Total
29550 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0424 | 1 George Burgyan | 1 Cgi Counter | 2025-04-03 | 7.5 HIGH | N/A |
| The CGI counter 4.0.7 by George Burgyan allows remote attackers to execute arbitrary commands via shell metacharacters. | |||||
| CVE-2006-4986 | 1 Grayscale | 1 Bandsite Cms | 2025-04-03 | 5.0 MEDIUM | N/A |
| Grayscale BandSite CMS allows remote attackers to obtain sensitive information via a direct request for (1) certain files in the includes/content directory, (2) includes/shows_preview.php, and (3) adminpanel/configform.php; and files in adminpanel/includes/ including (4) mailinglist/disphtmltbl.php, (5) mailinglist/dispxls.php, (6) mailinglist/sendshows.php, (7) previews/preview_bio.php, (8) previews/preview_genmerch.php, (9) previews/preview_fliers.php, (10) previews/preview_gbook.php, (11) previews/preview_interviews.php, (12) previews/preview_links.php, (13) previews/preview_lyrics.php, (14) previews/preview_membio.php, (15) previews/preview_merchphotos.php, (16) previews/preview_mp3s.php, (17) previews/preview_news.php, (18) previews/preview_photos.php, (19) previews/preview_releases.php, (20) previews/preview_relmerch.php, (21) previews/preview_relphotos.php, (22) previews/preview_reviews.php, (23) previews/preview_shows.php, (24) previews/preview_wearmerch.php, (25) change_forms/change_bio.php, (26) change_forms/change_fliers.php, (27) change_forms/change_gbook.php, (28) change_forms/change_gen_merch.php, (29) change_forms/change_interview.php, (30) change_forms/change_links.php, (31) change_forms/change_lyrics.php, (32) change_forms/change_members.php, (33) change_forms/change_merch.php, (34) change_forms/change_merch_pic.php, (35) change_forms/change_mp3s.php, (36) change_forms/change_news.php, (37) change_forms/change_photos.php, (38) change_forms/change_rel_merch.php, (39) change_forms/change_rel_pic.php, (40) change_forms/change_releases.php, (41) change_forms/change_reviews.php, (42) change_forms/change_shows.php, and (43) change_forms/change_wear_merch.php, which reveals the path in various error messages. | |||||
| CVE-2002-0527 | 1 Watchguard | 1 Soho Firewall | 2025-04-03 | 5.0 MEDIUM | N/A |
| Watchguard SOHO firewall before 5.0.35 allows remote attackers to cause a denial of service (crash and reboot) when SOHO forwards a packet with bad IP options. | |||||
| CVE-1999-0734 | 1 Cisco | 1 Ciscosecure | 2025-04-03 | 7.5 HIGH | N/A |
| A default configuration of CiscoSecure Access Control Server (ACS) allows remote users to modify the server database without authentication. | |||||
| CVE-2001-0734 | 1 Netbsd | 1 Netbsd | 2025-04-03 | 7.2 HIGH | N/A |
| Hitachi Super-H architecture in NetBSD 1.5 and 1.4.1 allows a local user to gain privileges via modified Status Register contents, which are not properly handled by (1) the sigreturn system call or (2) the process_write_regs kernel routine. | |||||
| CVE-2006-3325 | 1 Id Software | 1 Quake 3 Engine | 2025-04-03 | 5.0 MEDIUM | N/A |
| client/cl_parse.c in the id3 Quake 3 Engine 1.32c and the Icculus Quake 3 Engine (ioquake3) revision 810 and earlier allows remote malicious servers to overwrite arbitrary write-protected cvars variables on the client, such as cl_allowdownload for Automatic Downloading and fs_homepath for the quake3 path, via a string of cvar names and values sent from the server. NOTE: this can be combined with another vulnerability to overwrite arbitrary files. | |||||
| CVE-2006-1523 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 10.0 HIGH | N/A |
| The __group_complete_signal function in the RCU signal handling (signal.c) in Linux kernel 2.6.16, and possibly other versions, has unknown impact and attack vectors related to improper use of BUG_ON. | |||||
| CVE-2006-4641 | 1 Muratsoft | 1 Haber Portal | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in kategori.asp in Muratsoft Haber Portal 3.6 allows remote attackers to execute arbitrary SQL commands via the kat parameter. | |||||
| CVE-2006-2182 | 1 Albinator | 1 Albinator | 2025-04-03 | 6.4 MEDIUM | N/A |
| Multiple PHP remote file inclusion vulnerabilities in (1) eday.php, (2) eshow.php, or (3) forgot.php in albinator 2.0.8 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the Config_rootdir parameter. | |||||
| CVE-2004-2295 | 1 Francisco Burzi | 1 Php-nuke | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Reviews module in PHP-Nuke 6.0 to 7.3 allows remote attackers to execute arbitrary SQL commands via the order parameter. | |||||
| CVE-2006-0541 | 1 Tachyon | 1 Vanilla Guestbook | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Tachyon Vanilla Guestbook 1.0 beta allow remote attackers to inject arbitrary web script or HTML via unknown vectors related to "posting new messages." | |||||
| CVE-2004-1269 | 2 Easy Software Products, Redhat | 2 Cups, Fedora Core | 2025-04-03 | 5.0 MEDIUM | N/A |
| lppasswd in CUPS 1.1.22 does not remove the passwd.new file if it encounters a file-size resource limit while writing to passwd.new, which causes subsequent invocations of lppasswd to fail. | |||||
| CVE-2005-3425 | 1 Gnu | 1 Gnump3d | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in GNUMP3D before 2.9.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2005-3424. | |||||
| CVE-2005-1508 | 1 Pwsphp | 1 Pwsphp | 2025-04-03 | 6.8 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in PwsPHP 1.2.2 allow remote attackers to inject arbitrary web script or HTML via the (1) month or (2) annee parameters to the news module, (3) nbractif or (4) annee parameters to the stats module, (5) id parameter to profil.php, (6) mb_lettre or (7) lettre parameter to memberlist.php, or (8) chaine_search, or (9) auteur_search parameter to the recherche module. | |||||
| CVE-2006-2952 | 1 Net Portal Dynamic System | 1 Net Portal Dynamic System | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Net Portal Dynamic System (NPDS) 5.10 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) sequence and trailing null (%00) byte in the (1) Default_Theme parameter to header.php or (2) ModPath parameter to modules/cluster-paradise/cluster-E.php. | |||||
| CVE-2001-1333 | 1 Easy Software Products | 1 Cups | 2025-04-03 | 1.2 LOW | N/A |
| Linux CUPS before 1.1.6 does not securely handle temporary files, possibly due to a symlink vulnerability that could allow local users to overwrite files. | |||||
| CVE-2002-1290 | 1 Microsoft | 1 Java Virtual Machine | 2025-04-03 | 6.4 MEDIUM | N/A |
| The Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to read and modify the contents of the Clipboard via an applet that accesses the (1) ClipBoardGetText and (2) ClipBoardSetText methods of the INativeServices class. | |||||
| CVE-2003-0854 | 2 Gnu, Washington University | 2 Fileutils, Wu-ftpd | 2025-04-03 | 2.1 LOW | N/A |
| ls in the fileutils or coreutils packages allows local users to consume a large amount of memory via a large -w value, which can be remotely exploited via applications that use ls, such as wu-ftpd. | |||||
| CVE-2003-0349 | 1 Microsoft | 1 Windows 2000 | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the streaming media component for logging multicast requests in the ISAPI for the logging capability of Microsoft Windows Media Services (nsiislog.dll), as installed in IIS 5.0, allows remote attackers to execute arbitrary code via a large POST request to nsiislog.dll. | |||||
| CVE-2004-2304 | 1 Cerulean Studios | 2 Trillian, Trillian Pro | 2025-04-03 | 7.5 HIGH | N/A |
| Integer overflow in Trillian 0.74 and earlier, and Trillian Pro 2.01 and earlier, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a directIM packet that triggers a heap-based buffer overflow. | |||||