Total
29804 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-2588 | 1 Russcom Network | 1 Phpimages | 2025-04-03 | 5.0 MEDIUM | N/A |
| Russcom PHPImages allows remote attackers to upload files of arbitrary types by uploading a file with a .gif extension. NOTE: due to lack of specific information about attack vectors do not depend on the existence of another vulnerability, it is not clear whether this is a vulnerability. | |||||
| CVE-2004-0180 | 1 Cvs | 1 Cvs | 2025-04-03 | 2.6 LOW | N/A |
| The client for CVS before 1.11 allows a remote malicious CVS server to create arbitrary files using certain RCS diff files that use absolute pathnames during checkouts or updates, a different vulnerability than CVE-2004-0405. | |||||
| CVE-2001-1126 | 1 Symantec | 1 Liveupdate | 2025-04-03 | 5.0 MEDIUM | N/A |
| Symantec LiveUpdate 1.4 through 1.6, and possibly later versions, allows remote attackers to cause a denial of service (flood) via DNS spoofing of the update.symantec.com site. | |||||
| CVE-2004-0314 | 1 Freewebs | 1 Webzedit | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in done.jsp in WebzEdit 1.9 and earlier allows remote attackers to execute arbitrary script as other users via the message parameter. | |||||
| CVE-2005-0216 | 1 Woltlab | 1 Burning Board Lite | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in formmail.php in Woltlab Burning Board Lite 1.0.0, 1.0.1e, and possibly other versions, allows remote attackers to inject arbitrary web script and HTML via the userid parameter. | |||||
| CVE-2001-0463 | 1 Acme Labs | 1 Perlcal | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in cal_make.pl in PerlCal allows remote attackers to read arbitrary files via a .. (dot dot) in the p0 parameter. | |||||
| CVE-2000-0172 | 2 Matt Kimball And Roger Wolff, Turbolinux | 2 Mtr, Turbolinux | 2025-04-03 | 7.2 HIGH | N/A |
| The mtr program only uses a seteuid call when attempting to drop privileges, which could allow local users to gain root privileges. | |||||
| CVE-2005-3390 | 1 Php | 1 Php | 2025-04-03 | 7.5 HIGH | N/A |
| The RFC1867 file upload feature in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5, when register_globals is enabled, allows remote attackers to modify the GLOBALS array and bypass security protections of PHP applications via a multipart/form-data POST request with a "GLOBALS" fileupload field. | |||||
| CVE-1999-1370 | 1 Microsoft | 1 Internet Explorer | 2025-04-03 | 7.2 HIGH | N/A |
| The setup wizard (ie5setup.exe) for Internet Explorer 5.0 disables (1) the screen saver, which could leave the system open to users with physical access if a failure occurs during an unattended installation, and (2) the Task Scheduler Service, which might prevent the scheduled execution of security-critical programs. | |||||
| CVE-2005-2647 | 1 Xerox | 7 Document Centre 265, Document Centre 332, Document Centre 340 and 4 more | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Xerox MicroServer Web Server in Document Centre 220 through 265, 332 and 340, 420 through 490, and 535 through 555 allows remote attackers to inject arbitrary web script or HTML and modify web pages via unknown vectors. | |||||
| CVE-2003-1321 | 1 Avant Force | 1 Avant Browser | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in Avant Browser 8.02 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long URL in an HTTP request. | |||||
| CVE-1999-0264 | 1 Miva | 1 Htmlscript | 2025-04-03 | 5.0 MEDIUM | N/A |
| htmlscript CGI program allows remote read access to files. | |||||
| CVE-2006-0876 | 1 Popfile | 1 Popfile | 2025-04-03 | 5.0 MEDIUM | N/A |
| POPFile before 0.22.4 allows remote attackers to cause a denial of service (application crash) via unspecified vectors involving character sets within e-mail messages. | |||||
| CVE-2006-2149 | 1 Avatic | 1 Aardvark Topsites Php | 2025-04-03 | 6.4 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in sources/lostpw.php in Aardvark Topsites PHP 4.2.2 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via the CONFIG[path] parameter, as demonstrated by including a GIF that contains PHP code. | |||||
| CVE-2005-2265 | 1 Mozilla | 2 Firefox, Mozilla | 2025-04-03 | 5.0 MEDIUM | N/A |
| Firefox before 1.0.5, Mozilla before 1.7.9, and Netscape 8.0.2 and 7.2 allows remote attackers to cause a denial of service (access violation and crash), and possibly execute arbitrary code, by calling InstallVersion.compareTo with an object instead of a string. | |||||
| CVE-2005-3694 | 1 Centericq | 1 Centericq | 2025-04-03 | 7.8 HIGH | N/A |
| centericq 4.20.0-r3 with "Enable peer-to-peer communications" set allows remote attackers to cause a denial of service (segmentation fault and crash) via short zero-length packets, and possibly packets of length 1 or 2, as demonstrated using Nessus. | |||||
| CVE-2006-0441 | 1 Karjasoft | 1 Sami Ftp Server | 2025-04-03 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in Sami FTP Server 2.0.1 allows remote attackers to execute arbitrary code via a long USER command, which triggers the overflow when the log is viewed. | |||||
| CVE-2006-0407 | 1 Azbb | 1 Az Bulletin Board | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in post.php in AZ Bulletin Board (AZbb) 1.1.00 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) nickname parameter and (2) an iframe tag in the topic parameter. NOTE: the original disclosure specified the name parameter, but a correction was later provided. NOTE: followup posts have both disputed and confirmed the original claim. | |||||
| CVE-2006-4679 | 1 Andreas Gohr | 1 Dokuwiki | 2025-04-03 | 5.0 MEDIUM | N/A |
| DokuWiki before 2006-03-09c enables the debug feature by default, which allows remote attackers to obtain sensitive information by calling doku.php with the X-DOKUWIKI-DO HTTP header set to "debug". | |||||
| CVE-2006-4121 | 1 See-commerce | 1 See-commerce | 2025-04-03 | 5.1 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in owimg.php3 in See-Commerce 1.0.625 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the path parameter. | |||||