Total
29838 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-4425 | 1 Coinsoft Technologies | 1 Phpcoin | 2025-04-03 | 5.1 MEDIUM | N/A |
| Multiple PHP remote file inclusion vulnerabilities in phpCOIN 1.2.3 allow remote attackers to execute arbitrary PHP code via the _CCFG[_PKG_PATH_INCL] parameter in coin_includes scripts including (1) api.php, (2) common.php, (3) core.php, (4) custom.php, (5) db.php, (6) redirect.php or (7) session_set.php. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | |||||
| CVE-2004-0833 | 1 Debian | 1 Debian Linux | 2025-04-03 | 7.5 HIGH | N/A |
| Sendmail before 8.12.3 on Debian GNU/Linux, when using sasl and sasl-bin, uses a Sendmail configuration script with a fixed username and password, which could allow remote attackers to use Sendmail as an open mail relay and send spam messages. | |||||
| CVE-2005-0446 | 1 Squid | 1 Squid | 2025-04-03 | 5.0 MEDIUM | N/A |
| Squid 2.5.STABLE8 and earlier allows remote attackers to cause a denial of service (crash) via certain DNS responses regarding (1) Fully Qualified Domain Names (FQDN) in fqdncache.c or (2) IP addresses in ipcache.c, which trigger an assertion failure. | |||||
| CVE-2006-4724 | 1 Adobe | 1 Coldfusion | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the ColdFusion Flash Remoting Gateway in Adobe ColdFusion MX 7 and 7.01 allows remote attackers to cause a denial of service (infinite loop) via unspecified vectors involving a crafted command. | |||||
| CVE-2006-2835 | 1 Arabless | 1 Saphplesson | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in saphplesson 2.0 allows remote attackers to execute arbitrary SQL commands via the (1) forumid parameter in add.php and (2) lessid parameter in show.php. | |||||
| CVE-2000-0395 | 1 Computalynx | 1 Cproxy Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Buffer overflow in CProxy 3.3 allows remote users to cause a denial of service via a long HTTP request. | |||||
| CVE-2006-4460 | 1 Clemens Wacha | 1 Php Iaddressbook | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in PHP iAddressBook before 0.96 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2003-1124 | 1 Sun | 1 Management\+center | 2025-04-03 | 4.6 MEDIUM | N/A |
| Unknown vulnerability in Sun Management Center (SunMC) 2.1.1, 3.0, and 3.0 Revenue Release (RR), when installed and run by root, allows local users to create or modify arbitrary files. | |||||
| CVE-2006-2135 | 1 Ruperts News | 1 Ruperts News | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in login.php in Ruperts News allows remote attackers to execute arbitrary SQL commands via the username parameter. | |||||
| CVE-2006-4055 | 1 Tsep | 1 Tsep | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Olaf Noehring The Search Engine Project (TSEP) 0.942 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the tsep_config[absPath] parameter to (1) include/colorswitch.php, (2) contentimages.class.php, (3) ipfunctions.php, (4) configfunctions.php, (5) printpagedetails.php, or (6) log.class.php. NOTE: the copyright.php vector is already covered by CVE-2006-3993. | |||||
| CVE-2000-1049 | 1 Macromedia | 1 Jrun | 2025-04-03 | 5.0 MEDIUM | N/A |
| Allaire JRun 3.0 http servlet server allows remote attackers to cause a denial of service via a URL that contains a long string of "." characters. | |||||
| CVE-2000-0437 | 1 Network Associates | 3 Gauntlet Firewall, Webshield, Webshield E-ppliance | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in the CyberPatrol daemon "cyberdaemon" used in gauntlet and WebShield allows remote attackers to cause a denial of service or execute arbitrary commands. | |||||
| CVE-1999-0393 | 1 Eric Allman | 1 Sendmail | 2025-04-03 | 5.0 MEDIUM | N/A |
| Remote attackers can cause a denial of service in Sendmail 8.8.x and 8.9.2 by sending messages with a large number of headers. | |||||
| CVE-2006-2790 | 1 Sun | 1 Storage Automated Diagnostic Environment | 2025-04-03 | 7.2 HIGH | N/A |
| A package component in Sun Storage Automated Diagnostic Environment (StorADE) 2.4 uses world-writable permissions for certain critical files and directories, which allows local users to gain privileges. | |||||
| CVE-1999-0966 | 1 Sun | 1 Sunos | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in Solaris getopt in libc allows local users to gain root privileges via a long argv[0]. | |||||
| CVE-2006-0520 | 1 Dragoran | 1 Portal Module | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability index.php in Dragoran Portal module 1.3 for Invision Power Board (IPB) allows remote attackers to execute arbitrary SQL commands via the site parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2005-4508 | 1 Nexus Concepts | 1 Dev Hound | 2025-04-03 | 5.0 MEDIUM | N/A |
| Nexus Concepts Dev Hound 2.24 and earlier allows remote attackers to obtain the installation path via a URL containing a non-existent .dll file. | |||||
| CVE-2005-0070 | 1 Synaesthesia | 1 Synaesthesia | 2025-04-03 | 7.2 HIGH | N/A |
| Synaesthesia 2.1 and earlier, and possibly other versions, when installed setuid root, does not drop privileges before processing configuration and mixer files, which allows local users to read arbitrary files. | |||||
| CVE-1999-0058 | 1 Php | 1 Php | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in PHP cgi program, php.cgi allows shell access. | |||||
| CVE-2004-2595 | 1 Id Software | 1 Quake Ii Server Linux | 2025-04-03 | 5.0 MEDIUM | N/A |
| Absolute path traversal vulnerability in Quake II server before R1Q2 on Linux, as used in multiple products, allows remote attackers to cause a denial of service (application crash) via a download command with a full pathname for a directory in the argument, which causes the server to crash when it cannot read data. | |||||