Total
29516 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-1589 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 7.2 HIGH | N/A |
| The pkt_ioctl function in the pktcdvd block device ioctl handler (pktcdvd.c) in Linux kernel 2.6.12-rc4 and earlier calls the wrong function before passing an ioctl to the block device, which crosses security boundaries by making kernel address space accessible from user space and allows local users to cause a denial of service and possibly execute arbitrary code, a similar vulnerability to CVE-2005-1264. | |||||
| CVE-2004-2098 | 1 Native Solutions | 1 Tbe Banner Engine | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the banner engine (TBE) 5.0 allows remote attackers to execute arbitrary script as other users via the HTML banner view/preview capability. | |||||
| CVE-2005-2472 | 1 Netcplus | 1 Businessmail | 2025-04-03 | 5.0 MEDIUM | N/A |
| Multiple buffer overflows in BusinessMail 4.60.00 allow remote attackers to cause a denial of service (application crash) via a long string to SMTP (1) HELO or (2) MAIL FROM commands. | |||||
| CVE-2004-2271 | 1 Minishare | 1 Minimal Http Server | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in MiniShare 1.4.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request. | |||||
| CVE-1999-0152 | 1 Data General | 1 Dg Ux | 2025-04-03 | 7.5 HIGH | N/A |
| The DG/UX finger daemon allows remote command execution through shell metacharacters. | |||||
| CVE-2000-0598 | 1 Fortech | 1 Proxy\+ | 2025-04-03 | 5.0 MEDIUM | N/A |
| Fortech Proxy+ allows remote attackers to bypass access restrictions for to the administration service by redirecting their connections through the telnet proxy. | |||||
| CVE-2001-0046 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2025-04-03 | 4.6 MEDIUM | N/A |
| The default permissions for the SNMP Parameters registry key in Windows NT 4.0 allows remote attackers to read and possibly modify the SNMP community strings to obtain sensitive information or modify network configuration, aka one of the "Registry Permissions" vulnerabilities. | |||||
| CVE-2005-3340 | 1 New Breed Software | 1 Tux Paint | 2025-04-03 | 7.2 HIGH | N/A |
| The tuxpaint-import.sh script in Tux Paint (tuxpaint) 0.9.14 and earlier creates temporary files insecurely, with unknown impact and attack vectors. | |||||
| CVE-2004-0645 | 2 Abisource, Wvware | 2 Community Abiword, Wvware | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in the wvHandleDateTimePicture function in wv library (wvWare) 0.7.4 through 0.7.6 and 1.0.0 allows remote attackers to execute arbitrary code via a document with a long DateTime field. | |||||
| CVE-2006-4715 | 1 Spoonlabs | 1 Vivvo Article Management Cms | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in pdf_version.php in SpoonLabs Vivvo Article Management CMS (aka phpWordPress) 3.2 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2001-1124 | 1 Hp | 1 Hp-ux | 2025-04-03 | 5.0 MEDIUM | N/A |
| rpcbind in HP-UX 11.00, 11.04 and 11.11 allows remote attackers to cause a denial of service (core dump) via a malformed RPC portmap requests, possibly related to a buffer overflow. | |||||
| CVE-2002-1081 | 1 Aprelium Technologies | 1 Abyss Web Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| The Administration console for Abyss Web Server 1.0.3 allows remote attackers to read files without providing login credentials via an HTTP request to a target file that ends in a "+" character. | |||||
| CVE-2006-1665 | 1 Arab Portal | 1 Arab Portal | 2025-04-03 | 2.6 LOW | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Arab Portal 2.0.1 stable allow remote attackers to inject arbitrary web script or HTML via the (1) adminJump and (2) forum_middle parameters in (a) forum.php, and the (3) form parameter in (b) members.php, (c) pm.php, and (d) mail.php. | |||||
| CVE-2006-4283 | 1 Solmetra | 1 Spaw Editor | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in SOLMETRA SPAW Editor 1.0.6 and 1.0.7 allow remote attackers to execute arbitrary PHP code via a URL in the spaw_dir parameter in dialogs/ scripts including (1) a.php, (2) collorpicker.php, (3) img.php, (4) img_library.php, (5) table.php, or (6) td.php. | |||||
| CVE-2005-4471 | 1 Avaya | 1 Modular Messaging Message Storage Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| POP3 service in Avaya Modular Messaging Message Storage Server (MSS) 2.0 SP 4 and earlier allows remote attackers to cause a denial of service (infinite loop) via crafted packets. | |||||
| CVE-2001-0304 | 1 Caucho Technology | 1 Resin | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Caucho Resin 1.2.2 allows remote attackers to read arbitrary files via a "\.." (dot dot) in a URL request. | |||||
| CVE-2006-0937 | 1 Unu Networks | 1 Mailgust | 2025-04-03 | 5.0 MEDIUM | N/A |
| U.N.U. Mailgust 1.9 allows remote attackers to obtain sensitive information via a direct request to index.php with method=showfullcsv, which reveals the POP3 server configuration, including account name and password. | |||||
| CVE-2005-4439 | 1 Elog | 1 Elogd | 2025-04-03 | 7.8 HIGH | N/A |
| Buffer overflow in ELOG elogd 2.6.0-beta4 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a URL with a long (1) cmd or (2) mode parameter. | |||||
| CVE-2005-3308 | 1 Zomplog | 1 Zomplog | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Zomplog 3.4 allow remote attackers to inject arbitrary web script or HTML via the (1) name or (2) comment parameter in detail.php, (3) the username parameter in get.php, and (4) the search parameter in index.php. | |||||
| CVE-2006-1435 | 1 Accounting Receiving And Inventory Administration | 1 Aria | 2025-04-03 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in genmessage.php in Accounting Receiving and Inventory Administration (ARIA) 0.99-6 allows remote attackers to inject arbitrary web script or HTML via the Message Field (message parameter). | |||||