Total
29802 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-3489 | 1 F-secure | 3 F-secure Anti-virus, F-secure Internet Security, F-secure Service Platform For Service Providers | 2025-04-03 | 5.0 MEDIUM | N/A |
| F-Secure Anti-Virus 2003 through 2006 and other versions, Internet Security 2003 through 2006, and Service Platform for Service Providers 6.x and earlier allows remote attackers to bypass anti-virus scanning via a crafted filename. | |||||
| CVE-2001-1027 | 1 Windowmaker | 1 Windowmaker | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in WindowMaker (aka wmaker) 0.64 and earlier allows remote attackers to execute arbitrary code via a long window title. | |||||
| CVE-2002-1987 | 1 Caucho Technology | 1 Resin | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in view_source.jsp in Resin 2.1.2 allows remote attackers to read arbitrary files via a "\.." (backslash dot dot). | |||||
| CVE-2005-4790 | 2 Novell, Suse | 2 Suse Linux, Suse Linux | 2025-04-03 | 6.9 MEDIUM | N/A |
| Multiple untrusted search path vulnerabilities in SUSE Linux 9.3 and 10.0, and possibly other distributions, cause the working directory to be added to LD_LIBRARY_PATH, which might allow local users to execute arbitrary code via (1) beagle, (2) tomboy, or (3) blam. NOTE: in August 2007, the tomboy vector was reported for other distributions. | |||||
| CVE-2006-3755 | 1 Flushcms | 1 Flushcms | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in Include/editor/class.rich.php in FlushCMS 1.0.0-pre2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the class_path parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | |||||
| CVE-1999-0467 | 1 Webcom | 1 Cgi Guestbook | 2025-04-03 | 5.0 MEDIUM | N/A |
| The Webcom CGI Guestbook programs wguest.exe and rguest.exe allow a remote attacker to read arbitrary files using the "template" parameter. | |||||
| CVE-2006-3201 | 1 Hp | 1 Hp-ux | 2025-04-03 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in the kernel in HP-UX B.11.00, B.11.11, and B.11.23 allows local users to cause an unspecified denial of service via unknown vectors. | |||||
| CVE-2000-0705 | 1 Luca Deri | 1 Ntop | 2025-04-03 | 5.0 MEDIUM | N/A |
| ntop running in web mode allows remote attackers to read arbitrary files via a .. (dot dot) attack. | |||||
| CVE-2003-0302 | 1 Qualcomm | 1 Eudora | 2025-04-03 | 5.0 MEDIUM | N/A |
| The IMAP Client for Eudora 5.2.1 allows remote malicious IMAP servers to cause a denial of service and possibly execute arbitrary code via certain large literal size values that cause either integer signedness errors or integer overflow errors. | |||||
| CVE-2006-0846 | 1 Leif M. Wright | 1 Web Blog | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Leif M. Wright's Blog 3.5 allow remote attackers to inject arbitrary web script or HTML via the (1) Referer and (2) User-Agent HTTP headers, which are stored in a log file and not sanitized when the administrator views the "Log" page, possibly using the ViewCommentsLog function. | |||||
| CVE-2006-4862 | 1 Easypagecms | 1 Easypagecms | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in default.aspx in easypage allows remote attackers to execute arbitrary SQL commands via the srch parameter in the Search page. | |||||
| CVE-2002-0622 | 1 Microsoft | 1 Commerce Server | 2025-04-03 | 7.5 HIGH | N/A |
| The Office Web Components (OWC) package installer for Microsoft Commerce Server 2000 allows remote attackers to execute commands by passing the commands as input to the OWC package installer, aka "OWC Package Command Execution". | |||||
| CVE-2006-0811 | 1 Skate Board | 1 Skate Board | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in reguser.php in Skate Board 0.9 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters involved with the registration form. | |||||
| CVE-2006-4567 | 1 Mozilla | 2 Firefox, Thunderbird | 2025-04-03 | 2.6 LOW | N/A |
| Mozilla Firefox before 1.5.0.7 and Thunderbird before 1.5.0.7 makes it easy for users to accept self-signed certificates for the auto-update mechanism, which might allow remote user-assisted attackers to use DNS spoofing to trick users into visiting a malicious site and accepting a malicious certificate for the Mozilla update site, which can then be used to install arbitrary code on the next update. | |||||
| CVE-2005-0283 | 1 David Barrett | 1 Qwikiwiki | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in QwikiWiki allows remote attackers to read arbitrary files via a .. (dot dot) and a %00 at the end of the filename in the page parameter. | |||||
| CVE-1999-0778 | 1 Xi Graphics | 1 Accelerated-x Server | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in Xi Graphics Accelerated-X server allows local users to gain root access via a long display or query parameter. | |||||
| CVE-2004-2410 | 1 Samhain Labs | 1 Samhain | 2025-04-03 | 2.1 LOW | N/A |
| Unknown vulnerability in sh_hash_compdata for Samhain 1.8.9 through 2.0.1 might allow attackers to cause a denial of service (null pointer dereference). | |||||
| CVE-2006-4464 | 1 Nokia | 1 Symbian | 2025-04-03 | 5.0 MEDIUM | N/A |
| The Nokia Browser, possibly Nokia Symbian 60 Browser 3rd edition, allows remote attackers to cause a denial of service (crash) via JavaScript that constructs a large Unicode string. | |||||
| CVE-2003-0243 | 1 Happycgi | 1 Happymall | 2025-04-03 | 7.5 HIGH | N/A |
| Happycgi.com Happymall 4.3 and 4.4 allows remote attackers to execute arbitrary commands via shell metacharacters in the file parameter for the (1) normal_html.cgi or (2) member_html.cgi scripts. | |||||
| CVE-2005-2470 | 1 Adobe | 2 Acrobat, Acrobat Reader | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in a "core application plug-in" for Adobe Reader 5.1 through 7.0.2 and Acrobat 5.0 through 7.0.2 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors. | |||||