Total
29513 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-0937 | 1 Sco | 2 Open Unix, Unixware | 2025-04-03 | 4.6 MEDIUM | N/A |
| SCO UnixWare 7.1.1, 7.1.3, and Open UNIX 8.0.0 allows local users to bypass protections for the "as" address space file for a process ID (PID) by obtaining a procfs file descriptor for the file and calling execve() on a setuid or setgid program, which leaves the descriptor open to the user. | |||||
| CVE-2006-0154 | 1 427bb | 1 Fourtwosevenbb | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in showthread.php in 427BB 2.2 and 2.2.1 allows remote attackers to execute arbitrary SQL commands via the ForumID parameter. | |||||
| CVE-2003-0507 | 1 Microsoft | 1 Windows 2000 | 2025-04-03 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in Active Directory in Windows 2000 before SP4 allows remote attackers to cause a denial of service (reboot) and possibly execute arbitrary code via an LDAP version 3 search request with a large number of (1) "AND," (2) "OR," and possibly other statements, which causes LSASS.EXE to crash. | |||||
| CVE-2004-1742 | 1 Web-app.org | 1 Webapp | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in WebAPP 0.9.9 allows remote attackers to view arbitrary files via a .. (dot dot) in the viewcat parameter. | |||||
| CVE-2003-0429 | 1 Ethereal Group | 1 Ethereal | 2025-04-03 | 7.5 HIGH | N/A |
| The OSI dissector in Ethereal 0.9.12 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via invalid IPv4 or IPv6 prefix lengths, possibly triggering a buffer overflow. | |||||
| CVE-2003-0564 | 1 Hitachi | 2 Groupmax Mail - Security Option, Pki Runtime Library | 2025-04-03 | 5.0 MEDIUM | N/A |
| Multiple vulnerabilities in multiple vendor implementations of the Secure/Multipurpose Internet Mail Extensions (S/MIME) protocol allow remote attackers to cause a denial of service and possibly execute arbitrary code via an S/MIME email message containing certain unexpected ASN.1 constructs, as demonstrated using the NISSC test suite. | |||||
| CVE-2006-3798 | 1 Deluxebb | 1 Deluxebb | 2025-04-03 | 5.0 MEDIUM | N/A |
| DeluxeBB 1.07 and earlier allows remote attackers to overwrite the (1) _GET, (2) _POST, (3) _ENV, and (4) _SERVER variables via the _COOKIE (aka COOKIE) variable, which can overwrite the other variables during an extract function call, probably leading to multiple security vulnerabilities, aka "pollution of the global namespace." | |||||
| CVE-2004-0514 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | 7.2 HIGH | N/A |
| Unknown vulnerability in LoginWindow for Mac OS X 10.3.4, related to "handling of directory services lookups." | |||||
| CVE-2005-0323 | 1 Captaris | 1 Infinite Mobile Delivery Webmail | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Infinite Mobile Delivery Webmail 2.6 allows remote attackers to inject arbitrary web script or HTML via the URL. | |||||
| CVE-2005-3941 | 1 Greywyvern | 1 Orca Blog | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in blog.php in Orca Blog 1.3b and earlier allows remote attackers to execute arbitrary SQL commands via the msg parameter. | |||||
| CVE-2006-0348 | 1 Stefan Ritt | 1 Elog Web Logbook | 2025-04-03 | 5.0 MEDIUM | N/A |
| Format string vulnerability in the write_logfile function in ELOG before 2.6.1 allows remote attackers to cause a denial of service (server crash) via unknown attack vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2005-4362 | 1 Komodo | 1 Komodo Cms | 2025-04-03 | 5.0 MEDIUM | N/A |
| SQL injection vulnerability in page.php in Komodo CMS 2.1 allows remote attackers to execute arbitrary SQL commands via the page parameter. | |||||
| CVE-2005-1337 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | 7.5 HIGH | N/A |
| Apple Help Viewer 2.0.7 and 3.0.0 in Mac OS X 10.3.9 allows remote attackers to read and execute arbitrary scrpts with less restrictive privileges via a help:// URI. | |||||
| CVE-2006-1497 | 1 Vihor | 1 Vihordesign | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in ViHor Design allows remote attackers to read arbitrary files via the page parameter. | |||||
| CVE-2005-4290 | 1 Soft4e | 1 Ecw-cart | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.cgi in ECW-Cart 2.03 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) kword, (2) max, (3) min, (4) comp, and (5) f parameters. | |||||
| CVE-1999-0365 | 1 Metainfo | 2 Metaip, Sendmail | 2025-04-03 | 7.5 HIGH | N/A |
| The metamail package allows remote command execution using shell metacharacters that are not quoted in a mailcap entry. | |||||
| CVE-2005-3868 | 1 Turn-k | 1 K-search | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in K-Search 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) term, (2) id, (3) stat, and (4) source parameters to index.php, and (5) through the image parameters with an add request. | |||||
| CVE-2005-4479 | 1 Phpslash | 1 Phpslash | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in article.php in phpSlash 0.8.1 and earlier allows remote attackers to execute arbitrary SQL commands via the story_id parameter. | |||||
| CVE-2001-0491 | 1 Team Johnlong | 1 Raidenftpd | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in RaidenFTPD Server 2.1 before build 952 allows attackers to access files outside the ftp root via dot dot attacks, such as (1) .... in CWD, (2) .. in NLST, or (3) ... in NLST. | |||||
| CVE-2005-4697 | 1 Microsoft | 1 Windows Xp | 2025-04-03 | 2.1 LOW | N/A |
| The Microsoft Wireless Zero Configuration system (WZCS) allows local users to access WEP keys and pair-wise Master Keys (PMK) of the WPA pre-shared key via certain calls to the WZCQueryInterface API function in wzcsapi.dll. | |||||