Total
29798 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-4505 | 1 Mcafee | 2 Common Management Agent, Virusscan Enterprise | 2025-04-03 | 7.2 HIGH | N/A |
| Unquoted Windows search path vulnerability in McAfee VirusScan Enterprise 8.0i (patch 11) and CMA 3.5 (patch 5) might allow local users to gain privileges via a malicious "program.exe" file in the C: folder, which is run by naPrdMgr.exe when it attempts to execute EntVUtil.EXE under an unquoted "Program Files" path. | |||||
| CVE-2001-0965 | 1 Glftpd | 1 Glftpd | 2025-04-03 | 5.0 MEDIUM | N/A |
| glFTPD 1.23 allows remote attackers to cause a denial of service (CPU consumption) via a LIST command with an argument that contains a large number of * (asterisk) characters. | |||||
| CVE-2006-2061 | 1 Invision Power Services | 2 Invision Board, Invision Power Board | 2025-04-03 | 5.0 MEDIUM | N/A |
| SQL injection vulnerability in lib/func_taskmanager.php in Invision Power Board (IPB) 2.1.x and 2.0.x before 20060425 allows remote attackers to execute arbitrary SQL commands via the ck parameter, which can inject at most 32 characters. | |||||
| CVE-2005-0673 | 1 Phpbb Group | 1 Phpbb | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in usercp_register.php for phpBB 2.0.13 allows remote attackers to inject arbitrary web script or HTML by setting the (1) allowhtml, (2) allowbbcode, or (3) allowsmilies parameters to inject HTML into signatures for personal messages, possibly when they are processed by privmsg.php or viewtopic.php. | |||||
| CVE-2000-0425 | 1 Lsoft | 1 Listserv | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in the Web Archives component of L-Soft LISTSERV 1.8 allows remote attackers to execute arbitrary commands. | |||||
| CVE-2000-0103 | 1 Netsmart | 1 Smartcart | 2025-04-03 | 7.5 HIGH | N/A |
| The SmartCart shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. | |||||
| CVE-2006-1165 | 1 Andreas Gohr | 1 Dokuwiki | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the mediamanager module in DokuWiki before 2006-03-05 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors relating to "handling EXIF data." | |||||
| CVE-2002-0620 | 1 Microsoft | 1 Commerce Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Buffer overflow in the Profile Service of Microsoft Commerce Server 2000 allows remote attackers to cause the server to fail or run arbitrary code in the LocalSystem security context via an input field using an affected API. | |||||
| CVE-2006-0224 | 1 Libast | 1 Libast | 2025-04-03 | 4.6 MEDIUM | N/A |
| Buffer overflow in Library of Assorted Spiffy Things (LibAST) 0.6.1 and earlier, as used in Eterm and possibly other software, allows local users to execute arbitrary code as the utmp user via a long -X command line argument (alternative configuration file name). | |||||
| CVE-1999-0795 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 7.5 HIGH | N/A |
| The NIS+ rpc.nisd server allows remote attackers to execute certain RPC calls without authentication to obtain system information, disable logging, or modify caches. | |||||
| CVE-2006-4012 | 1 Savewebportal | 1 Savewebportal | 2025-04-03 | 5.1 MEDIUM | N/A |
| Multiple PHP remote file inclusion vulnerabilities in circeOS SaveWeb Portal 3.4 allow remote attackers to execute arbitrary PHP code via a URL in the SITE_Path parameter to (1) poll/poll.php or (2) poll/view_polls.php. NOTE: the menu_dx.php vector is already covered by CVE-2005-2687. | |||||
| CVE-2004-1578 | 1 Invision Power Services | 1 Invision Power Board | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Invision Power Board 2.0.0 allows remote attackers to execute arbitrary web script or HTML via the Referer field in the HTTP header. | |||||
| CVE-2005-3446 | 1 Oracle | 2 Application Server, Database Server | 2025-04-03 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Internet Directory in Oracle Database Server 9i up to 9.2.0.6 and Application Server 9.0.2.3 up to 10.1.2.0 has unknown impact and attack vectors, aka Oracle Vuln# DB32 and AS06. | |||||
| CVE-2006-1778 | 1 Simplog | 1 Simplog | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Jeremy Ashcraft Simplog 0.9.2 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) blogid parameter in (a) index.php and (b) archive.php, the (2) m and (3) y parameters in archive.php, and the (4) sql parameter in (c) server.php. | |||||
| CVE-2003-0765 | 1 Nullsoft | 1 Winamp | 2025-04-03 | 7.5 HIGH | N/A |
| The IN_MIDI.DLL plugin 3.01 and earlier, as used in Winamp 2.91, allows remote attackers to execute arbitrary code via a MIDI file with a large "Track data size" value. | |||||
| CVE-2003-1160 | 1 Seyeon | 1 Flexwatch Network Video Server | 2025-04-03 | 10.0 HIGH | N/A |
| FlexWATCH Network video server 132 allows remote attackers to bypass authentication and gain administrative privileges via an HTTP request to aindex.htm that contains double leading slashes (//). | |||||
| CVE-2001-0900 | 1 Francisco Burzi | 1 Gallery | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in modules.php in Gallery before 1.2.3 allows remote attackers to read arbitrary files via a .. (dot dot) in the include parameter. | |||||
| CVE-2005-1837 | 1 Fortinet | 1 Fortinet Firewall | 2025-04-03 | 7.5 HIGH | N/A |
| Fortinet firewall running FortiOS 2.x contains a hardcoded username with the password set to the serial number, which allows local users with console access to gain privileges. | |||||
| CVE-2005-4783 | 1 Netbsd | 1 Netbsd | 2025-04-03 | 2.1 LOW | N/A |
| kernfs_xread in kernfs_vnops.c in NetBSD before 20050831 does not check for a negative offset when reading the message buffer, which allows local users to read arbitrary kernel memory. | |||||
| CVE-2005-1627 | 1 Viewglob | 1 Viewglob | 2025-04-03 | 2.1 LOW | N/A |
| Unknown vulnerability in Viewglob before 2.0.1, related to "a potential security issue with the Viewglob display and ssh X forwarding," has unknown impact. | |||||