Total
29511 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-3132 | 2 Icewarp, Merak | 2 Web Mail, Mail Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| MERAK Mail Server 8.2.4r with Icewarp Web Mail 5.5.1, and possibly earlier versions, allows remote attackers to obtain sensitive information via a direct request to bwlist_inc.html, which reveals the path in an error message. | |||||
| CVE-2001-0280 | 1 Atrium Software | 1 Mercur | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in MERCUR SMTP server 3.30 allows remote attackers to execute arbitrary commands via a long EXPN command. | |||||
| CVE-2006-1028 | 1 Joomla | 1 Joomla | 2025-04-03 | 7.8 HIGH | N/A |
| feedcreator.class.php (aka the syndication component) in Joomla! 1.0.7 allows remote attackers to cause a denial of service (stressed file cache) by creating many files via filenames in the feed parameter to index.php. | |||||
| CVE-2001-0365 | 1 Qualcomm | 1 Eudora | 2025-04-03 | 7.5 HIGH | N/A |
| Eudora before 5.1 allows a remote attacker to execute arbitrary code, when the 'Use Microsoft Viewer' and 'allow executables in HTML content' options are enabled, via an HTML email message containing Javascript, with ActiveX controls and malicious code within IMG tags. | |||||
| CVE-2004-1963 | 1 Freshmeat | 1 Network Query Tool | 2025-04-03 | 5.0 MEDIUM | N/A |
| nqt.php in Network Query Tool (NQT) 1.6 allows remote attackers to obtain sensitive information via a string in the portNum parameter, which reveals the full path in an error message. | |||||
| CVE-2006-0620 | 1 Qnx | 1 Rtos | 2025-04-03 | 6.2 MEDIUM | N/A |
| Race condition in phfont in QNX Neutrino RTOS 6.2.1 allows local users to execute arbitrary code via unspecified manipulations of the PHFONT and PHOTON2_PATH environment variables. | |||||
| CVE-2005-1099 | 1 Salim Gasmi | 1 Gld | 2025-04-03 | 10.0 HIGH | N/A |
| Multiple buffer overflows in the HandleChild function in server.c in Greylisting daemon (GLD) 1.3 and 1.4, when GLD is listening on a network interface, allow remote attackers to execute arbitrary code. | |||||
| CVE-2000-0204 | 1 Trend Micro | 1 Officescan | 2025-04-03 | 5.0 MEDIUM | N/A |
| The Trend Micro OfficeScan client allows remote attackers to cause a denial of service by making 5 connections to port 12345, which raises CPU utilization to 100%. | |||||
| CVE-2006-3808 | 1 Mozilla | 2 Firefox, Seamonkey | 2025-04-03 | 7.5 HIGH | N/A |
| Mozilla Firefox before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote Proxy AutoConfig (PAC) servers to execute code with elevated privileges via a PAC script that sets the FindProxyForURL function to an eval method on a privileged object. | |||||
| CVE-2005-1608 | 1 Spidean | 2 At-lite, Autotheme | 2025-04-03 | 5.0 MEDIUM | N/A |
| Multiple unknown vulnerabilities in the Blocks module in Spidean AutoTheme 1.7 and AT-Lite for PostNuke have unknown impact. | |||||
| CVE-2006-1859 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 2.1 LOW | N/A |
| Memory leak in __setlease in fs/locks.c in Linux kernel before 2.6.16.16 allows attackers to cause a denial of service (memory consumption) via unspecified actions related to an "uninitialised return value," aka "slab leak." | |||||
| CVE-2006-0537 | 1 Kinesphere Corporation | 1 Exchange Pop3 | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the POP3 server in Kinesphere Corporation eXchange before 5.0.060125 allows remote attackers to execute arbitrary code via a long RCPT TO argument. | |||||
| CVE-2000-0337 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in Xsun X server in Solaris 7 allows local users to gain root privileges via a long -dev parameter. | |||||
| CVE-2000-0697 | 1 Sun | 1 Solaris Answerbook2 | 2025-04-03 | 10.0 HIGH | N/A |
| The administration interface for the dwhttpd web server in Solaris AnswerBook2 allows interface users to remotely execute commands via shell metacharacters. | |||||
| CVE-2005-4645 | 1 3cfr | 1 3cfr | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in 3CFR allows remote attackers to execute arbitrary SQL commands via the LangueID parameter. | |||||
| CVE-2005-3414 | 1 Eyeos Project | 1 Eyeos | 2025-04-03 | 7.5 HIGH | N/A |
| eyeOS 0.8.4 stores usrinfo.xml under the web document root with insufficient access control, which allows remote attackers to obtain user credentials. | |||||
| CVE-2000-0513 | 1 Debian | 1 Debian Linux | 2025-04-03 | 5.0 MEDIUM | N/A |
| CUPS (Common Unix Printing System) 1.04 and earlier allows remote attackers to cause a denial of service by authenticating with a user name that does not exist or does not have a shadow password. | |||||
| CVE-2004-2618 | 1 Pegasi Web Server | 1 Pegasi Web Server | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Pegasi Web Server (PWS) 0.2.2 allows remote attackers to inject arbitrary web script or HTML via the URI, directly after the initial '/' (slash). | |||||
| CVE-2005-2721 | 1 Foojan | 1 Php Weblog | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in (1) index.php or (2) admin.php in Foojan PHP Weblog allow remote attackers to inject arbitrary web script or HTML via the Referer field in the HTTP header. | |||||
| CVE-2006-3190 | 1 Hotplug Cms | 1 Hotplug Cms | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in administration/includes/login/auth.php in HotPlug CMS 1.0 allows remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) username and (2) password parameters. | |||||