Total
29835 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-2874 | 1 Osads Alliance Database | 1 Osads Alliance Database | 2025-04-03 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in OSADS Alliance Database before 1.4 has unknown impact and attack vectors related to a "Security Leak to lock in HTML-Code," possibly due to a cross-site scripting (XSS) vulnerability involving comments. | |||||
| CVE-2001-1370 | 1 Phplib Team | 1 Phplib | 2025-04-03 | 10.0 HIGH | N/A |
| prepend.php3 in PHPLib before 7.2d, when register_globals is enabled for PHP, allows remote attackers to execute arbitrary scripts via an HTTP request that modifies $_PHPLIB[libdir] to point to malicious code on another server, as seen in Horde 1.2.5 and earlier, IMP before 2.2.6, and other packages that use PHPLib. | |||||
| CVE-1999-0629 | 2025-04-03 | N/A | N/A | ||
| The ident/identd service is running. | |||||
| CVE-2002-1253 | 1 Abuse | 1 Abuse | 2025-04-03 | 7.2 HIGH | N/A |
| Abuse 2.00 and earlier allows local users to gain privileges via command line arguments that specify alternate Lisp scripts that run at escalated privileges, which can contain functions that execute commands or modify files. | |||||
| CVE-2005-0114 | 2 Checkpoint, Zonelabs | 3 Check Point Integrity Client, Zonealarm, Zonealarm Wireless Security | 2025-04-03 | 2.1 LOW | N/A |
| vsdatant.sys in Zone Lab ZoneAlarm before 5.5.062.011, ZoneAlarm Wireless before 5.5.080.000, Check Point Integrity Client 4.x before 4.5.122.000 and 5.x before 5.1.556.166 do not properly verify that the ServerPortName argument to the NtConnectPort function is a valid memory address, which allows local users to cause a denial of service (system crash) when ZoneAlarm attempts to dereference an invalid pointer. | |||||
| CVE-2002-1321 | 1 Realnetworks | 2 Realone Player, Realplayer | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple buffer overflows in RealOne and RealPlayer allow remote attackers to execute arbitrary code via (1) a Synchronized Multimedia Integration Language (SMIL) file with a long parameter, (2) a long long filename in a rtsp:// request, e.g. from a .m3u file, or (3) certain "Now Playing" options on a downloaded file with a long filename. | |||||
| CVE-2002-1349 | 1 Trend Micro | 2 Officescan, Pc-cillin | 2025-04-03 | 4.6 MEDIUM | N/A |
| Buffer overflow in pop3trap.exe for PC-cillin 2000, 2002, and 2003 allows local users to execute arbitrary code via a long input string to TCP port 110 (POP3). | |||||
| CVE-2005-3873 | 1 Sourceshock | 1 Shockboard | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in topic.php in ShockBoard 3.0 and 4.0 allows remote attackers to execute arbitrary SQL commands via the offset parameter. | |||||
| CVE-2005-1405 | 1 Ibm | 1 Lotus Notes | 2025-04-03 | 2.1 LOW | N/A |
| HTTP response splitting vulnerability in the @SetHTTPHeader function in Lotus Domino 6.5.x before 6.5.4 and 6.0.x before 6.0.5 allows attackers to poison the web cache via malicious applications. | |||||
| CVE-2005-4270 | 1 Watchfire | 1 Appscan Qa | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in Watchfire AppScan QA 5.0.609 and 5.0.134 allows remote web servers to execute arbitrary code via an HTTP 401 response with a WWW-Authenticate header containing a long Realm field. | |||||
| CVE-1999-0873 | 1 Sky Communications | 1 Skyfull | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in Skyfull mail server via MAIL FROM command. | |||||
| CVE-2005-3743 | 1 Simplepoll | 1 Simplepoll | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in results.php in SimplePoll allows remote attackers to execute arbitrary SQL commands via the pollid parameter. | |||||
| CVE-2006-1986 | 1 Apple | 1 Safari | 2025-04-03 | 7.5 HIGH | N/A |
| Apple Safari 2.0.3 allows remote attackers to cause a denial of service and possibly execute code via a large CELLSPACING attribute in a TABLE tag, which triggers an error in KWQListIteratorImpl::KWQListIteratorImpl. | |||||
| CVE-2001-0674 | 1 Robtex | 1 Viking Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in RobTex Viking Web server before 1.07-381 allows remote attackers to read arbitrary files via a hexadecimal encoded dot-dot attack (eg. http://www.server.com/%2e%2e/%2e%2e) in an HTTP URL request. | |||||
| CVE-2006-2396 | 1 Phpodp | 1 Phpodp | 2025-04-03 | 5.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in phpODP 1.5h allows remote attackers to inject arbitrary web script via the browse parameter. | |||||
| CVE-2001-1459 | 1 Openbsd | 1 Openssh | 2025-04-03 | 7.5 HIGH | N/A |
| OpenSSH 2.9 and earlier does not initiate a Pluggable Authentication Module (PAM) session if commands are executed with no pty, which allows local users to bypass resource limits (rlimits) set in pam.d. | |||||
| CVE-1999-1182 | 6 Caldera, Debian, Delix and 3 more | 6 Openlinux Lite, Debian Linux, Dld and 3 more | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in run-time linkers (1) ld.so or (2) ld-linux.so for Linux systems allows local users to gain privileges by calling a setuid program with a long program name (argv[0]) and forcing ld.so/ld-linux.so to report an error. | |||||
| CVE-2002-1809 | 1 Oracle | 1 Mysql | 2025-04-03 | 7.5 HIGH | N/A |
| The default configuration of the Windows binary release of MySQL 3.23.2 through 3.23.52 has a NULL root password, which could allow remote attackers to gain unauthorized root access to the MySQL database. | |||||
| CVE-2006-1066 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 1.2 LOW | N/A |
| Linux kernel 2.6.16-rc2 and earlier, when running on x86_64 systems with preemption enabled, allows local users to cause a denial of service (oops) via multiple ptrace tasks that perform single steps, which can cause corruption of the DEBUG_STACK stack during the do_debug function call. | |||||
| CVE-2005-0299 | 1 Gforge | 1 Gforge | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in GForge 3.3 and earlier allows remote attackers to list arbitrary directories via a .. (dot dot) in the (1) dir parameter to controller.php or (2) dir_name parameter to controlleroo.php. | |||||