Total
29568 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-2107 | 1 Finjan Software | 1 Surfingate | 2025-04-03 | 7.5 HIGH | N/A |
| Finjan SurfinGate 6.0 and 7.0, when running in proxy mode, does not authenticate FHTTP commands on TCP port 3141, which allows remote attackers to use the finjan-parameter-type header to (1) restart the service, (2) use the getlastmsg command to view log information, or (3) use the online command to force a policy update from the database server. | |||||
| CVE-2004-0270 | 1 Clam Anti-virus | 1 Clamav | 2025-04-03 | 5.0 MEDIUM | N/A |
| libclamav in Clam AntiVirus 0.65 allows remote attackers to cause a denial of service (crash) via a uuencoded e-mail message with an invalid line length (e.g., a lowercase character), which causes an assert error in clamd that terminates the calling program. | |||||
| CVE-2006-4269 | 2 Joomla, Mambo | 2 X-shop Component, X-shop Component | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in admin.x-shop.php in the x-shop component (com_x-shop) 1.7 and earlier for Mambo and Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. NOTE: this issue has been disputed by third party researchers, stating that there is no mosConfig_absolute_path parameter and no admin.x-shop.php file in the reported package | |||||
| CVE-2005-1474 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | 7.5 HIGH | N/A |
| Dashboard in Apple Mac OS X 10.4.1 allows remote attackers to install widgets via Safari without prompting the user, a different vulnerability than CVE-2005-1933. | |||||
| CVE-2003-1129 | 1 Yahoo | 1 Audio Conferencing Activex Control | 2025-04-03 | 2.6 LOW | N/A |
| Buffer overflow in the Yahoo! Audio Conferencing (aka Voice Chat) ActiveX control before 1,0,0,45 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a URL with a long hostname to Yahoo! Messenger or Yahoo! Chat. | |||||
| CVE-2005-0078 | 3 Debian, Kde, Redhat | 5 Debian Linux, Kde, Enterprise Linux and 2 more | 2025-04-03 | 4.6 MEDIUM | N/A |
| The KDE screen saver in KDE before 3.0.5 does not properly check the return value from a certain function call, which allows attackers with physical access to cause a crash and access the desktop session. | |||||
| CVE-2004-0820 | 1 Nullsoft | 1 Winamp | 2025-04-03 | 4.6 MEDIUM | N/A |
| Winamp before 5.0.4 allows remote attackers to execute arbitrary script in the Local computer zone via script in HTML files that are referenced from XML files contained in a .wsz skin file. | |||||
| CVE-1999-0818 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in Solaris kcms_configure via a long NETPATH environmental variable. | |||||
| CVE-2000-0760 | 1 Apache | 1 Tomcat | 2025-04-03 | 6.4 MEDIUM | N/A |
| The Snoop servlet in Jakarta Tomcat 3.1 and 3.0 under Apache reveals sensitive system information when a remote attacker requests a nonexistent URL with a .snp extension. | |||||
| CVE-2005-4776 | 1 Netbsd | 1 Netbsd | 2025-04-03 | 7.2 HIGH | N/A |
| Integer overflow in the FreeBSD compatibility code (freebsd_misc.c) in NetBSD-current, NetBSD-3, NetBSD-2.0, and NetBSD-2 before 20050913; and NetBSD-1.6 before 20050914; allows local users to cause a denial of service (heap corruption or system crash) and possibly gain root privileges. | |||||
| CVE-2006-2890 | 1 Pixelpost | 1 Pixelpost | 2025-04-03 | 5.1 MEDIUM | N/A |
| Pixelpost 1-5rc1-2 and earlier, when register_globals is enabled, allows remote attackers to gain administrator privileges and conduct other attacks by setting the _SESSION["pixelpost_admin"] parameter to 1 in calls to admin scripts such as admin/view_info.php. | |||||
| CVE-2002-1063 | 1 T. Hauck | 1 Jana Web Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Thomas Hauck Jana Server 2.x through 2.2.1, and 1.4.6 and earlier, allows remote attackers to cause a denial of service (resource exhaustion) via a large number of FTP PASV requests, which consumes all available FTP ports. | |||||
| CVE-2005-2118 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2025-04-03 | 5.1 MEDIUM | N/A |
| Windows Shell for Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 allows remote user-assisted attackers to execute arbitrary commands via a crafted shortcut (.lnk) file with long font properties that lead to a buffer overflow when the user views the file's properties using Windows Explorer, a different vulnerability than CVE-2005-2122. | |||||
| CVE-2005-0222 | 1 Gallery Project | 1 Gallery | 2025-04-03 | 5.0 MEDIUM | N/A |
| main.php in Gallery 2.0 Alpha allows remote attackers to gain sensitive information by changing the value of g2_subView parameter, which reveals the path in an error message. | |||||
| CVE-2002-1938 | 1 Virgil | 1 Cgi Scanner | 2025-04-03 | 7.5 HIGH | N/A |
| Virgil CGI Scanner 0.9 allows remote attackers to execute arbitrary commands via the (1) tar (TARGET) or (2) zielport (ZIELPORT) parameters. | |||||
| CVE-1999-1319 | 1 Sgi | 1 Irix | 2025-04-03 | 10.0 HIGH | N/A |
| Vulnerability in object server program in SGI IRIX 5.2 through 6.1 allows remote attackers to gain root privileges in certain configurations. | |||||
| CVE-2000-0543 | 1 Pgp | 1 Certificate Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| The command port for PGP Certificate Server 2.5.0 and 2.5.1 allows remote attackers to cause a denial of service if their hostname does not have a reverse DNS entry and they connect to port 4000. | |||||
| CVE-2005-2863 | 1 Open Webmail | 1 Open Webmail | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in openwebmail-main.pl in OpenWebMail 2.41 allows remote attackers to inject arbitrary web script or HTML via the sessionid parameter. | |||||
| CVE-2004-0264 | 2 Jim Rees, Shaun2k2 | 2 Jim Rees Httpd, Palmhttpd | 2025-04-03 | 5.0 MEDIUM | N/A |
| palmhttpd for PalmOS allows remote attackers to cause a denial of service (crash) by establishing two simultaneous HTTP connections, which exceeds the PalmOS accept queue. | |||||
| CVE-2006-2236 | 1 Id Software | 4 Quake 3 Arena, Quake 3 Engine, Return To Castle Wolfenstein and 1 more | 2025-04-03 | 7.6 HIGH | N/A |
| Buffer overflow in the Quake 3 Engine, as used by (1) ET 2.60, (2) Return to Castle Wolfenstein 1.41, and (3) Quake III Arena 1.32b allows remote attackers to execute arbitrary commands via a long remapShader command. | |||||