Total
29573 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-0708 | 1 Infodrom | 1 Cfingerd | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in cfingerd allows local users to gain root privileges via a long GECOS field. | |||||
| CVE-2000-0956 | 1 Carnegie Mellon University | 1 Cyrus-sasl | 2025-04-03 | 4.6 MEDIUM | N/A |
| cyrus-sasl before 1.5.24 in Red Hat Linux 7.0 does not properly verify the authorization for a local user, which could allow the users to bypass specified access restrictions. | |||||
| CVE-2006-2105 | 1 Jupiter Cms | 1 Jupiter Cms | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in Jupiter CMS 1.1.4 and 1.1.5 allows remote attackers to read arbitrary files via ".." sequences terminated by a %00 (null) character in the n parameter. | |||||
| CVE-2006-4536 | 1 Cms Frogss | 1 Cms Frogss | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in module/rejestracja.php in CMS Frogss 0.4 and earlier allows remote attackers to execute arbitrary SQL commands via the podpis parameter. | |||||
| CVE-2006-0879 | 1 Phpoutsourcing | 1 Noahs Classifieds | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the search tool in Noah's Classifieds 1.3 allows remote attackers to execute arbitrary SQL commands via unspecified attack vectors. | |||||
| CVE-2000-0875 | 1 Texas Imperial Software | 2 Wftpd, Wftpd Pro | 2025-04-03 | 5.0 MEDIUM | N/A |
| WFTPD and WFTPD Pro 2.41 RC12 allows remote attackers to cause a denial of service by sending a long string of unprintable characters. | |||||
| CVE-2004-2243 | 1 Phorum | 1 Phorum | 2025-04-03 | 7.5 HIGH | N/A |
| Phorum allows remote attackers to hijack sessions of other users by stealing and replaying the session hash in the phorum_uriauth parameter, as demonstrated using profile.php. NOTE: the affected version was reported to be 4.3.7, but this may be erroneous. | |||||
| CVE-2006-2449 | 1 Kde | 1 Kde | 2025-04-03 | 4.0 MEDIUM | N/A |
| KDE Display Manager (KDM) in KDE 3.2.0 up to 3.5.3 allows local users to read arbitrary files via a symlink attack related to the session type for login. | |||||
| CVE-2005-1955 | 1 Singapore | 1 Singapore | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in singapore 0.9.11 allows remote attackers to inject arbitrary web script or HTML via the gallery parameter. | |||||
| CVE-2005-0433 | 1 Francisco Burzi | 1 Php-nuke | 2025-04-03 | 5.0 MEDIUM | N/A |
| Php-Nuke 7.5 allows remote attackers to determine the full path of the web server via invalid or missing arguments to (1) db.php, (2) mainfile.php, (3) Downloads/index.php, or (4) Web_Links/index.php, which lists the path in a PHP error message. | |||||
| CVE-2004-2281 | 1 Ibm | 1 Lotus Notes | 2025-04-03 | 10.0 HIGH | N/A |
| Multiple unknown vulnerabilities in IBM Lotus Notes 6.5.x before 6.5.4 and 6.0.x before 6.0.5 have unknown impact and attack vectors, related to Java applets, as identified by (1) KSPR5YS6GR and (2) KSPR62F4D3. | |||||
| CVE-2004-1786 | 1 Iatek | 1 Portalapp | 2025-04-03 | 5.0 MEDIUM | N/A |
| PortalApp places user credentials under the web root with insufficient access control, which allows remote attackers to gain access to sensitive information via a direct request to 8275.mdb. | |||||
| CVE-2005-2746 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Mail.app in Mail for Apple Mac OS X 10.3.9 and 10.4.2 includes message contents when using auto-reply rules, which could cause Mail.app to include decrypted message contents for encrypted messages. | |||||
| CVE-2006-3026 | 1 Clicktech | 1 Clickgallery | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in ClickGallery 5.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) gallery_id parameter in gallery.asp and (2) parentcurrentpage parameter in view_gallery.asp. | |||||
| CVE-2005-1039 | 1 Gnu | 1 Coreutils | 2025-04-03 | 3.7 LOW | N/A |
| Race condition in Core Utilities (coreutils) 5.2.1, when (1) mkdir, (2) mknod, or (3) mkfifo is running with the -m switch, allows local users to modify permissions of other files. | |||||
| CVE-2002-0608 | 1 Matu | 1 Matu Ftp | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in Matu FTP client 1.74 allows remote FTP servers to execute arbitrary code via a long "220" banner. | |||||
| CVE-2005-4869 | 1 Ibm | 1 Db2 | 2025-04-03 | 2.1 LOW | N/A |
| The (1) to_char and (2) to_date function in IBM DB2 8.1 allows local users to cause a denial of service (application crash) via an empty string in the second parameter, which causes a null pointer dereference. | |||||
| CVE-2004-1793 | 1 Yatsoft | 1 Switch Off | 2025-04-03 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in swnet.dll in YaSoft Switch Off 2.3 and earlier allows remote authenticated users to execute arbitrary code via a long message parameter in a SendMsg action to action.htm. | |||||
| CVE-2004-2224 | 1 Appfoundry | 1 Message Foundry | 2025-04-03 | 5.0 MEDIUM | N/A |
| Appfoundry Message Foundry 2.75 .0003 allows remote attackers to cause a denial of service (crash) via an HTTP GET request that contains MS-DOS device names such as com1. | |||||
| CVE-2002-0370 | 5 Allume Systems Division, Ibm, Microsoft and 2 more | 7 Stuffit Expander, Lotus Notes, Windows 98 Plus Pack and 4 more | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the ZIP capability for multiple products allows remote attackers to cause a denial of service or execute arbitrary code via ZIP files containing entries with long filenames, including (1) Microsoft Windows 98 with Plus! Pack, (2) Windows XP, (3) Windows ME, (4) Lotus Notes R4 through R6 (pre-gold), (5) Verity KeyView, and (6) Stuffit Expander before 7.0. | |||||