Total
29513 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-1217 | 1 Dsportal | 1 Dspoll | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in DSPoll 1.1 allows remote attackers to execute arbitrary SQL commands via the pollid parameter to (1) results.php, (2) topolls.php, (3) pollit.php. | |||||
| CVE-2005-1152 | 1 Debian | 1 Qpopper | 2025-04-03 | 2.1 LOW | N/A |
| popauth.c in qpopper 4.0.5 and earlier does not properly set the umask, which may cause qpopper to create files with group or world-writable permissions. | |||||
| CVE-2005-3350 | 1 Libungif | 1 Libungif | 2025-04-03 | 7.5 HIGH | N/A |
| libungif library before 4.1.0 allows attackers to corrupt memory and possibly execute arbitrary code via a crafted GIF file that leads to an out-of-bounds write. | |||||
| CVE-2004-1181 | 1 Toshiaki Kanosue | 1 Htmlheadline | 2025-04-03 | 4.6 MEDIUM | N/A |
| htmlheadline before 21.8 allows local users to overwrite arbitrary files via a symlink attack on temporary files. | |||||
| CVE-2005-0649 | 1 Pixel-apes Group | 1 Safehtml | 2025-04-03 | 4.3 MEDIUM | N/A |
| Pixel-Apes SafeHTML before 1.2.1 allows remote attackers to bypass cross-site scripting (XSS) protection via "hexadecimal HTML entities." | |||||
| CVE-2002-1545 | 1 Cooolsoft | 1 Personal Ftp Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| CooolSoft Personal FTP Server 2.24 allows remote attackers to obtain the absolute pathname of the FTP root via a PWD command, which includes the full path in the response. | |||||
| CVE-2000-0007 | 1 Trend Micro | 1 Pc-cillin | 2025-04-03 | 5.0 MEDIUM | N/A |
| Trend Micro PC-Cillin does not restrict access to its internal proxy port, allowing remote attackers to conduct a denial of service. | |||||
| CVE-2002-0952 | 1 Cisco | 1 Optical Networking Systems Software | 2025-04-03 | 5.0 MEDIUM | N/A |
| Cisco ONS15454 optical transport platform running ONS 3.1.0 to 3.2.0 allows remote attackers to cause a denial of service (reset) by sending IP packets with non-zero Type of Service (TOS) bits to the Timing Control Card (TCC) LAN interface. | |||||
| CVE-2005-2968 | 1 Mozilla | 2 Firefox, Mozilla | 2025-04-03 | 7.5 HIGH | N/A |
| Firefox 1.0.6 and Mozilla 1.7.10 allows attackers to execute arbitrary commands via shell metacharacters in a URL that is provided to the browser on the command line, which is sent unfiltered to bash. | |||||
| CVE-2006-3968 | 1 Sun | 1 Solaris | 2025-04-03 | 5.0 MEDIUM | N/A |
| The crypto provider in Sun Solaris 10 3/05 HW2 without patch 121236-01, when running on Sun Fire T2000 platforms, incorrectly verifies a DSA signature, which might prevent applications from detecting that the data has been modified. | |||||
| CVE-2005-1847 | 1 Yamt | 1 Yamt | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple buffer overflows in YaMT before 0.5_2 allow attackers to execute arbitrary code via the (1) rename or (2) sort options. | |||||
| CVE-2005-0652 | 1 Hp | 1 Openvms | 2025-04-03 | 2.1 LOW | N/A |
| Unknown vulnerability in HP OpenVMS VAX 7.x and 6.x and OpenVMS Alpha 7.x or 6.x allows local users to access privileged files. | |||||
| CVE-2005-0697 | 1 Brt | 1 Copperexport | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the process_picture function xp_publish.php in CopperExport 0.2.1 allows remote attackers to execute arbitrary SQL commands, possibly via the (1) title, (2) caption, or (3) keywords parameters. | |||||
| CVE-2003-0319 | 1 Smartmax Software | 1 Mailmax | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the IMAP server (IMAPMax) for SmartMax MailMax 5.0.10.8 and earlier allows remote authenticated users to execute arbitrary code via a long SELECT command. | |||||
| CVE-2005-3123 | 1 Gnu | 1 Gnump3d | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in GNUMP3D before 2.9.6 allows remote attackers to read arbitrary files via crafted sequences such as "/.//..//////././", which is collapsed into "/.././" after ".." and "//" sequences are removed. | |||||
| CVE-2004-2241 | 1 Phorum | 1 Phorum | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Phorum 5.0.11 and earlier allows remote attackers to inject arbitrary HTML or web script via search.php. NOTE: some sources have reported that the affected file is read.php, but this is inconsistent with the vendor's patch. | |||||
| CVE-2005-0599 | 1 Cisco | 1 Application And Content Networking Software | 2025-04-03 | 5.0 MEDIUM | N/A |
| Cisco devices running Application and Content Networking System (ACNS) 4.x, 5.0, or 5.1 before 5.1.11.6 allow remote attackers to cause a denial of service (CPU consumption) via malformed IP packets. | |||||
| CVE-2004-0510 | 1 Sco | 1 Openserver | 2025-04-03 | 7.2 HIGH | N/A |
| Multiple buffer overflows in MMDF on OpenServer 5.0.6 and 5.0.7, and possibly other operating systems, may allow attackers to execute arbitrary code, as demonstrated via the execmail program. | |||||
| CVE-2005-0962 | 1 Lighthouse Development | 1 Squirrelcart | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php for Lighthouse Squirrelcart allows remote attackers to execute arbitrary SQL commands via the (1) crn parameter in a show action or (2) rn parameter in a show_detail action. | |||||
| CVE-2006-4765 | 1 Netgear | 1 Dg834gt | 2025-04-03 | 5.0 MEDIUM | N/A |
| NETGEAR DG834GT Wireless ADSL router running firmware 1.01.28 allows attackers to cause a denial of service (device hang) via a long string in the username field in the login window. | |||||