Vulnerabilities (CVE)

Filtered by NVD-CWE-Other
Total 29802 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-1999-0528 2025-04-03 7.5 HIGH N/A
A router or firewall forwards external packets that claim to come from inside the network that the router/firewall is in front of.
CVE-2001-0820 1 Gaztek 1 Ghttp 2025-04-03 7.5 HIGH N/A
Buffer overflows in GazTek ghttpd 1.4 allows a remote attacker to execute arbitrary code via long arguments that are passed to (1) the Log function in util.c, or (2) serveconnection in protocol.c.
CVE-2003-0357 1 Ethereal Group 1 Ethereal 2025-04-03 7.5 HIGH N/A
Multiple integer overflow vulnerabilities in Ethereal 0.9.11 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) Mount and (2) PPP dissectors.
CVE-2005-1636 2 Mysql, Oracle 2 Mysql, Mysql 2025-04-03 4.6 MEDIUM N/A
mysql_install_db in MySQL 4.1.x before 4.1.12 and 5.x up to 5.0.4 creates the mysql_install_db.X file with a predictable filename and insecure permissions, which allows local users to execute arbitrary SQL commands by modifying the file's contents.
CVE-2002-1644 1 Ssh 1 Ssh2 2025-04-03 7.2 HIGH N/A
SSH Secure Shell for Servers and SSH Secure Shell for Workstations 2.0.13 through 3.2.1, when running without a PTY, does not call setsid to remove the child process from the process group of the parent process, which allows attackers to gain certain privileges.
CVE-2006-1441 1 Apple 1 Mac Os X 2025-04-03 7.5 HIGH N/A
Integer overflow in CFNetwork in Apple Mac OS X 10.4.6 allows remote attackers to execute arbitrary code via crafted chunked transfer encoding.
CVE-2005-4687 2 F-art Agency, Punbb 2 Blog Cms, Punbb 2025-04-03 5.0 MEDIUM N/A
PunBB 1.2.9, used alone or with F-ART BLOG:CMS, may trust a client's IP address as specified in the X-Forwarded-For HTTP header rather than the TCP/IP stack, which allows remote attackers to misrepresent their IP address by sending a modified header.
CVE-2005-2342 1 Rim 2 Blackberry Enterprise Server, Blackberry Router 2025-04-03 7.8 HIGH N/A
Research in Motion (RIM) BlackBerry Router allows remote attackers to cause a denial of service (communication disruption) via crafted Server Routing Protocol (SRP) packets.
CVE-2006-1375 1 Brain Book Software 1 Adman 2025-04-03 5.0 MEDIUM N/A
AdMan 1.0.20051221 and earlier allows remote attackers to obtain the full path via (1) a blank campaignId parameter to editCampaign.php and (2) a blank schemeId parameter to viewPricingScheme.php.
CVE-2006-0746 1 Xpdf 1 Xpdf 2025-04-03 7.5 HIGH N/A
Certain patches for kpdf do not include all relevant patches from xpdf that were associated with CVE-2005-3627, which allows context-dependent attackers to exploit vulnerabilities that were present in CVE-2005-3627.
CVE-2003-0768 1 Microsoft 1 Asp.net 2025-04-03 6.8 MEDIUM N/A
Microsoft ASP.Net 1.1 allows remote attackers to bypass the Cross-Site Scripting (XSS) and Script Injection protection feature via a null character in the beginning of a tag name.
CVE-2001-0028 1 Igor Khasilev 1 Oops Proxy Server 2025-04-03 10.0 HIGH N/A
Buffer overflow in the HTML parsing code in oops WWW proxy server 1.5.2 and earlier allows remote attackers to execute arbitrary commands via a large number of " (quotation) characters.
CVE-2005-2649 1 Adaptive Technology Resource Centre 1 Atutor 2025-04-03 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in ATutor 1.5.1 allows remote attackers to inject arbitrary web script or HTML via (1) course parameter in login.php or (2) words parameter in search.php.
CVE-2003-1018 1 Ibm 1 Aix 2025-04-03 7.2 HIGH N/A
Format string vulnerability in enq command in AIX 4.3, 5.1, and 5.2 allows local users with rintq group privileges to gain privileges via unknown attack vectors.
CVE-2000-0066 1 Oreilly 1 Website Professional 2025-04-03 5.0 MEDIUM N/A
WebSite Pro allows remote attackers to determine the real pathname of webdirectories via a malformed URL request.
CVE-2006-3766 1 Darrens 5-dollar Script Archive 1 Osdate 2025-04-03 5.0 MEDIUM N/A
Darren's $5 Script Archive osDate 1.1.7 and earlier allows users to boost their own ratings via a txtrating parameter with a score greater than the intended maximum of 10.
CVE-2004-2577 1 Phpgroupware 1 Phpgroupware 2025-04-03 5.0 MEDIUM N/A
The acl_check function in phpGroupWare 0.9.16RC2 always returns True, even when mkdir does not behave as expected, which could allow remote attackers to obtain sensitive information via WebDAV from users' home directories that lack .htaccess files, and possibly has other unknown impacts.
CVE-2006-4282 1 Mamboxchange 1 Mambowiki 2025-04-03 7.5 HIGH N/A
PHP remote file inclusion vulnerability in MamboLogin.php in the MamboWiki component (com_mambowiki) 0.9.6 and earlier for Mambo and Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the IP parameter.
CVE-2005-0071 1 Vdr 1 Vdr 2025-04-03 5.0 MEDIUM N/A
vdr before 1.2.6 does not securely create files, which allows attackers to overwrite arbitrary files.
CVE-2001-1259 1 Avaya 1 Argent Office 2025-04-03 5.0 MEDIUM N/A
Avaya Argent Office allows remote attackers to cause a denial of service by sending UDP packets to port 53 with no payload.