Total
29802 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-0116 | 1 Ibm | 2 Aix, Sng | 2025-04-03 | 5.0 MEDIUM | N/A |
| Denial of service when an attacker sends many SYN packets to create multiple connections without ever sending an ACK to complete the connection, aka SYN flood. | |||||
| CVE-2004-2672 | 1 Argosoft | 1 Ftp Server | 2025-04-03 | 7.5 HIGH | N/A |
| Unspecified vulnerability in ArGoSoft FTP server before 1.4.2.2 allows attackers to upload .lnk files via unknown vectors. | |||||
| CVE-2002-1468 | 1 Ibm | 1 Aix | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in errpt in AIX 4.3.3 allows local users to execute arbitrary code as root. | |||||
| CVE-2002-1348 | 1 W3m | 1 W3m | 2025-04-03 | 5.0 MEDIUM | N/A |
| w3m before 0.3.2.2 does not properly escape HTML tags in the ALT attribute of an IMG tag, which could allow remote attackers to access files or cookies. | |||||
| CVE-2006-2526 | 1 Power Place | 1 Php Easy Galerie | 2025-04-03 | 6.4 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in index.php in PHP Easy Galerie 1.1 allows remote attackers to execute arbitrary PHP code via a URL in the includepath parameter. | |||||
| CVE-2004-1301 | 1 Xlreader | 1 Xlreader | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in the book_format_sql function in format.c for xlreader 0.9.0 allows remote attackers to execute arbitrary code via a crafted Excel (XLS) file. | |||||
| CVE-2006-1979 | 1 Manic Web | 1 Mwguest | 2025-04-03 | 5.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in mwguest.php in Manic Web MWGuest 2.1.0 allows remote attackers to inject arbitrary web script or HTML via the homepage parameter. | |||||
| CVE-2005-2387 | 1 Goodtech Systems | 1 Goodtech Smtp Server | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple stack-based buffer overflows in GoodTech SMTP server 5.16 allow remote attackers to execute arbitrary code via (1) a RCPT TO command with a long DNS name, or (2) a large number of RCPT TO commands with a long e-mail name arugment in the last command. | |||||
| CVE-2004-2579 | 1 Novell | 1 Ichain | 2025-04-03 | 7.5 HIGH | N/A |
| ACLCHECK module in Novell iChain 2.3 allows attackers to bypass access control rules of an unspecified component via an unspecified attack vector involving a string that contains escape sequences represented with "overlong UTF-8 encoding." | |||||
| CVE-2006-2896 | 1 Funkboard | 1 Funkboard | 2025-04-03 | 5.0 MEDIUM | N/A |
| profile.php in FunkBoard CF0.71 allows remote attackers to change arbitrary passwords via a modified uid hidden form field in an Edit Profile action. | |||||
| CVE-2001-0255 | 1 Fastream | 2 Fastream Ftp\+\+ Server, Fastream Ftp Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| FaSTream FTP++ Server 2.0 allows remote attackers to list arbitrary directories by using the "ls" command and including the drive letter name (e.g. C:) in the requested pathname. | |||||
| CVE-2006-4778 | 1 Cchost | 1 Cchost | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Creative Commons Tools ccHost before 3.0 allows remote attackers to execute arbitrary SQL commands via a crafted URL, which is used to populate the file ID. NOTE: Some details are obtained from third party information. | |||||
| CVE-2005-1648 | 1 Gurgens | 1 Gurgens Ultimate Forum | 2025-04-03 | 7.5 HIGH | N/A |
| Gurgens (GASoft) Ultimate Forum 1.0 stores the db/Genid.dat database file under the web document root with insufficient access control, which allows remote attackers to obtain and decrypt usernames and passwords. | |||||
| CVE-1999-0584 | 2025-04-03 | 10.0 HIGH | N/A | ||
| A Windows NT file system is not NTFS. | |||||
| CVE-2004-1710 | 1 Andrew Kilpatrick | 1 Page Cgi | 2025-04-03 | 7.5 HIGH | N/A |
| page.cgi allows remote attackers to execute arbitrary commands via shell metacharacters in the url parameter. | |||||
| CVE-2004-1941 | 1 Fastream | 1 Netfile Ftp Web Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Fastream NETFile FTP/Web Server 6.5.1.980 allows remote attackers to cause a denial of service via a username that does not exist. | |||||
| CVE-2004-0681 | 1 Comersus Open Technologies | 1 Comersus Cart | 2025-04-03 | 6.8 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in (1) comersus_customerAuthenticateForm.asp, (2) comersus_backoffice_message.asp, (3) comersus_supportError.asp, or (4) comersus_message.asp in Comersus Cart 5.09 allow remote attackers to execute web script as other users via the message parameter. | |||||
| CVE-2000-0071 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2025-04-03 | 5.0 MEDIUM | N/A |
| IIS 4.0 allows a remote attacker to obtain the real pathname of the document root by requesting non-existent files with .ida or .idq extensions. | |||||
| CVE-2003-0388 | 1 Andrew Morgan | 1 Linux Pam | 2025-04-03 | 4.6 MEDIUM | N/A |
| pam_wheel in Linux-PAM 0.78, with the trust option enabled and the use_uid option disabled, allows local users to spoof log entries and gain privileges by causing getlogin() to return a spoofed user name. | |||||
| CVE-2002-1648 | 1 Squirrelmail | 1 Squirrelmail | 2025-04-03 | 7.5 HIGH | N/A |
| Cross-site request forgery (CSRF) vulnerability in compose.php in SquirrelMail before 1.2.3 allows remote attackers to send email as other users via an IMG URL with modified send_to and subject parameters. | |||||