Total
29521 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-1945 | 1 Kinesphere Corporation | 1 Exchange Pop3 | 2025-04-03 | 7.5 HIGH | N/A |
Buffer overflow in Kinesphere eXchange POP3 allows remote attackers to execute arbitrary code via a long MAIL FROM field. | |||||
CVE-2005-4797 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in printd line printer daemon (lpd) in Solaris 7 through 10 allows remote attackers to delete arbitrary files via ".." sequences in an "Unlink data file" command. | |||||
CVE-2004-2208 | 1 Ideal Science | 1 Idealbb | 2025-04-03 | 5.0 MEDIUM | N/A |
CRLF injection vulnerability in Ideal Science IdealBB 1.4.9 through 1.5.3 allows remote attackers to conduct HTTP response splitting attacks via unknown vectors. | |||||
CVE-2006-3957 | 1 Bosdev | 1 Bosdates | 2025-04-03 | 7.5 HIGH | N/A |
PHP remote file inclusion vulnerability in payment.php in BosDev BosDates allows remote attackers to execute arbitrary PHP code via a URL in the insPath parameter. | |||||
CVE-2002-0843 | 2 Apache, Oracle | 4 Http Server, Application Server, Database Server and 1 more | 2025-04-03 | 7.5 HIGH | N/A |
Buffer overflows in the ApacheBench benchmark support program (ab.c) in Apache before 1.3.27, and Apache 2.x before 2.0.43, allow a malicious web server to cause a denial of service and possibly execute arbitrary code via a long response. | |||||
CVE-2004-0534 | 1 Businessobjects | 2 Infoview, Webintelligence | 2025-04-03 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in Business Objects InfoView 5.1.4 through 5.1.8 for WebIntelligence 2.7.0 through 2.7.4 allows remote attackers to inject arbitrary web script or HTML via document names when uploading a document. | |||||
CVE-2002-0314 | 3 Fasttrack, Grokster, Music City Networks | 3 Kazaa, Grokster, Morpheus | 2025-04-03 | 5.0 MEDIUM | N/A |
fasttrack p2p, as used in (1) KaZaA before 1.5, (2) grokster, and (3) morpheus allows remote attackers to cause a denial of service (memory exhaustion) via a series of client-to-client messages, which pops up new windows per message. | |||||
CVE-2004-0039 | 1 Checkpoint | 1 Firewall-1 | 2025-04-03 | 10.0 HIGH | N/A |
Multiple format string vulnerabilities in HTTP Application Intelligence (AI) component in Check Point Firewall-1 NG-AI R55 and R54, and Check Point Firewall-1 HTTP Security Server included with NG FP1, FP2, and FP3 allows remote attackers to execute arbitrary code via HTTP requests that cause format string specifiers to be used in an error message, as demonstrated using the scheme of a URI. | |||||
CVE-2004-0961 | 2 Freeradius, Redhat | 3 Freeradius, Enterprise Linux, Fedora Core | 2025-04-03 | 5.0 MEDIUM | N/A |
Memory leak in FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of service (memory exhaustion) via a series of Access-Request packets with (1) Ascend-Send-Secret, (2) Ascend-Recv-Secret, or (3) Tunnel-Password attributes. | |||||
CVE-2004-0672 | 1 Netegrity | 2 Identityminder, Policy Server | 2025-04-03 | 6.8 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in the primary and management web interfaces in Netegrity IdentityMinder Web Edition 5.6 allows remote attackers to execute script as other users via (1) script that starts with %00 in the numOfExpressions parameter or (2) the mobjtype parameter. | |||||
CVE-2006-1963 | 1 Pcpin | 1 Pcpin Chat | 2025-04-03 | 5.5 MEDIUM | N/A |
Directory traversal vulnerability in main.php in PCPIN Chat 5.0.4 and earlier allows remote authenticated users to include and execute arbitrary PHP code via a ".." (dot dot) in a language cookie, as demonstrated by uploading then accessing a smiliefile image that actually contains PHP code. | |||||
CVE-2004-2125 | 1 Iss | 4 Blackice Agent Server, Blackice Pc Protection, Blackice Server Protection and 1 more | 2025-04-03 | 4.6 MEDIUM | N/A |
Buffer overflow in blackd.exe for BlackICE PC Protection 3.6 and other versions before 3.6.ccb, with application protection off, allows local users to gain system privileges by modifying the .INI file to contain a long packetLog.fileprefix value. | |||||
CVE-1999-1574 | 1 Ibm | 1 Aix | 2025-04-03 | 7.5 HIGH | N/A |
Buffer overflow in the lex routines of nslookup for AIX 4.3 may allow attackers to cause a core dump and possibly execute arbitrary code via "long input strings." | |||||
CVE-2002-1361 | 1 Sun | 1 Cobalt Raq 4 | 2025-04-03 | 10.0 HIGH | N/A |
overflow.cgi CGI script in Sun Cobalt RaQ 4 with the SHP (Security Hardening Patch) installed allows remote attackers to execute arbitrary code via a POST request with shell metacharacters in the email parameter. | |||||
CVE-2006-0494 | 1 Mybulletinboard | 1 Mybulletinboard | 2025-04-03 | 4.3 MEDIUM | N/A |
Directory traversal vulnerability in MyBB (aka MyBulletinBoard) 1.02 allows local users with MyBB administrative privileges to include and possibly execute arbitrary local files via directory traversal sequences and a nul (%00) character in the plugin parameter. | |||||
CVE-1999-0192 | 2 Redhat, Slackware | 2 Linux, Slackware Linux | 2025-04-03 | 10.0 HIGH | N/A |
Buffer overflow in telnet daemon tgetent routing allows remote attackers to gain root access via the TERMCAP environmental variable. | |||||
CVE-1999-1071 | 1 Excite | 1 Ews | 2025-04-03 | 7.2 HIGH | N/A |
Excite for Web Servers (EWS) 1.1 installs the Architext.conf authentication file with world-writeable permissions, which allows local users to gain access to Excite accounts by modifying the file. | |||||
CVE-2000-0038 | 1 Glftpd | 1 Glftpd | 2025-04-03 | 7.5 HIGH | N/A |
glFtpD includes a default glftpd user account with a default password and a UID of 0. | |||||
CVE-2005-1153 | 1 Mozilla | 2 Firefox, Mozilla | 2025-04-03 | 7.5 HIGH | N/A |
Firefox before 1.0.3 and Mozilla Suite before 1.7.7, when blocking a popup, allows remote attackers to execute arbitrary code via a javascript: URL that is executed when the user selects the "Show javascript" option. | |||||
CVE-1999-0855 | 1 Freebsd | 1 Freebsd | 2025-04-03 | 7.2 HIGH | N/A |
Buffer overflow in FreeBSD gdc program. |