Total
29514 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-1364 | 1 Ehud Gavron | 1 Tracesroute | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in the get_origin function in traceroute-nanog allows attackers to execute arbitrary code via long WHOIS responses. | |||||
| CVE-2005-1457 | 1 Ethereal Group | 1 Ethereal | 2025-04-03 | 5.0 MEDIUM | N/A |
| Multiple unknown vulnerabilities in the (1) AIM, (2) LDAP, (3) FibreChannel, (4) GSM_MAP, (5) SRVLOC, and (6) NTLMSSP dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (crash). | |||||
| CVE-2002-1353 | 1 Intranet-server | 1 Localweb2000 | 2025-04-03 | 5.0 MEDIUM | N/A |
| LocalWEB2000 HTTP server 2.1.0 stores passwords in plain text under the web document root in users.lst, which allows remote attackers to obtain the passwords via a direct request to users.lst. | |||||
| CVE-2005-3115 | 1 Mpeg-tools | 1 Mpeg-tools | 2025-04-03 | 2.1 LOW | N/A |
| mpeg-tools before 1.5b-r2 creates multiple temporary files insecurely, which allows local users to overwrite arbitrary files via (1) ts.stat, (2) ts.mpg, (3) foobar, (4) blockbar, or (5) foobar[NNN]. | |||||
| CVE-2005-3985 | 1 Astaro | 1 Security Linux | 2025-04-03 | 7.8 HIGH | N/A |
| The Internet Key Exchange version 1 (IKEv1) implementation in Astaro Security Linux before 6.102 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to. | |||||
| CVE-2001-0360 | 1 Ikonboard.com | 1 Ikonboard | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in help.cgi in Ikonboard 2.1.7b and earlier allows a remote attacker to read arbitrary files via a .. (dot dot) attack in the helpon parameter. | |||||
| CVE-2005-4390 | 1 Contentserv | 1 Contentserv | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in ContentServ 3.1 and earlier allows remote attackers to execute arbitrary SQL commands via the StoryID parameter. | |||||
| CVE-2004-0679 | 1 Unreal | 1 Unrealircd | 2025-04-03 | 5.0 MEDIUM | N/A |
| The IP cloaking feature (cloak.c) in UnrealIRCd 3.2, and possibly other versions, uses a weak hashing scheme to hide IP addresses, which could allow remote attackers to use brute force methods to gain other user's IP addresses. | |||||
| CVE-2001-0317 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 3.7 LOW | N/A |
| Race condition in ptrace in Linux kernel 2.4 and 2.2 allows local users to gain privileges by using ptrace to track and modify a running setuid process. | |||||
| CVE-1999-0232 | 1 Ncsa Httpd Project | 1 Ncsa Httpd | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in NCSA WebServer (version 1.5c) gives remote access. | |||||
| CVE-2005-4769 | 1 Belchior Foundry | 1 Vcard Pro | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in addrbook.php in Belchior Foundry vCard PRO 3.1 allows remote attackers to execute arbitrary SQL commands via the addr_id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2005-4571 | 1 Myezshop | 1 Myezshop Shopping Cart | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in myEZshop Shopping Cart allows remote attackers to inject arbitrary web script or HTML via the Keyword parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2006-0733 | 1 Wordpress | 1 Wordpress | 2025-04-03 | 2.6 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in WordPress 2.0.0 allows remote attackers to inject arbitrary web script or HTML via scriptable attributes such as (1) onfocus and (2) onblur in the "author's website" field. NOTE: followup comments to the researcher's web log suggest that this issue is only exploitable by the same user who injects the XSS, so this might not be a vulnerability | |||||
| CVE-2005-3472 | 1 Sun | 1 Java System Communications Express | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Sun Java System Communications Express 2005Q1 and 2004Q2 allows local and remote attackers to read sensitive information from configuration files. | |||||
| CVE-2003-0390 | 1 James Theiler | 1 Opt | 2025-04-03 | 4.6 MEDIUM | N/A |
| Multiple buffer overflows in Options Parsing Tool (OPT) shared library 3.18 and earlier, when used in setuid programs, may allow local users to execute arbitrary code via long command line options that are fed into macros such as opt_warn_2, as used in functions such as opt_atoi. | |||||
| CVE-2006-1582 | 1 Blanknberg | 1 Blanknberg | 2025-04-03 | 5.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Blank'N'Berg 0.2 allows remote attackers to inject arbitrary web script or HTML via the _path parameter. NOTE: this might be resultant from the directory traversal issue. | |||||
| CVE-2004-0875 | 1 Phpgroupware | 1 Phpgroupware | 2025-04-03 | 6.8 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Phpgroupware (aka webdistro) 0.9.16.002 and earlier allow remote attackers to insert arbitrary HTML or web script, as demonstrated with a request to the wiki module. | |||||
| CVE-2006-3303 | 1 Deluxebb | 1 Deluxebb | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in pm.php in DeluxeBB 1.07 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) subject or (2) to parameters. | |||||
| CVE-2006-1651 | 1 Microsoft | 1 Isa Server | 2025-04-03 | 7.5 HIGH | N/A |
| Microsoft ISA Server 2004 allows remote attackers to bypass certain filtering rules, including ones for (1) ICMP and (2) TCP, via IPv6 packets. NOTE: An established researcher has disputed this issue, saying that "Neither ISA Server 2004 nor Windows 2003 Basic Firewall support IPv6 filtering ... This is different network protocol. | |||||
| CVE-2003-0478 | 5 Andromede, Bahamut, Daniel Moss and 2 more | 5 Adromedeircd, Ircd, Methane and 2 more | 2025-04-03 | 10.0 HIGH | N/A |
| Format string vulnerability in (1) Bahamut IRCd 1.4.35 and earlier, and other IRC daemons based on Bahamut including (2) digatech 1.2.1, (3) methane 0.1.1, (4) AndromedeIRCd 1.2.3-Release, and (5) ircd-RU, when running in debug mode, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a request containing format strings. | |||||