Total
29802 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-1636 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2025-04-03 | 4.6 MEDIUM | N/A |
| mysql_install_db in MySQL 4.1.x before 4.1.12 and 5.x up to 5.0.4 creates the mysql_install_db.X file with a predictable filename and insecure permissions, which allows local users to execute arbitrary SQL commands by modifying the file's contents. | |||||
| CVE-2002-1644 | 1 Ssh | 1 Ssh2 | 2025-04-03 | 7.2 HIGH | N/A |
| SSH Secure Shell for Servers and SSH Secure Shell for Workstations 2.0.13 through 3.2.1, when running without a PTY, does not call setsid to remove the child process from the process group of the parent process, which allows attackers to gain certain privileges. | |||||
| CVE-2006-1441 | 1 Apple | 1 Mac Os X | 2025-04-03 | 7.5 HIGH | N/A |
| Integer overflow in CFNetwork in Apple Mac OS X 10.4.6 allows remote attackers to execute arbitrary code via crafted chunked transfer encoding. | |||||
| CVE-2005-4687 | 2 F-art Agency, Punbb | 2 Blog Cms, Punbb | 2025-04-03 | 5.0 MEDIUM | N/A |
| PunBB 1.2.9, used alone or with F-ART BLOG:CMS, may trust a client's IP address as specified in the X-Forwarded-For HTTP header rather than the TCP/IP stack, which allows remote attackers to misrepresent their IP address by sending a modified header. | |||||
| CVE-2005-2342 | 1 Rim | 2 Blackberry Enterprise Server, Blackberry Router | 2025-04-03 | 7.8 HIGH | N/A |
| Research in Motion (RIM) BlackBerry Router allows remote attackers to cause a denial of service (communication disruption) via crafted Server Routing Protocol (SRP) packets. | |||||
| CVE-2006-1375 | 1 Brain Book Software | 1 Adman | 2025-04-03 | 5.0 MEDIUM | N/A |
| AdMan 1.0.20051221 and earlier allows remote attackers to obtain the full path via (1) a blank campaignId parameter to editCampaign.php and (2) a blank schemeId parameter to viewPricingScheme.php. | |||||
| CVE-2006-0746 | 1 Xpdf | 1 Xpdf | 2025-04-03 | 7.5 HIGH | N/A |
| Certain patches for kpdf do not include all relevant patches from xpdf that were associated with CVE-2005-3627, which allows context-dependent attackers to exploit vulnerabilities that were present in CVE-2005-3627. | |||||
| CVE-2003-0768 | 1 Microsoft | 1 Asp.net | 2025-04-03 | 6.8 MEDIUM | N/A |
| Microsoft ASP.Net 1.1 allows remote attackers to bypass the Cross-Site Scripting (XSS) and Script Injection protection feature via a null character in the beginning of a tag name. | |||||
| CVE-2001-0028 | 1 Igor Khasilev | 1 Oops Proxy Server | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in the HTML parsing code in oops WWW proxy server 1.5.2 and earlier allows remote attackers to execute arbitrary commands via a large number of " (quotation) characters. | |||||
| CVE-2005-2649 | 1 Adaptive Technology Resource Centre | 1 Atutor | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in ATutor 1.5.1 allows remote attackers to inject arbitrary web script or HTML via (1) course parameter in login.php or (2) words parameter in search.php. | |||||
| CVE-2003-1018 | 1 Ibm | 1 Aix | 2025-04-03 | 7.2 HIGH | N/A |
| Format string vulnerability in enq command in AIX 4.3, 5.1, and 5.2 allows local users with rintq group privileges to gain privileges via unknown attack vectors. | |||||
| CVE-2000-0066 | 1 Oreilly | 1 Website Professional | 2025-04-03 | 5.0 MEDIUM | N/A |
| WebSite Pro allows remote attackers to determine the real pathname of webdirectories via a malformed URL request. | |||||
| CVE-2006-3766 | 1 Darrens 5-dollar Script Archive | 1 Osdate | 2025-04-03 | 5.0 MEDIUM | N/A |
| Darren's $5 Script Archive osDate 1.1.7 and earlier allows users to boost their own ratings via a txtrating parameter with a score greater than the intended maximum of 10. | |||||
| CVE-2004-2577 | 1 Phpgroupware | 1 Phpgroupware | 2025-04-03 | 5.0 MEDIUM | N/A |
| The acl_check function in phpGroupWare 0.9.16RC2 always returns True, even when mkdir does not behave as expected, which could allow remote attackers to obtain sensitive information via WebDAV from users' home directories that lack .htaccess files, and possibly has other unknown impacts. | |||||
| CVE-2006-4282 | 1 Mamboxchange | 1 Mambowiki | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in MamboLogin.php in the MamboWiki component (com_mambowiki) 0.9.6 and earlier for Mambo and Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the IP parameter. | |||||
| CVE-2005-0071 | 1 Vdr | 1 Vdr | 2025-04-03 | 5.0 MEDIUM | N/A |
| vdr before 1.2.6 does not securely create files, which allows attackers to overwrite arbitrary files. | |||||
| CVE-2001-1259 | 1 Avaya | 1 Argent Office | 2025-04-03 | 5.0 MEDIUM | N/A |
| Avaya Argent Office allows remote attackers to cause a denial of service by sending UDP packets to port 53 with no payload. | |||||
| CVE-2006-4652 | 2 Amazing Little Picture Poll, Amazing Little Poll | 2 Amazing Little Picture Poll, Amazing Little Poll | 2025-04-03 | 7.5 HIGH | N/A |
| (1) Amazing Little Poll and (2) Amazing Little Picture Poll have a default password of "dsapoll", which allows remote attackers to create a new poll by entering default credentials via lp_admin.php. | |||||
| CVE-2006-3081 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2025-04-03 | 4.0 MEDIUM | N/A |
| mysqld in MySQL 4.1.x before 4.1.18, 5.0.x before 5.0.19, and 5.1.x before 5.1.6 allows remote authorized users to cause a denial of service (crash) via a NULL second argument to the str_to_date function. | |||||
| CVE-2004-1434 | 1 Cisco | 1 Optical Networking Systems Software | 2025-04-03 | 5.0 MEDIUM | N/A |
| Multiple versions of Cisco ONS 15327, ONS 15454, and ONS 15454 SDH, including 4.1(0) to 4.1(2), 4.5(x), 4.0(0) to 4.0(2), and earlier versions, allows remote attackers to cause a denial of service (control card reset) via malformed SNMP packets. | |||||