Total
29776 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-0514 | 2025-04-03 | 5.0 MEDIUM | N/A | ||
| UDP messages to broadcast addresses are allowed, allowing for a Fraggle attack that can cause a denial of service by flooding the target. | |||||
| CVE-2003-1281 | 1 Eekim | 1 Cgihtml | 2025-04-03 | 2.1 LOW | N/A |
| cgihtml 1.69 allows local users to overwrite arbitrary files via a symlink attack on certain temporary files. | |||||
| CVE-2000-0874 | 1 Qualcomm | 1 Eudora | 2025-04-03 | 5.0 MEDIUM | N/A |
| Eudora mail client includes the absolute path of the sender's host within a virtual card (VCF). | |||||
| CVE-2004-1562 | 1 W-agora | 1 W-agora | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in redir_url.php in w-Agora 4.1.6a allows remote attackers to execute arbitrary SQL commands via the key parameter. | |||||
| CVE-2005-2008 | 1 Yaws | 1 Webserver | 2025-04-03 | 5.0 MEDIUM | N/A |
| Yaws Webserver 1.55 and earlier allows remote attackers to obtain the source code for yaws scripts via a request to a yaw script with a trailing %00 (null). | |||||
| CVE-1999-0269 | 1 Netscape | 1 Enterprise Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Netscape Enterprise servers may list files through the PageServices query. | |||||
| CVE-2002-0363 | 1 Aladdin Enterprises | 1 Ghostscript | 2025-04-03 | 7.5 HIGH | N/A |
| ghostscript before 6.53 allows attackers to execute arbitrary commands by using .locksafe or .setsafe to reset the current pagedevice. | |||||
| CVE-2004-2477 | 1 Diamondcs | 1 Process Guard Free | 2025-04-03 | 2.1 LOW | N/A |
| DiamondCS Process Guard Free 2.000 allows local users to disable the process guard protection system by overwriting the current Service Descriptor Table (SDT) in \device\physicalmemory with the original SDT found in ntoskrnl.exe. | |||||
| CVE-2004-1298 | 1 Michael Kohn | 1 Vb2c | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in the parse function in vb2c.c for vb2c 0.02 allows remote attackers to execute arbitrary code via a crafted FRM file. | |||||
| CVE-2004-1765 | 1 Mod Security | 1 Mod Security | 2025-04-03 | 7.5 HIGH | N/A |
| Off-by-one buffer overflow in ModSecurity (mod_security) 1.7.4 for Apache 2.x, when SecFilterScanPost is enabled, allows remote attackers to execute arbitrary code via crafted POST requests. | |||||
| CVE-2001-1007 | 1 Starfish | 1 Truesync Desktop | 2025-04-03 | 5.0 MEDIUM | N/A |
| Starfish Truesync Desktop 2.0b as used on the REX 5000 PDA uses a small keyspace for device keys and does not impose a delay when an incorrect key is entered, which allows attackers to more quickly guess the key via a brute force attack. | |||||
| CVE-2006-4991 | 1 Rsa | 1 Keon Certificate Authority Manager | 2025-04-03 | 3.6 LOW | N/A |
| RSA Keon Certificate Authority (KeonCA) Manager 6.5.1 and 6.6 allows privileged local users to hide malicious Certificate Authority (CA) activities by modifying CA auditor logs without detection by (1) modifying or deleting a <LOG BLOCK> and its signature from the XML log in a way that is not detected by the integrity check function that operates on the entire pool, or (2) modifying entries in the live log file, which is only signed during rotation. | |||||
| CVE-2005-0746 | 1 Novell | 1 Ichain | 2025-04-03 | 5.0 MEDIUM | N/A |
| The Mini FTP server in Novell iChain 2.2 and 2.3 SP2 and earlier allows remote unauthenticated attackers to obtain the full path of the server via the PWD command. | |||||
| CVE-2003-1126 | 1 Sun | 1 One Web Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in SunOne/iPlanet Web Server SP3 through SP5 on Windows platforms allows remote attackers to cause a denial of service. | |||||
| CVE-2002-1536 | 1 Hans Persson | 1 Molly | 2025-04-03 | 7.5 HIGH | N/A |
| Molly IRC bot 0.5 allows remote attackers to execute arbitrary commands via shell metacharacters in (1) the $host variable for nslookup.pl, (2) the $to, $from, or $message variables in pop.pl, (3) the $words or $text variables in sms.pl, or (4) the $server or $printer variables in hpled.pl. | |||||
| CVE-2005-1591 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in NIS+ on Solaris 7, 8, and 9 allows remote attackers to cause a denial of service (rpc.nisd disabled and NIS+ unavailable) via unknown vectors. | |||||
| CVE-2005-2239 | 1 Oftpd | 1 Oftpd | 2025-04-03 | 5.0 MEDIUM | N/A |
| oftpd 0.3.7 allows remote attackers to cause a denial of service via a USER command with a large number of null (\0) characters. | |||||
| CVE-2006-4879 | 1 David Bennett | 1 Php-post | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in profile.php in David Bennett PHP-Post (PHPp) 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the user parameter. | |||||
| CVE-2006-0404 | 1 Mike Macgirvin | 1 Note-a-day Weblog | 2025-04-03 | 5.0 MEDIUM | N/A |
| Note-A-Day Weblog 2.2 stores sensitive data under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request to archive/.phpass-admin, which contains encrypted passwords. | |||||
| CVE-2000-1201 | 1 Checkpoint | 1 Firewall-1 | 2025-04-03 | 5.0 MEDIUM | N/A |
| Check Point FireWall-1 allows remote attackers to cause a denial of service (high CPU) via a flood of packets to port 264. | |||||