Total
29569 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-0044 | 3 Debian, Gnu, Redhat | 3 Debian Linux, Enscript, Linux | 2025-04-03 | 3.6 LOW | N/A |
| GNU Enscript 1.6.1 and earlier allows local users to overwrite arbitrary files of the Enscript user via a symlink attack on temporary files. | |||||
| CVE-2004-0825 | 1 Apple | 1 Mac Os X Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| QuickTime Streaming Server in Mac OS X Server 10.2.8, 10.3.4, and 10.3.5 allows remote attackers to cause a denial of service (application deadlock) via a certain sequence of operations. | |||||
| CVE-2002-1026 | 1 Macromedia | 1 Sitespring | 2025-04-03 | 5.0 MEDIUM | N/A |
| Macromedia Sitespring 1.2.0 (277.1) using Sybase runtime engine 7.0.2.1480 allows remote attackers to cause a denial of service (crash) via a long malformed request to TCP port 2500, possibly triggering a buffer overflow. | |||||
| CVE-2003-0753 | 1 Newsphp | 1 Newsphp | 2025-04-03 | 5.0 MEDIUM | N/A |
| nphpd.php in newsPHP 216 and earlier allows remote attackers to read arbitrary files via a full pathname to the target file in the nphp_config[LangFile] parameter. | |||||
| CVE-2002-0064 | 2 Bindview, Funk Software | 2 Netrc, Funk Software Proxy | 2025-04-03 | 7.2 HIGH | N/A |
| Funk Software Proxy Host 3.x is installed with insecure permissions for the registry and the file system. | |||||
| CVE-2005-0958 | 1 Yepyep | 1 Mtftpd | 2025-04-03 | 7.5 HIGH | N/A |
| Format string vulnerability in the log_do function in log.c for YepYep mtftpd 0.0.3, when the statistics option is enabled, allows remote attackers to execute arbitrary code via the CWD command. | |||||
| CVE-2004-2644 | 1 Asn.1 Compiler | 1 Asn.1 Compiler | 2025-04-03 | 10.0 HIGH | N/A |
| Unspecified vulnerability in ASN.1 Compiler (asn1c) before 0.9.7 has unknown impact and attack vectors when processing "ANY" type tags. | |||||
| CVE-2002-0684 | 2 Gnu, Isc | 2 Glibc, Bind | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in DNS resolver functions that perform lookup of network names and addresses, as used in BIND 4.9.8 and ported to glibc 2.2.5 and earlier, allows remote malicious DNS servers to execute arbitrary code through a subroutine used by functions such as getnetbyname and getnetbyaddr. | |||||
| CVE-2004-0522 | 2 Debian, Gallery Project | 2 Debian Linux, Gallery | 2025-04-03 | 10.0 HIGH | N/A |
| Gallery 1.4.3 and earlier allows remote attackers to bypass authentication and obtain Gallery administrator privileges. | |||||
| CVE-2004-1577 | 1 Greg Donald | 1 Phplinks | 2025-04-03 | 5.0 MEDIUM | N/A |
| index.php in PHP Links allows remote attackers to gain sensitive information via an invalid show parameter, which reveals the full path in an error message. | |||||
| CVE-2005-3196 | 1 Planet Technology Corp | 1 Fgsw2402rs | 2025-04-03 | 4.6 MEDIUM | N/A |
| Planet Technology Corp FGSW2402RS switch with firmware 1.2 has a default password, which allows attackers with physical access to the device's serial port to gain privileges. | |||||
| CVE-2006-4894 | 1 Idevspot | 1 Nixieaffiliate | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in forms/lostpassword.php in iDevSpot NixieAffiliate 1.9 and earlier allows remote attackers to inject arbitrary web script or HTML via the error parameter. | |||||
| CVE-2006-3770 | 1 Phpfaber | 1 Topsites | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in index.php in phpFaber TopSites 2.0.9 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) i_cat or (2) method parameters. | |||||
| CVE-2003-1316 | 1 Endonesia | 1 Endonesia | 2025-04-03 | 5.0 MEDIUM | N/A |
| mod.php in eNdonesia 8.2 allows remote attackers to obtain sensitive information via a ' (quote) value in the lng parameter, which reveals the path in an error message. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2004-2452 | 1 Hitachi | 1 Cosminexus Portal Framework | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in Hitachi Cosminexus Portal Framework 01-00, 01-01, 01-02, 02-01, 02-02, 02-03, and other versions allows remote attackers to obtain sensitive information in the <ut:cache> tag library. | |||||
| CVE-2005-4682 | 1 Audienceview | 1 Audienceview | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in error.asp in AudienceView allows remote attackers to inject arbitrary web script or HTML via the TSerrorMessage parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2001-0473 | 5 Conectiva, Immunix, Mandrakesoft and 2 more | 5 Linux, Immunix, Mandrake Linux and 2 more | 2025-04-03 | 7.5 HIGH | N/A |
| Format string vulnerability in Mutt before 1.2.5 allows a remote malicious IMAP server to execute arbitrary commands. | |||||
| CVE-2006-4677 | 1 Phpopenchat | 1 Phpopenchat | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in contrib/yabbse/poc.php in phpopenchat before 3.0.2 allows remote attackers to execute arbitrary PHP code via the sourcedir parameter. NOTE: this issue was disputed by a third-party researcher who stated that the _REQUEST parameters were dynamically unset at the beginning of the file. Another researcher noted, and CVE agrees, that the unset PHP function can be bypassed (CVE-2006-3017). If this issue is due to a vulnerability in PHP, then it should be excluded from CVE | |||||
| CVE-2002-0718 | 1 Microsoft | 1 Content Management Server | 2025-04-03 | 7.5 HIGH | N/A |
| Web authoring command in Microsoft Content Management Server (MCMS) 2001 allows attackers to authenticate and upload executable content, by modifying the upload location, aka "Program Execution via MCMS Authoring Function." | |||||
| CVE-2005-0127 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Mail in Mac OS X 10.3.7, when generating a Message-ID header, generates a GUUID that includes information that identifies the Ethernet hardware being used, which allows remote attackers to link mail messages to a particular machine. | |||||