Total
29804 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-0433 | 1 Freebsd | 1 Freebsd | 2025-04-03 | 5.0 MEDIUM | N/A |
| Selective Acknowledgement (SACK) in FreeBSD 5.3 and 5.4 does not properly handle an incoming selective acknowledgement when there is insufficient memory, which might allow remote attackers to cause a denial of service (infinite loop). | |||||
| CVE-2006-4738 | 1 Jetbox | 1 Jetbox Cms | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in phpthumb.php in Jetbox CMS allows remote attackers to execute arbitrary PHP code via a URL in the includes_path parameter. NOTE: The relative_script_path vector is already covered by CVE-2006-2270. | |||||
| CVE-2006-2041 | 1 Phpwebgallery | 1 Phpwebgallery | 2025-04-03 | 5.0 MEDIUM | N/A |
| PhpWebGallery before 1.6.0RC1 allows remote attackers to obtain arbitrary pictures via a request to picture.php without specifying the cat parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | |||||
| CVE-2003-0053 | 1 Apple | 2 Darwin Streaming Server, Quicktime Streaming Server | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to insert arbitrary script via the filename parameter, which is inserted into an error message. | |||||
| CVE-2005-2841 | 1 Cisco | 1 Ios | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in Firewall Authentication Proxy for FTP and/or Telnet Sessions for Cisco IOS 12.2ZH and 12.2ZL, 12.3 and 12.3T, and 12.4 and 12.4T allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted user authentication credentials. | |||||
| CVE-2002-0477 | 1 Macromedia | 1 Flash Player | 2025-04-03 | 7.5 HIGH | N/A |
| Standalone Macromedia Flash Player 5.0 before 5,0,30,2 allows remote attackers to execute arbitrary programs via a .SWF file containing the "exec" FSCommand. | |||||
| CVE-2006-3239 | 1 Vbzoom | 1 Vbzoom | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in message.php in VBZooM 1.11 and earlier allows remote attackers to execute arbitrary SQL commands via the UserID parameter. | |||||
| CVE-2003-0106 | 1 Symantec | 1 Enterprise Firewall | 2025-04-03 | 7.5 HIGH | N/A |
| The HTTP proxy for Symantec Enterprise Firewall (SEF) 7.0 allows proxy users to bypass pattern matching for blocked URLs via requests that are URL-encoded with escapes, Unicode, or UTF-8. | |||||
| CVE-2006-2251 | 1 Invision Power Services | 1 Invision Community Blog | 2025-04-03 | 6.4 MEDIUM | N/A |
| SQL injection vulnerability in the do_mmod function in mod.php in Invision Community Blog (ICB) 1.1.2 final through 1.2 allows remote attackers with moderator privileges to execute arbitrary SQL commands via the selectedbids parameter. | |||||
| CVE-2002-1948 | 1 Gringotts | 1 Gringotts | 2025-04-03 | 7.2 HIGH | N/A |
| Multiple buffer overflows in Gringotts 0.5.9 allows local users to execute arbitrary commands via unknown attack vectors. | |||||
| CVE-2000-1070 | 1 Cgi-world | 2 Poll It, Poll It Pro | 2025-04-03 | 5.0 MEDIUM | N/A |
| pollit.cgi in Poll It 2.01 and earlier uses data files that are located under the web document root, which allows remote attackers to access sensitive or private information. | |||||
| CVE-2000-1209 | 2 Compaq, Microsoft | 4 Insight Manager, Insight Manager Xe, Data Engine and 1 more | 2025-04-03 | 10.0 HIGH | N/A |
| The "sa" account is installed with a default null password on (1) Microsoft SQL Server 2000, (2) SQL Server 7.0, and (3) Data Engine (MSDE) 1.0, including third party packages that use these products such as (4) Tumbleweed Secure Mail (MMS) (5) Compaq Insight Manager, and (6) Visio 2000, which allows remote attackers to gain privileges, as exploited by worms such as Voyager Alpha Force and Spida. | |||||
| CVE-1999-0424 | 1 Netscape | 1 Communicator | 2025-04-03 | 2.1 LOW | N/A |
| talkback in Netscape 4.5 allows a local user to overwrite arbitrary files of another user whose Netscape crashes. | |||||
| CVE-2002-0319 | 1 Powie | 1 Pforum | 2025-04-03 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerability in edituser.php for pforum 1.14 and earlier allows remote attackers to execute script and steal cookies from other users via Javascript in a username. | |||||
| CVE-2002-1469 | 1 Scponly | 1 Scponly | 2025-04-03 | 7.5 HIGH | N/A |
| scponly does not properly verify the path when finding the (1) scp or (2) sftp-server programs, which could allow remote authenticated users to bypass access controls by uploading malicious programs and modifying the PATH variable in $HOME/.ssh/environment to locate those programs. | |||||
| CVE-2000-1020 | 1 Alt-n | 1 Mdaemon | 2025-04-03 | 7.5 HIGH | N/A |
| Heap overflow in Worldclient in Mdaemon 3.1.1 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long URL. | |||||
| CVE-2005-0635 | 1 Foxmail | 1 Foxmail Email Server | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in Foxmail Server 2.0 allows remote attackers to execute arbitrary code via a long USER command. | |||||
| CVE-2005-2805 | 1 E107 | 1 E107 | 2025-04-03 | 5.0 MEDIUM | N/A |
| forum_post.php in e107 0.6 allows remote attackers to post to non-existent forums by modifying the forum number. | |||||
| CVE-2004-1590 | 1 Clientexec | 1 Clientexec | 2025-04-03 | 5.0 MEDIUM | N/A |
| Clientexec allows remote attackers to gain sensitive information via an HTTP request to phpinfo.php, which calls the phpinfo function. | |||||
| CVE-2006-0145 | 1 Netbsd | 1 Netbsd | 2025-04-03 | 4.6 MEDIUM | N/A |
| The kernfs_xread function in kernfs in NetBSD 1.6 through 2.1, and OpenBSD 3.8, does not properly validate file offsets against negative 32-bit values that occur as a result of truncation, which allows local users to read arbitrary kernel memory and gain privileges via the lseek system call. | |||||