Total
29488 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-2183 | 1 Phpshare | 1 Phpshare | 2025-04-03 | 7.5 HIGH | N/A |
| phpShare.php in phpShare before 0.6 beta 3 allows remote attackers to include and execute arbitrary PHP scripts from remote servers. | |||||
| CVE-2002-1508 | 1 Openldap | 1 Openldap | 2025-04-03 | 1.2 LOW | N/A |
| slapd in OpenLDAP2 (OpenLDAP 2) 2.2.0 and earlier allows local users to overwrite arbitrary files via a race condition during the creation of a log file for rejected replication requests. | |||||
| CVE-2005-0101 | 1 Newspost | 1 Newspost | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the socket_getline function in Newspost 2.1.1 and earlier allows remote malicious NNTP servers to execute arbitrary code via a long string without a newline character. | |||||
| CVE-2005-4464 | 1 Ingate | 2 Ingate Firewall, Siparator | 2025-04-03 | 7.8 HIGH | N/A |
| Ingate Firewall before 4.3.4 and SIParator before 4.3.4 allows remote attackers to cause a denial of service (kernel deadlock) by sending a SYN packet for a TCP stream, which requires an RST packet in response. | |||||
| CVE-2006-1711 | 1 Plone | 1 Plone | 2025-04-03 | 5.0 MEDIUM | N/A |
| Plone 2.0.5, 2.1.2, and 2.5-beta1 does not restrict access to the (1) changeMemberPortrait, (2) deletePersonalPortrait, and (3) testCurrentPassword methods, which allows remote attackers to modify portraits. | |||||
| CVE-2006-0680 | 1 Plain Black | 1 Webgui | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in WebGUI before 6.8.6-gamma allows remote attackers to create an account, when anonymous registration is disabled, via a certain URL. | |||||
| CVE-2006-1864 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 4.6 MEDIUM | N/A |
| Directory traversal vulnerability in smbfs in Linux 2.6.16 and earlier allows local users to escape chroot restrictions for an SMB-mounted filesystem via "..\\" sequences, a similar vulnerability to CVE-2006-1863. | |||||
| CVE-2005-4322 | 1 Hitachi | 3 Cosminexus Collaboration Portal, Groupmax Collaboration Portal, Groupmax Collaboration Web Client | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Hitachi Cosminexus Collaboration Portal 06-00 through 06-10-/B, Groupmax Collaboration Portal 07-00 through 07-10-/B, and Groupmax Collaboration Web Client 07-00 through 07-10-/A allow remote attackers to inject arbitrary web script or HTML via the (1) Schedule and (2) Calendar components. | |||||
| CVE-2002-0851 | 1 Isdn4linux | 1 Isdn4linux | 2025-04-03 | 7.2 HIGH | N/A |
| Format string vulnerability in ISDN Point to Point Protocol (PPP) daemon (ipppd) in the ISDN4Linux (i4l) package allows local users to gain root privileges via format strings in the device name command line argument, which is not properly handled in a call to syslog. | |||||
| CVE-2005-2478 | 1 Silver-scripts | 1 Silvernews | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in SilverNews 2.0.3 allows remote attackers to execute arbitrary SQL commands via the user field on the login page in the Admin control panel. | |||||
| CVE-2003-0320 | 1 Andy Prevost | 1 Ttcms | 2025-04-03 | 7.5 HIGH | N/A |
| header.php in ttCMS 2.3 and earlier allows remote attackers to inject arbitrary PHP code by setting the ttcms_user_admin parameter to "1" and modifying the admin_root parameter to point to a URL that contains a Trojan horse header.inc.php script. | |||||
| CVE-2006-1903 | 1 Userland | 1 Manila | 2025-04-03 | 2.6 LOW | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in UserLand Manila allow remote attackers to inject arbitrary web script or HTML (1) via the referer parameter in sendMail, and via attributes of (2) the A element and certain other HTML elements in web pages edited with the editInBrowser module. NOTE: the msgReader$1 mode attack vector is already covered by CVE-2006-1769. | |||||
| CVE-2002-0036 | 1 Mit | 1 Kerberos 5 | 2025-04-03 | 5.0 MEDIUM | N/A |
| Integer signedness error in MIT Kerberos V5 ASN.1 decoder before krb5 1.2.5 allows remote attackers to cause a denial of service via a large unsigned data element length, which is later used as a negative value. | |||||
| CVE-1999-1078 | 1 Ipswitch | 1 Ws Ftp Pro | 2025-04-03 | 7.5 HIGH | N/A |
| WS_FTP Pro 6.0 uses weak encryption for passwords in its initialization files, which allows remote attackers to easily decrypt the passwords and gain privileges. | |||||
| CVE-2005-4036 | 1 Web4future | 1 Keyword Frequency Counter | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.cgi in Web4Future KeyWord Frequency Counter 1.0 allows remote attackers to inject arbitrary web script or HTML via the "remote URL." | |||||
| CVE-2001-0695 | 1 Texas Imperial Software | 1 Wftpd | 2025-04-03 | 5.0 MEDIUM | N/A |
| WFTPD 3.00 R5 allows a remote attacker to cause a denial of service by making repeated requests to cd to the floppy drive (A:\). | |||||
| CVE-2006-2696 | 1 Easy-content Forums | 1 Easy-content Forums | 2025-04-03 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerabilities in Easy-Content Forums 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) startletter parameter in userview.asp and the (2) catid parameter in topics.asp. | |||||
| CVE-2005-4793 | 1 Hitachi | 2 Cm2-network Node Manager, Jp1-cm2-network Node Manager 250 | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple unspecified vulnerabilities in the web utility function in Hitachi Cm2/Network Node Manager and JP1/Cm2/Network Node Manager before 20050930 allow attackers to execute arbitrary commands, disable services, and "exploit vulnerabilities." | |||||
| CVE-2005-1392 | 1 Phpmyadmin | 1 Phpmyadmin | 2025-04-03 | 4.6 MEDIUM | N/A |
| The SQL install script in phpMyAdmin 2.6.2 is created with world-readable permissions, which allows local users to obtain the initial database password by reading the script. | |||||
| CVE-2002-2207 | 1 Eric Rescorla | 1 Ssldump | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in ssldump 0.9b2 and earlier, when running in decryption mode, allows remote attackers to execute arbitrary code via a long RSA PreMasterSecret. | |||||