Total
29798 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-3908 | 1 Gillius Programming | 1 Game Networking Engine | 2025-04-03 | 7.5 HIGH | N/A |
| Format string vulnerability in the flush_output function in ConsoleStreambuf.cpp in Game Network Engine (GNE) 0.70 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute code via format string specifiers in unspecified vectors involving output to the gout console. | |||||
| CVE-2005-0558 | 1 Microsoft | 1 Word | 2025-04-03 | 5.1 MEDIUM | N/A |
| Buffer overflow in Microsoft Word 2000, Word 2002, and Word 2003 allows remote attackers to execute arbitrary code via a crafted document. | |||||
| CVE-2005-4518 | 1 Mantis | 1 Mantis | 2025-04-03 | 7.5 HIGH | N/A |
| Mantis before 0.19.4 allows remote attackers to bypass the file upload size restriction by modifying the max_file_size parameter to (1) bug_file_add.php, (2) bug_report.php, (3) bug_report_advanced_page.php, and (4) proj_doc_add_page.php. | |||||
| CVE-2002-1527 | 1 Emumail | 1 Emu Webmail | 2025-04-03 | 5.0 MEDIUM | N/A |
| emumail.cgi in EMU Webmail 5.0 allows remote attackers to determine the full pathname for emumail.cgi via a malformed string containing script, which generates a regular expression matching error that includes the pathname in the resulting error message. | |||||
| CVE-2003-1338 | 1 Aprelium Technologies | 1 Abyss Web Server | 2025-04-03 | 4.3 MEDIUM | N/A |
| CRLF injection vulnerability in Aprelium Abyss Web Server 1.1.2 and earlier allows remote attackers to inject arbitrary HTTP headers and possibly conduct HTTP Response Splitting attacks via CRLF sequences in the Location header. | |||||
| CVE-2002-1724 | 1 Onlinetools.org | 1 Phpimageview | 2025-04-03 | 6.8 MEDIUM | N/A |
| Cross-site scripting vulnerability (XSS) in phpimageview.php for PHPImageView 1.0 allows remote attackers to execute arbitrary script as other users via the pic parameter. | |||||
| CVE-2004-1581 | 1 Blackboard | 1 Blackboard | 2025-04-03 | 5.0 MEDIUM | N/A |
| BlackBoard 1.5.1 allows remote attackers to gain sensitive information via a direct request to (1) checkdb.inc.php, (2) admin.inc.php or (3) cp.inc.php, which reveals the path in a PHP error message. | |||||
| CVE-2006-0754 | 1 Dotproject | 1 Dotproject | 2025-04-03 | 5.0 MEDIUM | N/A |
| dotProject 2.0.1 and earlier allows remote attackers to obtain sensitive information via direct requests with an invalid baseDir to certain PHP scripts in the db directory, which reveal the path in an error message. NOTE: the vendor disputes this issue, saying that it could only occur if the administrator ignores the installation instructions as well as warnings generated by check.php | |||||
| CVE-2006-1332 | 1 Phpoutsourcing | 1 Noahs Classifieds | 2025-04-03 | 6.4 MEDIUM | N/A |
| Noah's Classifieds 1.3 and earlier allows remote attackers to obtain sensitive information via an invalid list parameter in the showdetails method to index.php, which reveals the path in an error message. | |||||
| CVE-2000-1244 | 1 Broadcom | 1 Inoculateit Agent For Exchange | 2025-04-03 | 7.5 HIGH | N/A |
| Computer Associates InoculateIT Agent for Exchange Server does not recognize an e-mail virus attachment if the SMTP header is missing the "From" field, which allows remote attackers to bypass virus protection. | |||||
| CVE-1999-0408 | 1 Sun | 1 Cobalt Raq | 2025-04-03 | 10.0 HIGH | N/A |
| Files created from interactive shell sessions in Cobalt RaQ microservers (e.g. .bash_history) are world readable, and thus are accessible from the web server. | |||||
| CVE-2002-0846 | 1 Macromedia | 1 Shockwave Flash | 2025-04-03 | 7.5 HIGH | N/A |
| The decoder for Macromedia Shockwave Flash allows remote attackers to execute arbitrary code via a malformed SWF header that contains more data than the specified length. | |||||
| CVE-2002-0538 | 1 Symantec | 4 Enterprise Firewall, Gateway Security, Raptor Firewall and 1 more | 2025-04-03 | 7.5 HIGH | N/A |
| FTP proxy in Symantec Raptor Firewall 6.5.3 and Enterprise 7.0 rewrites an FTP server's "FTP PORT" responses in a way that allows remote attackers to redirect FTP data connections to arbitrary ports, a variant of the "FTP bounce" vulnerability. | |||||
| CVE-2002-2209 | 1 Pablo Software Solutions | 1 Baby Ftp Server | 2025-04-03 | 10.0 HIGH | N/A |
| Unspecified "security vulnerability" in Baby FTP Server versions before November 7, 2002 has unknown impact and attack vectors. | |||||
| CVE-2004-1334 | 2 Linux, Redhat | 3 Linux Kernel, Fedora Core, Linux | 2025-04-03 | 2.1 LOW | N/A |
| Integer overflow in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (kernel crash) via a cmsg_len that contains a -1, which leads to a buffer overflow. | |||||
| CVE-1999-1260 | 1 Hughes | 1 Msql | 2025-04-03 | 7.5 HIGH | N/A |
| mSQL (Mini SQL) 2.0.6 allows remote attackers to obtain sensitive server information such as logged users, database names, and server version via the ServerStats query. | |||||
| CVE-2005-1080 | 1 Sun | 1 Sdk | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the Java Archive Tool (Jar) utility in J2SE SDK 1.4.2 and 1.5, and OpenJDK, allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in filenames in a .jar file. | |||||
| CVE-2004-2609 | 1 Symantec | 1 Powerquest Deploycenter | 2025-04-03 | 2.1 LOW | N/A |
| The stuffit.com executable on Symantec PowerQuest DeployCenter 5.5 boot disks allows local users to obtain sensitive information (an unencrypted password for a Windows domain account) via four "stuffit /f:stuffit.dat" invocations, possibly due to a buffer overflow. | |||||
| CVE-2005-3589 | 1 Filezilla | 1 Filezilla Server Terminal | 2025-04-03 | 7.8 HIGH | N/A |
| Buffer overflow in FileZilla Server Terminal 0.9.4d may allow remote attackers to cause a denial of service (terminal crash) via a long USER ftp command. | |||||
| CVE-2003-0100 | 1 Cisco | 1 Ios | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in Cisco IOS 11.2.x to 12.0.x allows remote attackers to cause a denial of service and possibly execute commands via a large number of OSPF neighbor announcements. | |||||