Total
29520 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-1999-0276 | 1 Hughes | 1 Msql | 2025-04-03 | 7.5 HIGH | N/A |
mSQL v2.0.1 and below allows remote execution through a buffer overflow. | |||||
CVE-2003-0084 | 1 Mod Auth Any | 1 Mod Auth Any | 2025-04-03 | 7.5 HIGH | N/A |
mod_auth_any package in Red Hat Enterprise Linux 2.1 and other operating systems does not properly escape arguments when calling other programs, which allows attackers to execute arbitrary commands via shell metacharacters. | |||||
CVE-2005-0083 | 1 Mysql | 1 Maxdb | 2025-04-03 | 5.0 MEDIUM | N/A |
MySQL MaxDB 7.5.00 for Windows, and possibly earlier versions and other platforms, allows remote attackers to cause a denial of service (application crash) via invalid parameters to the (1) DBMCli_String::ReallocString, (2) DBMCli_String::operator, (3) DBMCli_Buffer::ForceResize, (4) DBMCli_Wizard::InstallDatabase, (5) DBMCli_Devspaces::Complete, (6) DBMWeb_TemplateWizard::askForWriteCountStep5, or (7) DBMWeb_DBMWeb::wizardDB functions, which triggers a null dereference. | |||||
CVE-1999-0737 | 1 Microsoft | 1 Internet Information Server | 2025-04-03 | 5.0 MEDIUM | N/A |
The viewcode.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files. | |||||
CVE-2002-2179 | 1 Unisys | 1 Clearpath Mcp | 2025-04-03 | 7.8 HIGH | N/A |
The dynamic initialization feature of the ClearPath MCP environment allows remote attackers to cause a denial of service (crash) via a TCP port scan using a tool such as nmap. | |||||
CVE-2005-4211 | 1 Coinsoft Technologies | 1 Phpcoin | 2025-04-03 | 7.5 HIGH | N/A |
PHP remote file inclusion vulnerability in coin_includes/db.php in phpCOIN 1.2.2 allows remote attackers to execute arbitrary PHP code via a URL in the $_CCFG[_PKG_PATH_DBSE] variable. | |||||
CVE-1999-0559 | 2025-04-03 | 10.0 HIGH | N/A | ||
A system-critical Unix file or directory has inappropriate permissions. | |||||
CVE-2004-1483 | 1 Symantec | 1 Clientless Vpn Gateway 4400 | 2025-04-03 | 10.0 HIGH | N/A |
Multiple unknown vulnerabilities in the ActiveX and HTML file browsers in Symantec Clientless VPN Gateway 4400 Series 5.0 have unknown attack vectors and unknown impact. | |||||
CVE-2005-1784 | 1 Hosting Controller | 1 Hosting Controller | 2025-04-03 | 7.5 HIGH | N/A |
Hosting Controller 6.1 HotFix 2.0 and earlier allows remote attackers to steal passwords and gain privileges via a modified emailaddress parameter in an updateprofile action for UserProfile.asp. | |||||
CVE-2006-2675 | 1 Ubbcentral | 1 Ubb.threads | 2025-04-03 | 5.1 MEDIUM | N/A |
PHP remote file inclusion vulnerability in ubbt.inc.php in UBBThreads 5.x and 6.x allows remote attackers to execute arbitrary PHP code via a URL in the (1) thispath or (2) configdir parameters. | |||||
CVE-2006-1589 | 1 Netbsd | 1 Netbsd | 2025-04-03 | 4.9 MEDIUM | N/A |
The elf_load_file function in NetBSD 2.0 through 3.0 allows local users to cause a denial of service (kernel crash) via an ELF interpreter that does not have a PT_LOAD section in its header, which triggers a null dereference. | |||||
CVE-2001-0837 | 1 Deltathree | 1 Pc-to-phone | 2025-04-03 | 2.1 LOW | N/A |
DeltaThree Pc-To-Phone 3.0.3 places sensitive data in world-readable locations in the installation directory, which allows local users to read the information in (1) temp.html, (2) the log folder, and (3) the PhoneBook folder. | |||||
CVE-2002-2109 | 1 Matt Wright | 1 Formmail | 2025-04-03 | 7.5 HIGH | N/A |
Matt Wright FormMail 1.9 and earlier allows remote attackers to bypass the HTTP_REFERER check and conduct unauthorized activities via (1) a blank referer, (2) a spoofed referer with a trusted domain/URL after the beginning of the referer, or (3) a spoofed referer with a trusted domain/URL in the beginning (hostname) portion of the referer. | |||||
CVE-2002-0274 | 1 University Of Cambridge | 1 Exim | 2025-04-03 | 4.6 MEDIUM | N/A |
Exim 3.34 and earlier may allow local users to gain privileges via a buffer overflow in long -C (configuration file) and other command line arguments. | |||||
CVE-2004-0598 | 1 Greg Roelofs | 1 Libpng | 2025-04-03 | 5.0 MEDIUM | N/A |
The png_handle_iCCP function in libpng 1.2.5 and earlier allows remote attackers to cause a denial of service (application crash) via a certain PNG image that triggers a null dereference. | |||||
CVE-2006-4545 | 1 Modulebased Cms | 1 Modulebased Cms | 2025-04-03 | 7.5 HIGH | N/A |
PHP remote file inclusion vulnerability in ModuleBased CMS Pre-Alpha allows remote attackers to execute arbitrary PHP code via the _SERVER parameter in (1) admin/avatar.php, (2) libs/archive.class.php, (3) libs/login.php, (4) libs/profiles.class.php, and (5) libs/profile/proccess.php. NOTE: CVE disputes this claim, as the _SERVER array and the _SERVER[DOCUMENT_ROOT] index are controlled by PHP and cannot be manipulated by an attacker | |||||
CVE-2003-1187 | 1 Phpkit | 1 Phpkit | 2025-04-03 | 6.8 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in include.php in PHPKIT 1.6.02 and 1.6.03 allows remote attackers to inject arbitrary web script or HTML via the contact_email parameter. | |||||
CVE-2005-2282 | 1 Esi Products | 1 Webeoc | 2025-04-03 | 4.3 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in WebEOC before 6.0.2 allow remote attackers to inject arbitrary web script and HTML via unknown vectors. | |||||
CVE-2006-1285 | 1 Symantec | 2 Ghost Solutions Suite, Norton Ghost | 2025-04-03 | 3.2 LOW | N/A |
SQLAnywhere in Symantec Ghost 8.0 and 8.2, as used in Symantec Ghost Solutions Suite (SGSS) 1.0, gives read and write permissions to all users for database shared memory sections, which allows local users to access and possibly modify certain information. | |||||
CVE-2006-1152 | 1 M Phorum | 1 M Phorum | 2025-04-03 | 5.0 MEDIUM | N/A |
PHP remote file inclusion vulnerability in index.php in M-Phorum 0.2 allows remote attackers to include arbitrary files via the go parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. |