Total
29809 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-2680 | 1 Apache | 1 Mod Python | 2025-04-03 | 5.0 MEDIUM | N/A |
| mod_python (libapache2-mod-python) 3.1.4 and earlier does not properly handle when output filters process more than 16384 bytes, which can cause filter.read to return portions of previously freed memory. | |||||
| CVE-2006-2875 | 1 Id Software | 1 Quake 3 Engine | 2025-04-03 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the CL_ParseDownload function of Quake 3 Engine 1.32c and earlier, as used in multiple products, allows remote attackers to execute arbitrary code via a svc_download command with compressed data that triggers the overflow during expansion. | |||||
| CVE-2006-2321 | 1 Ideal Science | 1 Idealbb | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Ideal Science Ideal BB 1.5.4a and earlier allow remote attackers to inject arbitrary web script or HTML via unknown vectors. NOTE: due to lack of details from the researcher, it is not clear whether this overlaps CVE-2004-2207. | |||||
| CVE-2006-3160 | 1 Onedotoh | 1 Simple File Manager | 2025-04-03 | 2.6 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in fm.php in ONEdotOH Simple File Manager (SFM) 0.24a and earlier allows remote attackers to inject arbitrary web script or HTML via the msg parameter. | |||||
| CVE-1999-1353 | 1 Nosque | 1 Msgcore | 2025-04-03 | 4.6 MEDIUM | N/A |
| Nosque MsgCore 2.14 stores passwords in cleartext: (1) the administrator password in the AdmPasswd registry key, and (2) user passwords in the Userbase.dbf data file, which could allow local users to gain privileges. | |||||
| CVE-1999-0495 | 2025-04-03 | 10.0 HIGH | N/A | ||
| A remote attacker can gain access to a file system using .. (dot dot) when accessing SMB shares. | |||||
| CVE-2006-0995 | 1 Emc Dantz | 1 Retrospect | 2025-04-03 | 5.0 MEDIUM | N/A |
| EMC Dantz Retrospect 7 backup client 7.0.107, and other versions before 7.0.109, and 6.5 before 6.5.138 allows remote attackers to cause a denial of service (client termination and loss of backup service) via a malformed packet to TCP port 497, which triggers an assert error. | |||||
| CVE-2004-2022 | 1 Activestate | 1 Activeperl | 2025-04-03 | 2.1 LOW | N/A |
| ActivePerl 5.8.x and others, and Larry Wall's Perl 5.6.1 and others, when running on Windows systems, allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long argument to the system command, which leads to a stack-based buffer overflow. NOTE: it is unclear whether this bug is in Perl or the OS API that is used by Perl. | |||||
| CVE-2005-2789 | 1 Bfcommand And Control Software | 2 Bfcc, Bfvcc | 2025-04-03 | 7.5 HIGH | N/A |
| BFCommand & Control Server Manager BFCC 1.22_A and earlier, and BFVCC 2.14_B and earlier, allows remote attackers to bypass authentication via (1) an unknown attack vector or (2) a NULL (0x00) as a username. | |||||
| CVE-2003-1064 | 1 Sun | 1 Sunos | 2025-04-03 | 5.0 MEDIUM | N/A |
| Solaris 8 with IPv6 enabled allows remote attackers to cause a denial of service (kernel panic) via a crafted IPv6 packet. | |||||
| CVE-2005-3669 | 1 Cisco | 8 Adaptive Security Appliance Software, Firewall Services Module, Ios and 5 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| Multiple unspecified vulnerabilities in the Internet Key Exchange version 1 (IKEv1) implementation in multiple Cisco products allow remote attackers to cause a denial of service (device reset) via certain malformed IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the Cisco advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to. | |||||
| CVE-2004-1509 | 1 Webcalendar | 1 Webcalendar | 2025-04-03 | 5.0 MEDIUM | N/A |
| validate.php in WebCalendar allows remote attackers to gain sensitive information via an invalid encoded_login parameter, which reveals the full path in an error message. | |||||
| CVE-1999-1230 | 1 Id Software | 1 Quake 2 | 2025-04-03 | 5.0 MEDIUM | N/A |
| Quake 2 server allows remote attackers to cause a denial of service via a spoofed UDP packet with a source address of 127.0.0.1, which causes the server to attempt to connect to itself. | |||||
| CVE-1999-1469 | 1 Hughes Technologies | 1 W3-auth | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in w3-auth CGI program in miniSQL package allows remote attackers to execute arbitrary commands via an HTTP request with (1) a long URL, or (2) a long User-Agent MIME header. | |||||
| CVE-2005-2115 | 1 Raven Software | 1 Soldier Of Fortune 2 | 2025-04-03 | 5.0 MEDIUM | N/A |
| Soldier of Fortune II 1.02x and 1.03 allows remote attackers to cause a denial of service (server crash) via a large ID value in the ignore command, which is used as an array index and causes an out-of-bounds operation. | |||||
| CVE-2005-1308 | 1 Inter7 | 1 Sqwebmail | 2025-04-03 | 7.5 HIGH | N/A |
| SqWebMail allows remote attackers to inject arbitrary web script or HTML via CRLF sequences in the redirect parameter followed by the desired script or HTML. | |||||
| CVE-2002-0265 | 1 Sawmill | 1 Sawmill | 2025-04-03 | 4.6 MEDIUM | N/A |
| Sawmill for Solaris 6.2.14 and earlier creates the AdminPassword file with world-writable permissions, which allows local users to gain privileges by modifying the file. | |||||
| CVE-2000-0461 | 2 Freebsd, Netbsd | 2 Freebsd, Netbsd | 2025-04-03 | 2.1 LOW | N/A |
| The undocumented semconfig system call in BSD freezes the state of semaphores, which allows local users to cause a denial of service of the semaphore system by using the semconfig call. | |||||
| CVE-2006-4070 | 1 Imendio Planner | 1 Imendio Planner | 2025-04-03 | 5.1 MEDIUM | N/A |
| Format string vulnerability in Imendio Planner 0.13 allows user-assisted attackers to execute arbitrary code via format string specifiers in a filename. | |||||
| CVE-2006-2967 | 1 Syworks | 1 Safenet | 2025-04-03 | 2.1 LOW | N/A |
| Syworks SafeNET allows local users to bypass restrictions on network resource consumption by editing the policy.dat file. | |||||