Total
29801 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-0324 | 1 Webspot | 1 Webspotblogging | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in WebspotBlogging 3.0 allows remote attackers to execute arbitrary SQL commands and bypass authentication via the username parameter to login.php. | |||||
| CVE-2005-4701 | 1 Sun | 1 Solaris | 2025-04-03 | 2.1 LOW | N/A |
| Unspecified vulnerability in Process File System (procfs) in Sun Solaris 10 allows local users to obtain sensitive information such as process working directories via unknown attack vectors, possibly pwdx. | |||||
| CVE-2005-3092 | 1 Image-line Software | 1 Fl Studio | 2025-04-03 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in Image-Line Software FL Studio 5.0.1 allows remote attackers to execute arbitrary code via a .flp file that contains a long path to a (1) .mid or (2) .wav file. | |||||
| CVE-2005-0483 | 1 Glftpd | 1 Glftpd | 2025-04-03 | 5.0 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in sitenfo.sh, sitezipchk.sh, and siteziplist.sh in Glftpd 1.26 to 2.00 allow remote authenticated users to (1) determine the existence of arbitrary files, (2) list files in restricted directories, or (3) read arbitrary files from within ZIP or gzip files, via .. (dot dot) sequences and globbing ("*") characters in a SITE NFO command. | |||||
| CVE-2006-0415 | 1 Sleeperchat | 1 Sleeperchat | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in SleeperChat 0.3f and earlier allows remote attackers to inject arbitrary web script or HTML via the pseudo parameter. | |||||
| CVE-2006-4974 | 1 Ipswitch | 1 Ws Ftp Server | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in Ipswitch WS_FTP Limited Edition (LE) 5.08 allows remote FTP servers to execute arbitrary code via a long response to a PASV command. | |||||
| CVE-2004-1752 | 1 Nakedsoft | 1 Gaucho | 2025-04-03 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in Gaucho 1.4 Build 145 allows remote attackers to execute arbitrary code via a POP3 email with a long Content-Type header. | |||||
| CVE-2004-0899 | 1 Microsoft | 1 Windows Nt | 2025-04-03 | 5.0 MEDIUM | N/A |
| The DHCP Server service for Microsoft Windows NT 4.0 Server and Terminal Server Edition, with DHCP logging enabled, does not properly validate the length of certain messages, which allows remote attackers to cause a denial of service (application crash) via a malformed DHCP message, aka "Logging Vulnerability." | |||||
| CVE-2004-1691 | 1 Rhinosoft | 1 Dns4me | 2025-04-03 | 5.0 MEDIUM | N/A |
| The Web Server in DNS4Me 3.0.0.4 allows remote attackers to cause a denial of service (CPU consumption and crash) via a large amount of data. | |||||
| CVE-2004-0950 | 1 Danware Data | 1 Netop | 2025-04-03 | 5.0 MEDIUM | N/A |
| NetOp Host before 7.65 build 2004278 allows remote attackers to obtain sensitive hostname, username and local IP address information via (1) a NetOp HELO request, or (2) when responses are disabled, a "custom" HELO request. | |||||
| CVE-2002-0287 | 1 Powie | 1 Pforum | 2025-04-03 | 10.0 HIGH | N/A |
| pforum 1.14 and earlier does not explicitly enable PHP magic quotes, which allows remote attackers to bypass authentication and gain administrator privileges via an SQL injection attack when the PHP server is not configured to use magic quotes by default. | |||||
| CVE-2005-3999 | 1 Sitebeater | 1 Sitebeater Mp3 Catalog | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Search.asp in SiteBeater MP3 Catalog 2.03 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified parameters. | |||||
| CVE-2004-1135 | 1 Ipswitch | 1 Ws Ftp Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Multiple buffer overflows in WS_FTP Server 5.03 2004.10.14 allow remote attackers to cause a denial of service (service crash) via long (1) SITE, (2) XMKD, (3) MKD, and (4) RNFR commands. | |||||
| CVE-2004-0136 | 1 Sgi | 1 Irix | 2025-04-03 | 2.1 LOW | N/A |
| The mapelf32exec function call in IRIX 6.5.20 through 6.5.24 allows local users to cause a denial of service (system crash) via a "corrupted binary." | |||||
| CVE-2004-1610 | 2 Best Software, Saleslogix Corporation | 2 Saleslogix, Saleslogix | 2025-04-03 | 7.5 HIGH | N/A |
| SalesLogix 6.1 uses client-specified pathnames for writing certain files, which might allow remote authenticated users to create arbitrary files and execute code via the (1) vMME.AttachmentPath or (2) vMME.LibraryPath variables. | |||||
| CVE-2005-3560 | 1 Zonelabs | 4 Zonealarm, Zonealarm Anti-spyware, Zonealarm Antivirus and 1 more | 2025-04-03 | 7.5 HIGH | N/A |
| Zone Labs (1) ZoneAlarm Pro 6.0, (2) ZoneAlarm Internet Security Suite 6.0, (3) ZoneAlarm Anti-Virus 6.0, (4) ZoneAlarm Anti-Spyware 6.0 through 6.1, and (5) ZoneAlarm 6.0 allow remote attackers to bypass the "Advanced Program Control and OS Firewall filters" setting via URLs in "HTML Modal Dialogs" (window.location.href) contained within JavaScript tags. | |||||
| CVE-2000-0644 | 1 Texas Imperial Software | 1 Wftpd | 2025-04-03 | 5.0 MEDIUM | N/A |
| WFTPD and WFTPD Pro 2.41 allows remote attackers to cause a denial of service by executing a STAT command while the LIST command is still executing. | |||||
| CVE-2004-2278 | 1 Chaogic Systems | 1 Vhost | 2025-04-03 | 4.3 MEDIUM | N/A |
| Unknown cross-site scripting (XSS) vulnerability in the web GUI in vHost before 3.10r1 has unknown impact and attack vectors. | |||||
| CVE-2001-0004 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2025-04-03 | 5.0 MEDIUM | N/A |
| IIS 5.0 and 4.0 allows remote attackers to read the source code for executable web server programs by appending "%3F+.htr" to the requested URL, which causes the files to be parsed by the .HTR ISAPI extension, aka a variant of the "File Fragment Reading via .HTR" vulnerability. | |||||
| CVE-2005-4218 | 1 Phpwebthings | 1 Phpwebthings | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in forum.php in PHPWebThings 1.4 allows remote attackers to execute arbitrary SQL commands via the msg parameter, a different vulnerability than CVE-2005-3585. | |||||