Total
29801 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-0161 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 4.6 MEDIUM | N/A |
| Unspecified vulnerability in uucp in Sun Solaris 8 and 9 has unknown impact and attack vectors. NOTE: due to the vagueness of the vendor advisory, it is not clear whether this is related to CVE-2004-0780. | |||||
| CVE-2003-0339 | 1 Wsmp3 | 2 Wsmp3 Daemon, Wsmp3 Web Server | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple heap-based buffer overflows in WsMp3 daemon (WsMp3d) 0.0.10 and earlier allow remote attackers to execute arbitrary code via long HTTP requests. | |||||
| CVE-2004-2487 | 1 Nexgen | 1 Nexgen Ftp Server | 2025-04-03 | 4.0 MEDIUM | N/A |
| Directory traversal vulnerability in Nexgen FTP Server before 2.2.3.23 allows remote authenticated users to read or list arbitrary files via (1) "..", (2) "\..\" (backslash dot dot), or (3) "/../" sequences in (a) RETR (get), (b) NLST (ls), (c) LIST (ls), (d) RNFR, or (e) RNTO FTP commands. | |||||
| CVE-2005-1291 | 1 Cartwiz | 1 Asp Cart | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in CartWIZ ASP Cart allow remote attackers to execute arbitrary SQL commands via the idProduct parameter to (1) addToCart.asp or (2) productDetails.asp, the (3) priceFrom, (4) idCategory, or (5) priceTo parameter to searchResults.asp, or (6) the idParentCategory parameter to productCatalogSubCats.asp. | |||||
| CVE-2004-0093 | 1 Xfree86 Project | 1 X11r6 | 2025-04-03 | 7.5 HIGH | N/A |
| XFree86 4.1.0 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an out-of-bounds array index when using the GLX extension and Direct Rendering Infrastructure (DRI). | |||||
| CVE-2006-0065 | 1 Vego | 1 Vego Web Forum | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in (1) functions.php, (2) functions_update.php, and (3) functions_display.php in VEGO Web Forum 1.26 and earlier allows remote attackers to execute arbitrary SQL commands via the theme_id parameter in index.php. | |||||
| CVE-2005-3131 | 2 Icewarp, Merak | 2 Web Mail, Mail Server | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in MERAK Mail Server 8.2.4r with Icewarp Web Mail 5.5.1, and possibly earlier versions, allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to blank.html, or the createdataCX parameter to (2) calendar_d.html, (3) calendar_m.html, or (4) calendar_w.html. | |||||
| CVE-2002-2211 | 1 Isc | 1 Bind | 2025-04-03 | 5.0 MEDIUM | N/A |
| BIND 4 and BIND 8, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods. | |||||
| CVE-2003-0692 | 1 Kde | 1 Kde | 2025-04-03 | 7.5 HIGH | N/A |
| KDM in KDE 3.1.3 and earlier uses a weak session cookie generation algorithm that does not provide 128 bits of entropy, which allows attackers to guess session cookies via brute force methods and gain access to the user session. | |||||
| CVE-2002-1388 | 1 Mhonarc | 1 Mhonarc | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in MHonArc before 2.5.14 allows remote attackers to inject arbitrary HTML into web archive pages via HTML mail messages. | |||||
| CVE-2003-0817 | 1 Microsoft | 2 Ie, Internet Explorer | 2025-04-03 | 7.5 HIGH | N/A |
| Internet Explorer 5.01 through 6 SP1 allows remote attackers to bypass zone restrictions and read arbitrary files via an XML object. | |||||
| CVE-2000-0675 | 1 Infopulse | 1 Gatekeeper | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in Infopulse Gatekeeper 3.5 and earlier allows remote attackers to execute arbitrary commands via a long string. | |||||
| CVE-1999-0267 | 1 Ncsa | 1 Ncsa Httpd | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in NCSA HTTP daemon v1.3 allows remote command execution. | |||||
| CVE-1999-0664 | 2025-04-03 | 10.0 HIGH | N/A | ||
| An application-critical Windows NT registry key has inappropriate permissions. | |||||
| CVE-2005-1730 | 1 Novell | 1 Imanager | 2025-04-03 | 9.3 HIGH | N/A |
| Multiple vulnerabilities in the OpenSSL ASN.1 parser, as used in Novell iManager 2.0.2, allows remote attackers to cause a denial of service (NULL pointer dereference) via crafted packets, as demonstrated by "OpenSSL ASN.1 brute forcer." NOTE: this issue might overlap CVE-2004-0079, CVE-2004-0081, or CVE-2004-0112. | |||||
| CVE-2006-4088 | 1 Civicspace | 1 Civicspace | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in CivicSpace 0.8.5 allow remote attackers to inject arbitrary web script or HTML via the (1) Subject, (2) Comment, and (3) Add new comment sections. | |||||
| CVE-2006-3112 | 1 Chipmailer | 1 Chipmailer | 2025-04-03 | 5.0 MEDIUM | N/A |
| Chipmailer 1.09 allows remote attackers to obtain sensitive information via a direct request to php.php, which displays the output of the phpinfo function. | |||||
| CVE-2004-1208 | 1 21-6 Productions | 1 Orbz | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in Orbz 2.10 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long password field in a join request. | |||||
| CVE-2003-1005 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| The PKI functionality in Mac OS X 10.2.8 and 10.3.2 allows remote attackers to cause a denial of service (service crash) via malformed ASN.1 sequences. | |||||
| CVE-2006-1032 | 1 Phprpc | 1 Phprpc | 2025-04-03 | 7.5 HIGH | N/A |
| Eval injection vulnerability in the decode function in rpc_decoder.php for phpRPC 0.7 and earlier, as used by runcms, exoops, and possibly other programs, allows remote attackers to execute arbitrary PHP code via the base64 tag. | |||||