Total
29798 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-1203 | 1 Phpcms | 1 Phpcms | 2025-04-03 | 5.0 MEDIUM | N/A |
| parser.php in phpCMS 1.2.1 and earlier, with non-stealth and debug modes enabled, allows remote attackers to gain sensitive information via an invalid file parameter, which reveals the web server's installation path. | |||||
| CVE-2002-0912 | 1 Debian | 1 Debian Linux | 2025-04-03 | 5.0 MEDIUM | N/A |
| in.uucpd UUCP server in Debian GNU/Linux 2.2, and possibly other operating systems, does not properly terminate long strings, which allows remote attackers to cause a denial of service, possibly due to a buffer overflow. | |||||
| CVE-2001-1368 | 1 Iplanet | 1 Iplanet Web Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Vulnerability in iPlanet Web Server 4 included in Virtualvault Operating System (VVOS) 4.0 running HP-UX 11.04 could allow attackers to corrupt data. | |||||
| CVE-2005-2611 | 1 Symantec Veritas | 3 Backup Exec, Backup Exec Remote Agent, Netbackup | 2025-04-03 | 10.0 HIGH | N/A |
| VERITAS Backup Exec for Windows Servers 8.6 through 10.0, Backup Exec for NetWare Servers 9.0 and 9.1, and NetBackup for NetWare Media Server Option 4.5 through 5.1 uses a static password during authentication from the NDMP agent to the server, which allows remote attackers to read and write arbitrary files with the backup server. | |||||
| CVE-2003-0297 | 1 University Of Washington | 3 C-client, Imap-2002b, Pine | 2025-04-03 | 7.5 HIGH | N/A |
| c-client IMAP Client, as used in imap-2002b and Pine 4.53, allows remote malicious IMAP servers to cause a denial of service (crash) and possibly execute arbitrary code via certain large (1) literal and (2) mailbox size values that cause either integer signedness errors or integer overflow errors. | |||||
| CVE-1999-1283 | 1 Opera Software | 1 Opera Web Browser | 2025-04-03 | 5.0 MEDIUM | N/A |
| Opera 3.2.1 allows remote attackers to cause a denial of service (application crash) via a URL that contains an extra / in the http:// tag. | |||||
| CVE-2006-1617 | 1 Advanced Poll | 1 Advanced Poll | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Advanced Poll 2.02 allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to comments.php or (2) poll_id parameter to page.php. NOTE: it is possible that this issue is resultant from CVE-2006-1616. | |||||
| CVE-2006-3860 | 1 Ibm | 1 Informix Dynamic Database Server | 2025-04-03 | 7.5 HIGH | N/A |
| IBM Informix Dynamic Server (IDS) before 9.40.xC7 and 10.00 before 10.00.xC3 allows allows remote authenticated users to execute arbitrary commands via the (1) "SET DEBUG FILE" SQL command, and the (2) start_onpload and (3) dbexp functions. | |||||
| CVE-2000-1019 | 1 Inktomi | 1 Search Software | 2025-04-03 | 5.0 MEDIUM | N/A |
| Search engine in Ultraseek 3.1 and 3.1.10 (aka Inktomi Search) allows remote attackers to cause a denial of service via a malformed URL. | |||||
| CVE-2003-0642 | 1 Watchguard | 1 Serverlock | 2025-04-03 | 2.1 LOW | N/A |
| WatchGuard ServerLock for Windows 2000 before SL 2.0.4 allows local users to access kernel memory via a symlink attack on \Device\PhysicalMemory. | |||||
| CVE-2005-2998 | 1 Bugada Andrea | 1 Php Advanced Transfer Manager | 2025-04-03 | 7.5 HIGH | N/A |
| PHP Advanced Transfer Manager 1.30 has a default password for the administrator user, which allows remote attackers to upload and execute arbitrary PHP files. | |||||
| CVE-2006-2159 | 1 Russcom Network | 1 Loginphp | 2025-04-03 | 5.0 MEDIUM | N/A |
| CRLF injection vulnerability in help.php in Russcom Network Loginphp allows remote attackers to spoof e-mails and inject MIME headers via CRLF sequences in the email address. | |||||
| CVE-2005-3364 | 1 Platinum | 1 Dboardgear | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in DboardGear allow remote attackers to execute arbitrary SQL commands via (1) the buddy parameter in buddy.php, (2) the u2uid parameter in u2u.php, and (3) an invalid theme file in the themes action to ctrtools.php. | |||||
| CVE-1999-0066 | 1 John S. Roberts | 1 Anyform | 2025-04-03 | 7.5 HIGH | 9.8 CRITICAL |
| AnyForm CGI remote execution. | |||||
| CVE-2006-2346 | 1 Inter7 | 1 Vpopmail \(vchkpw\) | 2025-04-03 | 7.5 HIGH | N/A |
| vpopmail 5.4.14 and 5.4.15, with cleartext passwords enabled, allows remote attackers to authenticate to an account that does not have a cleartext password set by using a blank password to (1) SMTP AUTH or (2) APOP. | |||||
| CVE-2006-3883 | 1 Gonafish | 1 Linkscaffe | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Gonafish LinksCaffe 3.0 allow remote attackers to inject arbitrary web script or HTML via (1) the tablewidth parameter in (a) counter.php; (2) the newdays parameter in (b) links.php; and the (3) tableborder, (4) menucolor, (5) textcolor, and (6) bodycolor parameters in (c) menu.inc.php. | |||||
| CVE-2006-2324 | 1 180solutions | 1 Zango | 2025-04-03 | 10.0 HIGH | N/A |
| 180solutions Zango downloads "required Adware components" without checking integrity or authenticity, which might allow context-dependent attackers to execute arbitrary code by subverting the DNS resolution of static.zangocash.com. | |||||
| CVE-2005-4743 | 1 Nelogic Technologies | 1 Nephp Publisher | 2025-04-03 | 5.0 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in index.php in NeLogic Nephp Publisher 4.5.2 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id and (2) nnet_catid parameters. | |||||
| CVE-2004-1412 | 1 Kayako | 1 Esupport | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Kayako eSupport 2.x allows remote attackers to inject arbitrary web script or HTML via the searchm parameter. | |||||
| CVE-2006-3376 | 1 Wvware | 2 Libwmf, Wv2 | 2025-04-03 | 7.5 HIGH | N/A |
| Integer overflow in player.c in libwmf 0.2.8.4, as used in multiple products including (1) wv, (2) abiword, (3) freetype, (4) gimp, (5) libgsf, and (6) imagemagick allows remote attackers to execute arbitrary code via the MaxRecordSize header field in a WMF file. | |||||