute arbitrary code via a malformed SWF header that contains more data than the specified length. | |||||
| CVE-2002-0538 | 1 Symantec | 4 Enterprise Firewall, Gateway Security, Raptor Firewall and 1 more | 2025-04-03 | 7.5 HIGH | N/A |
| FTP proxy in Symantec Raptor Firewall 6.5.3 and Enterprise 7.0 rewrites an FTP server's "FTP PORT" responses in a way that allows remote attackers to redirect FTP data connections to arbitrary ports, a variant of the "FTP bounce" vulnerability. | |||||
| CVE-2002-2209 | 1 Pablo Software Solutions | 1 Baby Ftp Server | 2025-04-03 | 10.0 HIGH | N/A |
| Unspecified "security vulnerability" in Baby FTP Server versions before November 7, 2002 has unknown impact and attack vectors. | |||||
| CVE-2004-1334 | 2 Linux, Redhat | 3 Linux Kernel, Fedora Core, Linux | 2025-04-03 | 2.1 LOW | N/A |
| Integer overflow in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (kernel crash) via a cmsg_len that contains a -1, which leads to a buffer overflow. | |||||
| CVE-1999-1260 | 1 Hughes | 1 Msql | 2025-04-03 | 7.5 HIGH | N/A |
| mSQL (Mini SQL) 2.0.6 allows remote attackers to obtain sensitive server information such as logged users, database names, and server version via the ServerStats query. | |||||
| CVE-2005-1080 | 1 Sun | 1 Sdk | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the Java Archive Tool (Jar) utility in J2SE SDK 1.4.2 and 1.5, and OpenJDK, allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in filenames in a .jar file. | |||||
| CVE-2004-2609 | 1 Symantec | 1 Powerquest Deploycenter | 2025-04-03 | 2.1 LOW | N/A |
| The stuffit.com executable on Symantec PowerQuest DeployCenter 5.5 boot disks allows local users to obtain sensitive information (an unencrypted password for a Windows domain account) via four "stuffit /f:stuffit.dat" invocations, possibly due to a buffer overflow. | |||||
| CVE-2005-3589 | 1 Filezilla | 1 Filezilla Server Terminal | 2025-04-03 | 7.8 HIGH | N/A |
| Buffer overflow in FileZilla Server Terminal 0.9.4d may allow remote attackers to cause a denial of service (terminal crash) via a long USER ftp command. | |||||
| CVE-2003-0100 | 1 Cisco | 1 Ios | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in Cisco IOS 11.2.x to 12.0.x allows remote attackers to cause a denial of service and possibly execute commands via a large number of OSPF neighbor announcements. | |||||
| CVE-2000-1114 | 1 Unify | 1 Ewave Servletexec | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unify ServletExec AS v3.0C allows remote attackers to read source code for JSP pages via an HTTP request that ends with characters such as ".", or "+", or "%20". | |||||
| CVE-2004-0889 | 11 Debian, Easy Software Products, Gentoo and 8 more | 16 Debian Linux, Cups, Linux and 13 more | 2025-04-03 | 10.0 HIGH | N/A |
| Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888. | |||||
| CVE-1999-0127 | 1 Hp | 1 Hp-ux | 2025-04-03 | 7.2 HIGH | N/A |
| swinstall and swmodify commands in SD-UX package in HP-UX systems allow local users to create or overwrite arbitrary files to gain root access. | |||||
| CVE-2001-1568 | 1 Cmg | 1 Wap Gateway | 2025-04-03 | 6.4 MEDIUM | N/A |
| CMG WAP gateway does not verify the fully qualified domain name URL with X.509 certificates from root certificate authorities, which allows remote attackers to spoof SSL certificates via a man-in-the-middle attack. | |||||
| CVE-2006-2264 | 1 Ocean12 Technologies | 1 Calendar Manager Pro | 2025-04-03 | 6.5 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in Ocean12 Calendar Manager Pro 1.00 allow remote attackers to execute arbitrary SQL commands via the (1) date parameter to admin/main.asp, (2) SearchFor parameter to admin/view.asp, or (3) ID parameter to admin/edit.asp. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2005-0099 | 1 Abuse | 1 Abuse-sdl | 2025-04-03 | 2.1 LOW | N/A |
| The SDL port of abuse (abuse-SDL) before 2.00 does not properly drop privileges before creating certain files, which allows local users to create or overwrite arbitrary files. | |||||
| CVE-2003-0641 | 1 Watchguard | 1 Serverlock | 2025-04-03 | 4.6 MEDIUM | N/A |
| WatchGuard ServerLock for Windows 2000 before SL 2.0.3 allows local users to load arbitrary modules via the OpenProcess() function, as demonstrated using (1) a DLL injection attack, (2) ZwSetSystemInformation, and (3) API hooking in OpenProcess. | |||||
| CVE-2006-4284 | 1 Lblog | 1 Lblog | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in comments.asp in LBlog 1.05 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||