Total
29800 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-4234 | 1 Powerdev | 1 Encapsgallery | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in gallery.php in EncapsGallery 1.0.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2006-1581 | 1 Blanknberg | 1 Blanknberg | 2025-04-03 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in Blank'N'Berg 0.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the _path parameter. | |||||
| CVE-2005-4039 | 1 Web4future | 1 Portal Solutions | 2025-04-03 | 7.8 HIGH | N/A |
| Directory traversal vulnerability in arhiva.php in Web4Future Portal Solutions News Portal allows remote attackers to read arbitrary files via the dir parameter. | |||||
| CVE-2003-0505 | 1 Microsoft | 1 Netmeeting | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Microsoft NetMeeting 3.01 2000 before SP4 allows remote attackers to read arbitrary files via "..\.." (dot dot) sequences in a file transfer request. | |||||
| CVE-2004-0587 | 3 Mandrakesoft, Redhat, Suse | 4 Mandrake Linux, Mandrake Linux Corporate Server, Fedora Core and 1 more | 2025-04-03 | 2.1 LOW | N/A |
| Insecure permissions for the /proc/scsi/qla2300/HbaApiNode file in Linux allows local users to cause a denial of service. | |||||
| CVE-2005-2372 | 1 Oracle | 1 Forms | 2025-04-03 | 7.2 HIGH | N/A |
| Oracle Forms 4.5 through 10g starts form executables from arbitrary directories and executes them as the Oracle or System user, which allows attackers to execute arbitrary code by uploading a malicious .fmx file and referencing it using an absolute pathname argument in the (1) form or (2) module parameters to f90servlet. | |||||
| CVE-2002-0357 | 1 Sgi | 1 Irix | 2025-04-03 | 7.2 HIGH | N/A |
| Unknown vulnerability in rpc.passwd in the nfs.sw.nis subsystem of SGI IRIX 6.5.15 and earlier allows local users to gain root privileges. | |||||
| CVE-2001-0552 | 2 Hp, Ibm | 2 Openview Network Node Manager, Tivoli Netview | 2025-04-03 | 10.0 HIGH | N/A |
| ovactiond in HP OpenView Network Node Manager (NNM) 6.1 and Tivoli Netview 5.x and 6.x allows remote attackers to execute arbitrary commands via shell metacharacters in a certain SNMP trap message. | |||||
| CVE-2006-1431 | 1 Fusionzone | 1 Couponzone | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in local.cfm in fusionZONE couponZONE 4.2 allows remote attackers to inject arbitrary web script or HTML via URL-encoded (1) srchfor and (2) srchby parameters. | |||||
| CVE-2006-4044 | 1 Brad Fears | 1 Phpcodecabinet | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in Beautifier/Core.php in Brad Fears phpCodeCabinet 0.5 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the BEAUT_PATH parameter. | |||||
| CVE-2006-3108 | 1 Emailarchitect | 1 Email Server | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in EmailArchitect Email Server 6.1 allows remote attackers to inject arbitrary Javascript via an HTML div tag with a carriage return between the onmouseover attribute and its value, which bypasses the mail filter. | |||||
| CVE-2006-2878 | 1 Andreas Gohr | 1 Dokuwiki | 2025-04-03 | 7.5 HIGH | N/A |
| The spellchecker (spellcheck.php) in DokuWiki 2006/06/04 and earlier allows remote attackers to insert and execute arbitrary PHP code via "complex curly syntax" that is inserted into a regular expression that is processed by preg_replace with the /e (executable) modifier. | |||||
| CVE-2004-0202 | 1 Microsoft | 7 Directx, Windows 2000, Windows 2003 Server and 4 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| IDirectPlay4 Application Programming Interface (API) of Microsoft DirectPlay 7.0a thru 9.0b, as used in Windows Server 2003 and earlier allows remote attackers to cause a denial of service (application crash) via a malformed packet. | |||||
| CVE-2003-0092 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 7.2 HIGH | N/A |
| Heap-based buffer overflow in dtsession for Solaris 2.5.1 through Solaris 9 allows local users to gain root privileges via a long HOME environment variable. | |||||
| CVE-2001-1065 | 1 Cisco | 1 Cbos | 2025-04-03 | 5.0 MEDIUM | N/A |
| Web-based configuration utility in Cisco 600 series routers running CBOS 2.0.1 through 2.4.2ap binds itself to port 80 even when web-based configuration services are disabled, which could leave the router open to attack. | |||||
| CVE-2000-0852 | 1 Freebsd | 1 Freebsd | 2025-04-03 | 7.2 HIGH | N/A |
| Multiple buffer overflows in eject on FreeBSD and possibly other OSes allows local users to gain root privileges. | |||||
| CVE-2005-2570 | 1 Funkboard | 1 Funkboard | 2025-04-03 | 5.0 MEDIUM | N/A |
| FunkBoard 0.66CF, and possibly earlier versions, allows remote attackers to obtain sensitive information via a direct request to forums.php, which reveals the path in an error message. | |||||
| CVE-2005-3019 | 1 Jelsoft | 1 Vbulletin | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in vBulletin before 3.0.9 allow remote attackers to execute arbitrary SQL commands via the (1) request parameter to joinrequests.php, (2) limitnumber or (3) limitstart to user.php, (4) usertitle.php, or (5) usertools.php. | |||||
| CVE-1999-0739 | 1 Microsoft | 1 Internet Information Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| The codebrws.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files. | |||||
| CVE-2006-0786 | 1 Phpkit | 1 Phpkit | 2025-04-03 | 5.1 MEDIUM | N/A |
| Incomplete blacklist vulnerability in include.php in PHPKIT 1.6.1 Release 2 and earlier, with allow_url_fopen enabled, allows remote attackers to conduct PHP remote file include attacks via a path parameter that specifies a (1) UNC share or (2) ftps URL, which bypasses the check for "http://", "ftp://", and "https://" URLs. | |||||