Total
29809 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-1850 | 1 Ekg | 1 Ekg | 2025-04-03 | 10.0 HIGH | N/A |
| Certain contributed scripts for ekg Gadu Gadu client 1.5 and earlier create temporary files insecurely, with unknown impact and attack vectors, a different vulnerability than CVE-2005-1916. | |||||
| CVE-1999-1014 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 4.6 MEDIUM | N/A |
| Buffer overflow in mail command in Solaris 2.7 and 2.7 allows local users to gain privileges via a long -m argument. | |||||
| CVE-2004-2054 | 1 Phpbb Group | 1 Phpbb | 2025-04-03 | 5.0 MEDIUM | N/A |
| CRLF injection vulnerability in PhpBB 2.0.4 and 2.0.9 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via (1) the mode parameter to privmsg.php or (2) the redirect parameter to login.php. | |||||
| CVE-2005-0441 | 1 Sybase | 1 Adaptive Server Enterprise | 2025-04-03 | 10.0 HIGH | N/A |
| Multiple stack-based buffer overflows in Sybase Adaptive Server Enterprise (ASE) 12.x before 12.5.3 ESD#1 allow remote authenticated users to execute arbitrary code via the (1) attrib_valid function, (2) covert function, (3) declare statement, or (4) a crafted query plan, or remote authenticated users with database owner or "sa" role privileges to execute arbitrary code via (5) a crafted install java statement. | |||||
| CVE-2006-3391 | 1 Imbc | 1 Imbccontents Activex Control | 2025-04-03 | 5.1 MEDIUM | N/A |
| The Execute function in iMBCContents ActiveX Control before 2.0.0.59 allows remote attackers to execute arbitrary files via the file URI handler. | |||||
| CVE-2002-1445 | 1 W3c | 1 Cern Httpd | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in CERN Proxy Server allows remote attackers to execute script as other users via a link to a non-existent page whose name contains the script, which is inserted into the resulting error page. | |||||
| CVE-2000-1084 | 1 Microsoft | 2 Data Engine, Sql Server | 2025-04-03 | 4.6 MEDIUM | N/A |
| The xp_updatecolvbm function in SQL Server and Microsoft SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows an attacker to cause a denial of service or execute arbitrary commands, aka the "Extended Stored Procedure Parameter Parsing" vulnerability. | |||||
| CVE-2000-1154 | 1 Joe Kloss | 1 Robinhood | 2025-04-03 | 5.0 MEDIUM | N/A |
| RHConsole in RobinHood 1.1 web server in BeOS r5 pro and earlier allows remote attackers to cause a denial of service via long HTTP request. | |||||
| CVE-2005-1348 | 1 Mailenable | 2 Mailenable Enterprise, Mailenable Professional | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in HTTPMail in MailEnable Enterprise 1.04 and earlier and Professional 1.54 and earlier allows remote attackers to execute arbitrary code via a long HTTP Authorization header. | |||||
| CVE-1999-0240 | 2025-04-03 | 7.5 HIGH | N/A | ||
| Some filters or firewalls allow fragmented SYN packets with IP reserved bits in violation of their implemented policy. | |||||
| CVE-2005-4278 | 1 Larry Wall | 1 Perl | 2025-04-03 | 7.2 HIGH | N/A |
| Untrusted search path vulnerability in Perl before 5.8.7-r1 on Gentoo Linux allows local users in the portage group to gain privileges via a malicious shared object in the Portage temporary build directory, which is part of the RUNPATH. | |||||
| CVE-2001-0406 | 1 Samba | 1 Samba | 2025-04-03 | 2.1 LOW | N/A |
| Samba before 2.2.0 allows local attackers to overwrite arbitrary files via a symlink attack using (1) a printer queue query, (2) the more command in smbclient, or (3) the mput command in smbclient. | |||||
| CVE-2000-1193 | 1 Sgi | 1 Irix | 2025-04-03 | 5.0 MEDIUM | N/A |
| Performance Metrics Collector Daemon (PMCD) in Performance Copilot in IRIX 6.x allows remote attackers to cause a denial of service (resource exhaustion) via an extremely long string to the PMCD port. | |||||
| CVE-2005-3403 | 1 Adaptive Technology Resource Centre | 1 Atutor | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in ATutor 1.4.1 through 1.5.1-pl1 allow remote attackers to inject arbitrary web script or HTML via (1) the _base_href parameter in translate.php, (2) the _base_path parameter in news.inc.php, and (3) the p parameter in add_note.php. | |||||
| CVE-1999-0759 | 1 Fuseware | 1 Fusemail | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in FuseMAIL POP service via long USER and PASS commands. | |||||
| CVE-2002-0903 | 1 Woltlab | 1 Burning Board | 2025-04-03 | 7.5 HIGH | N/A |
| register.php for WoltLab Burning Board (wbboard) 1.1.1 uses a small number of random values for the "code" parameter that is provided to action.php to approve a new registration, along with predictable new user ID's, which allows remote attackers to hijack new user accounts via a brute force attack on the new user ID and the code value. | |||||
| CVE-2005-2041 | 1 Hauri | 1 Virobot Linux Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Buffer overflow in addschup in HAURI ViRobot 2.0, and possibly other products, allows remote attackers to execute arbitrary code via a long ViRobot_ID cookie (HTTP_COOKIE). | |||||
| CVE-2006-1742 | 1 Mozilla | 4 Firefox, Mozilla Suite, Seamonkey and 1 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| The JavaScript engine in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 does not properly handle temporary variables that are not garbage collected, which might allow remote attackers to trigger operations on freed memory and cause memory corruption. | |||||
| CVE-2002-0796 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 10.0 HIGH | N/A |
| Format string vulnerability in the logging component of snmpdx for Solaris 5.6 through 8 allows remote attackers to gain root privileges. | |||||
| CVE-2003-0781 | 1 Ecartis | 1 Ecartis | 2025-04-03 | 10.0 HIGH | N/A |
| Unknown vulnerability in ecartis before 1.0.0 does not properly validate user input, which allows attackers to obtain mailing list passwords. | |||||