Total
29511 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-1572 | 1 Aj-fork | 1 Aj-fork | 2025-04-03 | 5.0 MEDIUM | N/A |
| AJ-Fork 167 does not restrict access to directories such as (1) data, (2) inc, (3) plugins, (4) skins, or (5) tools, which allows remote attackers to list files in those directories via a direct HTTP request. | |||||
| CVE-2003-0620 | 1 Andries Brouwer | 1 Man | 2025-04-03 | 4.6 MEDIUM | N/A |
| Multiple buffer overflows in man-db 2.4.1 and earlier, when installed setuid, allow local users to gain privileges via (1) MANDATORY_MANPATH, MANPATH_MAP, and MANDB_MAP arguments to add_to_dirlist in manp.c, (2) a long pathname to ult_src in ult_src.c, (3) a long .so argument to test_for_include in ult_src.c, (4) a long MANPATH environment variable, or (5) a long PATH environment variable. | |||||
| CVE-2006-1223 | 1 Jupiter Cms | 1 Jupiter Cms | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Jupiter Content Manager 1.1.5 and earlier allows remote attackers to inject arbitrary web script or HTML via a Javascript URI in the image BBcode tag. | |||||
| CVE-2006-3517 | 1 Rwscripts.com | 1 Rw Download | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in stats.php in RW::Download, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the root_path parameter. | |||||
| CVE-2003-1261 | 1 Globalscape | 1 Cuteftp | 2025-04-03 | 2.1 LOW | N/A |
| Buffer overflow in CuteFTP 5.0 and 5.0.1 allows local users to cause a denial of service (crash) by copying a long URL into a clipboard. | |||||
| CVE-2001-1163 | 1 Munica | 1 Netsql | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in Munica Corporation NetSQL 1.0 allows remote attackers to execute arbitrary code via a long CONNECT argument to port 6500. | |||||
| CVE-2003-0023 | 1 Rxvt | 1 Rxvt | 2025-04-03 | 5.0 MEDIUM | N/A |
| The menuBar feature in rxvt 2.7.8 allows attackers to modify menu options and execute arbitrary commands via a certain character escape sequence that inserts the commands into the menu. | |||||
| CVE-2002-0995 | 1 Gianluca Baldo | 1 Phpauction | 2025-04-03 | 7.5 HIGH | N/A |
| login.php for PHPAuction allows remote attackers to gain privileges via a direct call to login.php with the action parameter set to "insert," which adds the provided username to the adminUsers table. | |||||
| CVE-2005-1888 | 1 Mediawiki | 1 Mediawiki | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in MediaWiki before 1.4.5 allows remote attackers to inject arbitrary web script via HTML attributes in page templates. | |||||
| CVE-2004-0317 | 1 Platform | 1 Lsf | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in eauth in Load Sharing Facility 4.x, 5.x, and 6.x allows local users or remote attackers within the LSF cluster to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a long LSF_From_PC parameter. | |||||
| CVE-2006-0500 | 1 Punctweb | 1 Myco Guestbook | 2025-04-03 | 7.5 HIGH | N/A |
| MyCO Guestbook 1.0 stores the admin directory under the web document root with insufficient access control, which allows remote attackers to perform unspecified privileged actions by directly accessing files via a URL. | |||||
| CVE-2005-2858 | 1 Rediff | 1 Bol | 2025-04-03 | 5.0 MEDIUM | N/A |
| The Fetch.FetchContact.1 ActiveX control (Fetch.dll) for Rediff Bol 7.0 allows remote attackers to read the Windows Address Book via the FullAddressBook method. | |||||
| CVE-2004-2492 | 1 Hitachi | 1 Groupmax World Wide Web Desktop | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Groupmax World Wide Web (GmaxWWW) Desktop 5, 6, and Desktop for Jichitai 6, allows remote attackers to inject arbitrary web script or HTML via the QUERY parameter. | |||||
| CVE-2000-0223 | 1 Sam Hawker | 1 Wmcdplay | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in the wmcdplay CD player program for the WindowMaker desktop allows local users to gain root privileges via a long parameter. | |||||
| CVE-2002-2145 | 1 Savant | 1 Savant Webserver | 2025-04-03 | 7.5 HIGH | N/A |
| Savant Web Server 3.1 and earlier allows remote attackers to bypass authentication for password protected user folders via a URL with a hex encoded space (%20) and a '.' (%2e) at the end of the filename. | |||||
| CVE-2004-1985 | 2 Coppermine, Francisco Burzi | 2 Coppermine Photo Gallery, Php-nuke | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in menu.inc.php in Coppermine Photo Gallery 1.2.2b allows remote attackers to inject arbitrary HTML or web script via the CPG_URL parameter. | |||||
| CVE-2003-0415 | 1 Access-remote-pc.com | 1 Remote Pc Access | 2025-04-03 | 5.0 MEDIUM | N/A |
| Remote PC Access Server 2.2 allows remote attackers to cause a denial of service (crash) by receiving packets from the server and sending them back to the server. | |||||
| CVE-2002-0703 | 1 Gisle Aas | 1 Digest-md5 | 2025-04-03 | 7.5 HIGH | N/A |
| An interaction between the Perl MD5 module (perl-Digest-MD5) and Perl could produce incorrect MD5 checksums for UTF-8 data, which could prevent a system from properly verifying the integrity of the data. | |||||
| CVE-2005-0444 | 1 Vmware | 1 Workstation | 2025-04-03 | 4.6 MEDIUM | N/A |
| VMware before 4.5.2.8848-r5 searches for gdk-pixbuf shared libraries using a path that includes the rrdharan world-writable temporary directory, which allows local users to execute arbitrary code. | |||||
| CVE-2005-2143 | 1 Microsoft | 1 Frontpage | 2025-04-03 | 5.0 MEDIUM | N/A |
| Microsoft Front Page allows attackers to cause a denial of service (crash) via a crafted style tag in a web page. | |||||