Total
29488 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-1833 | 1 Borland Software | 1 Interbase | 2025-04-03 | 7.5 HIGH | N/A |
| The admin.ib file in Borland Interbase 7.1 for Linux has default world writable permissions, which allows local users to gain database administrative privileges. | |||||
| CVE-2005-2669 | 2 Broadcom, Ca | 28 Advantage Data Transport, Adviseit, Brightstor Portal and 25 more | 2025-04-03 | 10.0 HIGH | N/A |
| Computer Associates (CA) Message Queuing (CAM / CAFT) 1.05, 1.07 before Build 220_13, and 1.11 before Build 29_13 allows remote attackers to execute arbitrary commands via spoofed CAFT packets. | |||||
| CVE-2001-0922 | 1 Sun | 1 Netdynamics | 2025-04-03 | 7.5 HIGH | N/A |
| ndcgi.exe in Netdynamics 4.x through 5.x, and possibly earlier versions, allows remote attackers to steal session IDs and hijack user sessions by reading the SPIDERSESSION and uniqueValue variables from the login field, then using those variables after the next user logs in. | |||||
| CVE-2006-4893 | 1 Phpbb Xs | 1 Phpbb Xs | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in bb_usage_stats/includes/bb_usage_stats.php in phpBB XS 0.58 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter, a different vector than CVE-2006-4780. | |||||
| CVE-2002-0233 | 1 Eshare Communications Inc. | 1 Eshare Expressions | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in eshare Expressions 4 Web server allows remote attackers to read arbitrary files via a .. (dot dot) in an HTTP request. | |||||
| CVE-2003-0433 | 1 Gnocatan-develop | 1 Gnocatan | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple buffer overflows in gnocatan 0.6.1 and earlier allow attackers to execute arbitrary code. | |||||
| CVE-1999-0691 | 4 Cde, Digital, Ibm and 1 more | 5 Cde, Unix, Aix and 2 more | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in the AddSuLog function of the CDE dtaction utility allows local users to gain root privileges via a long user name. | |||||
| CVE-2001-1260 | 1 Avaya | 1 Argent Office | 2025-04-03 | 10.0 HIGH | N/A |
| Avaya Argent Office uses weak encryption (trivial encoding) for passwords, which allows remote attackers to gain administrator privileges by sniffing and decrypting the sniffing the passwords during a system reboot. | |||||
| CVE-2005-1144 | 1 Easyphpcalendar | 1 Easyphpcalendar | 2025-04-03 | 5.0 MEDIUM | N/A |
| popup.php in EasyPHPCalendar before 6.2.8 allows remote attackers to obtain sensitive information via an invalid ev parameter, which reveals the full pathname of the web server in a PHP error message. | |||||
| CVE-2002-1460 | 1 Leszek Krupinski | 1 L-forum | 2025-04-03 | 5.0 MEDIUM | N/A |
| L-Forum 2.40 and earlier does not properly verify whether a file was uploaded or if the associated variables were set by POST (attachment, attachment_name, attachment_size and attachment_type), which allows remote attackers to read arbitrary files. | |||||
| CVE-2006-4984 | 1 Grayscale | 1 Bandsite Cms | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Grayscale BandSite CMS allow remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[root_path] parameter in (1) adminpanel/includes/mailinglist/mlist_xls.php and (2) adminpanel/includes/add_forms/addmp3.php. NOTE: the other vectors from the original disclosure are already covered by CVE-2006-3193. | |||||
| CVE-2006-3837 | 1 Professional Home Page Tools | 1 Professional Home Page Tools Guestbook | 2025-04-03 | 5.0 MEDIUM | N/A |
| delcookie.php in Professional Home Page Tools Guestbook changes the expiration date of a cookie instead of deleting the cookie's value, which makes it easier for attackers to steal the cookie and obtain the administrator's password hash after logout. | |||||
| CVE-2005-0242 | 1 Yahoo | 1 Messenger | 2025-04-03 | 4.6 MEDIUM | N/A |
| The Audio Setup Wizard (asw.dll) in Yahoo! Messenger 6.0.0.1750, and possibly other versions, allows attackers to arbitrary code by placing a malicious ping.exe program into the Messenger program directory, which is installed with weak default permissions. | |||||
| CVE-2000-0332 | 1 Ultrascripts | 1 Ultraboard | 2025-04-03 | 5.0 MEDIUM | N/A |
| UltraBoard.pl or UltraBoard.cgi CGI scripts in UltraBoard 1.6 allows remote attackers to read arbitrary files via a pathname string that includes a dot dot (..) and ends with a null byte. | |||||
| CVE-2005-4631 | 1 Ryan Lath | 1 Zina | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Zina 0.12.07 and earlier allows remote attackers to execute arbitrary SQL commands via the p parameter. | |||||
| CVE-1999-0610 | 1 Mountain Network Systems | 1 Webcart | 2025-04-03 | 5.0 MEDIUM | N/A |
| An incorrect configuration of the Webcart CGI program could disclose private information. | |||||
| CVE-2004-1340 | 1 Debian | 1 Debian Linux | 2025-04-03 | 2.1 LOW | N/A |
| Debian GNU/Linux 3.0 installs the libpam-radius-auth package with the pam_radius_auth.conf set to be world-readable, which allows local users to obtain sensitive information. | |||||
| CVE-2005-0399 | 1 Mozilla | 3 Firefox, Mozilla, Thunderbird | 2025-04-03 | 5.1 MEDIUM | N/A |
| Heap-based buffer overflow in GIF2.cpp in Firefox before 1.0.2, Mozilla before to 1.7.6, and Thunderbird before 1.0.2, and possibly other applications that use the same library, allows remote attackers to execute arbitrary code via a GIF image with a crafted Netscape extension 2 block and buffer size. | |||||
| CVE-2005-2912 | 1 Linksys | 1 Wrt54g | 2025-04-03 | 5.0 MEDIUM | N/A |
| Linksys WRT54G router allows remote attackers to cause a denial of service (CPU consumption and server hang) via an HTTP POST request with a negative Content-Length value. | |||||
| CVE-2001-1074 | 1 Webmin | 1 Webmin | 2025-04-03 | 7.2 HIGH | N/A |
| Webmin 0.84 and earlier does not properly clear the HTTP_AUTHORIZATION environment variable when the web server is restarted, which makes authentication information available to all CGI programs and allows local users to gain privileges. | |||||