Total
29805 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-1530 | 1 Sun | 2 Cobalt Raq 2, Cobalt Raq 3i | 2025-04-03 | 3.6 LOW | N/A |
| cgiwrap as used on Cobalt RaQ 2.0 and RaQ 3i does not properly identify the user for running certain scripts, which allows a malicious site administrator to view or modify data located at another virtual site on the same system. | |||||
| CVE-2004-1701 | 1 Gnu | 1 Cfengine | 2025-04-03 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in the AuthenticationDialogue function in cfservd for Cfengine 2.0.0 to 2.1.7p1 allows remote attackers to execute arbitrary code via a long SAUTH command during RSA authentication. | |||||
| CVE-2005-4825 | 1 Cisco | 1 Network Admission Control Manager And Server System Software | 2025-04-03 | 5.7 MEDIUM | N/A |
| Cisco Clean Access 3.5.5 and earlier on the Secure Smart Manager allows remote attackers to bypass authentication and cause a denial of service (disk consumption), or make unauthorized files accessible, by uploading files through requests to certain JSP scripts, a related issue to CVE-2005-4332. | |||||
| CVE-2002-1913 | 1 Myphpnuke | 1 Myphpnuke | 2025-04-03 | 5.0 MEDIUM | N/A |
| phptonuke.php in myPHPNuke 1.8.8 allows remote attackers to read arbitrary files via a full pathname in the filnavn variable. | |||||
| CVE-2000-0245 | 1 Sgi | 1 Irix | 2025-04-03 | 10.0 HIGH | N/A |
| Vulnerability in SGI IRIX objectserver daemon allows remote attackers to create user accounts. | |||||
| CVE-2006-2083 | 1 Andrew Tridgell | 1 Rsync | 2025-04-03 | 7.5 HIGH | N/A |
| Integer overflow in the receive_xattr function in the extended attributes patch (xattr.c) for rsync before 2.6.8 might allow attackers to execute arbitrary code via crafted extended attributes that trigger a buffer overflow. | |||||
| CVE-2006-0136 | 1 Phanatic Softwares | 1 Chimera Web Portal | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the guestbook module in modules.php in Phanatic Softwares Chimera Web Portal System 0.2 allow remote attackers to inject arbitrary web script or HTML via the (1) comment_poster, (2) comment_poster_email, (3) comment_poster_homepage, and (4) comment_text parameters. | |||||
| CVE-2005-3359 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 4.9 MEDIUM | N/A |
| The atm module in Linux kernel 2.6 before 2.6.14 allows local users to cause a denial of service (panic) via certain socket calls that produce inconsistent reference counts for loadable protocol modules. | |||||
| CVE-2006-0373 | 1 Douran | 1 Followweb | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in register.aspx in Douran FollowWeb allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2005-1756 | 1 Novell | 1 Netmail | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the ModWeb agent for Novell NetMail 3.52 before 3.52C allows remote attackers to inject arbitrary web script or HTML via calendar display fields. | |||||
| CVE-2005-2193 | 1 Punbb | 1 Punbb | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the user profile edit module in profile.php for PunBB 1.2.5 and earlier allows remote attackers to execute arbitrary SQL statements via the temp array, which is not initialized before it is used and prevents the attacker-supplied portions of the array from being properly escaped. | |||||
| CVE-2006-0651 | 1 Vwdev | 1 Vwdev | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in vwdev allows remote attackers to execute arbitrary SQL commands via the UID parameter in the definition Page. | |||||
| CVE-2002-1435 | 1 Achievo | 1 Achievo | 2025-04-03 | 7.5 HIGH | N/A |
| class.atkdateattribute.js.php in Achievo 0.7.0 through 0.9.1, except 0.8.2, allows remote attackers to execute arbitrary PHP code when the 'allow_url_fopen' setting is enabled via a URL in the config_atkroot parameter that points to the code. | |||||
| CVE-2001-1021 | 1 Progress | 1 Ws Ftp Server | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflows in WS_FTP 2.02 allow remote attackers to execute arbitrary code via long arguments to (1) DELE, (2) MDTM, (3) MLST, (4) MKD, (5) RMD, (6) RNFR, (7) RNTO, (8) SIZE, (9) STAT, (10) XMKD, or (11) XRMD. | |||||
| CVE-2002-0992 | 1 Hp | 1 Hp-ux | 2025-04-03 | 2.1 LOW | N/A |
| Unknown vulnerability in IPV6 functionality for DCE daemons (1) dced or (2) rpcd on HP-UX 11.11 allows attackers to cause a denial of service (crash) via an attack that modifies internal data. | |||||
| CVE-2002-0106 | 1 Bea | 1 Weblogic Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| BEA Systems Weblogic Server 6.1 allows remote attackers to cause a denial of service via a series of requests to .JSP files that contain an MS-DOS device name. | |||||
| CVE-2004-1271 | 1 Dxfscope | 1 Dxf File Format Viewer | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in the dxfin function in d.c for dxfscope 0.2 allows remote attackers to execute arbitrary code via a crafted DXF file. | |||||
| CVE-2003-0709 | 1 Whois | 1 Whois | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the whois client, which is not setuid but is sometimes called from within CGI programs, may allow remote attackers to execute arbitrary code via a long command line option. | |||||
| CVE-2003-1104 | 1 Ibm | 1 Tivoli Firewall Toolbox | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in IBM Tivoli Firewall Toolbox (TFST) 1.2 allows remote attackers to execute arbitrary code via unknown vectors. | |||||
| CVE-2005-2139 | 1 Pavsta | 1 Pavsta Auto Site | 2025-04-03 | 5.0 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in user_check.php for Pavsta Auto Site allows remote attackers to execute arbitrary PHP code via the sitepath parameter. | |||||