Total
29516 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-1158 | 3 Kde, Mandrakesoft, Redhat | 3 Konqueror, Mandrake Linux, Fedora Core | 2025-04-03 | 7.5 HIGH | N/A |
| Konqueror 3.x up to 3.2.2-6, and possibly other versions, allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window or tab whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the "window injection" vulnerability. | |||||
| CVE-2001-1554 | 1 Ibm | 1 Aix | 2025-04-03 | 5.0 MEDIUM | N/A |
| IBM AIX 430 does not properly unlock IPPMTU_LOCK, which allows remote attackers to cause a denial of service (hang) via Path Maximum Transmit Unit (PMTU) IP packets. | |||||
| CVE-2004-2449 | 1 Gamespy | 2 Roger Wilco Dedicated Server, Roger Wilco Graphical Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Roger Wilco 1.4.1.6 and earlier or Roger Wilco Base Station 0.30a and earlier allows remote attackers to cause a denial of service (application crash) via a long, malformed UDP datagram. | |||||
| CVE-2003-0993 | 1 Apache | 1 Http Server | 2025-04-03 | 7.5 HIGH | N/A |
| mod_access in Apache 1.3 before 1.3.30, when running big-endian 64-bit platforms, does not properly parse Allow/Deny rules using IP addresses without a netmask, which could allow remote attackers to bypass intended access restrictions. | |||||
| CVE-2005-3290 | 1 Accelerated Enterprise Solutions | 1 Accelerated Mortgage Manager | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Accelerated Mortgage Manager allows remote attackers to execute arbitrary SQL commands via the password field. | |||||
| CVE-2000-0042 | 1 Csm | 1 Mail Server | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in CSM mail server allows remote attackers to cause a denial of service or execute commands via a long HELO command. | |||||
| CVE-2006-0839 | 1 Sourcefire | 1 Snort | 2025-04-03 | 5.0 MEDIUM | N/A |
| The frag3 preprocessor in Sourcefire Snort 2.4.3 does not properly reassemble certain fragmented packets with IP options, which allows remote attackers to evade detection of certain attacks, possibly related to IP option lengths. | |||||
| CVE-2004-2311 | 1 Ibm | 1 Lotus Domino | 2025-04-03 | 3.6 LOW | N/A |
| Directory traversal vulnerability in webadmin.nsf in Lotus Domino R6 6.5.1 allows local users to create folders or determine the existence of files via a .. (dot dot) in the new folder dialog. | |||||
| CVE-2000-0482 | 1 Checkpoint | 1 Firewall-1 | 2025-04-03 | 5.0 MEDIUM | N/A |
| Check Point Firewall-1 allows remote attackers to cause a denial of service by sending a large number of malformed fragmented IP packets. | |||||
| CVE-2004-0293 | 1 Shopcartcgi | 1 Shopcartcgi | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in ShopCartCGI 2.3 allows remote attackers to retrieve arbitrary files via a .. (dot dot) in a HTTP request to (1) gotopage.cgi or (2) genindexpage.cgi. | |||||
| CVE-2005-4319 | 1 Limbo Cms | 1 Limbo Cms | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in index2.php in Limbo CMS 1.0.4.2 and earlier allows remote attackers to include arbitrary PHP files via ".." sequences in the option parameter. | |||||
| CVE-2005-0286 | 1 Emotion | 1 Mediapartner Web Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| eMotion MediaPartner Web Server 5.0 and 5.1 allows remote attackers to obtain sensitive information via an HTTP request for a .bhtml file that contains a (1) . (dot) or (2) + (plus sign) at the end, which returns the source code for that file. | |||||
| CVE-2002-2163 | 1 Killervault | 1 Kvpoll | 2025-04-03 | 4.0 MEDIUM | N/A |
| KvPoll 1.1 allows remote authenticated users to vote more than once by setting the "already_voted" cookie by various methods, including a direct call to clear_cookies.php. | |||||
| CVE-2005-2100 | 1 Redhat | 2 Enterprise Linux, Enterprise Linux Desktop | 2025-04-03 | 2.1 LOW | N/A |
| The rw_vm function in usercopy.c in the 4GB split patch for the Linux kernel in Red Hat Enterprise Linux 4 does not perform proper bounds checking, which allows local users to cause a denial of service (crash). | |||||
| CVE-2004-0845 | 1 Microsoft | 2 Ie, Internet Explorer | 2025-04-03 | 6.4 MEDIUM | N/A |
| Internet Explorer 5.01, 5.5, and 6 does not properly cache SSL content, which allows remote attackers to obtain information or spoof content via a web site with the same host name as the target web site, whose content is cached and reused when the user visits the target web site. | |||||
| CVE-1999-0299 | 1 Freebsd | 1 Freebsd | 2025-04-03 | 9.3 HIGH | N/A |
| Buffer overflow in FreeBSD lpd through long DNS hostnames. | |||||
| CVE-2005-1615 | 1 Ultimate Php Board | 1 Ultimate Php Board | 2025-04-03 | 7.5 HIGH | N/A |
| viewforum.php in Ultimate PHP Board (UPB) 1.8 through 1.9.6 may allow remote attackers to read sensitive data via the postorder parameter, which is not properly handled by textdb.inc.php, possibly due to a SQL injection vulnerability. | |||||
| CVE-2006-4346 | 1 Digium | 1 Asterisk | 2025-04-03 | 7.5 HIGH | N/A |
| Asterisk 1.2.10 supports the use of client-controlled variables to determine filenames in the Record function, which allows remote attackers to (1) execute code via format string specifiers or (2) overwrite files via directory traversals involving unspecified vectors, as demonstrated by the CALLERIDNAME variable. | |||||
| CVE-2006-1276 | 1 Himpfen Consulting | 1 Php Simplenews | 2025-04-03 | 10.0 HIGH | N/A |
| admin.php in Himpfen Consulting Company PHP SimpleNEWS 1.0.0 allows remote attackers to bypass authentication by setting the admin parameter in a cookie. | |||||
| CVE-2002-1702 | 1 Deltascripts | 1 Php Classifieds | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting vulnerability (XSS) in DeltaScripts PHP Classifieds 6.0.5 allows remote attackers to execute arbitrary script as other users via the URL parameter. | |||||