Total
29836 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-2560 | 1 Andreas Gohr | 1 Dokuwiki | 2025-04-03 | 7.5 HIGH | N/A |
| DokuWiki before 2004-10-19, when used on a web server that permits execution based on file extension, allows remote attackers to execute arbitrary code by uploading a file with an appropriate extension such as ".php" or ".cgi". | |||||
| CVE-2005-1161 | 1 Oneworldstore | 1 Oneworldstore | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in OneWorldStore allow remote attackers to execute arbitrary SQL commands via the idProduct parameter to (1) owAddItem.asp or (2) owProductDetail.asp, (3) idCategory parameter to owListProduct.asp, or (4) bSpecials parameter to owListProduct.asp. | |||||
| CVE-1999-0774 | 1 Martin Stover | 1 Mars Nwe | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflows in Mars NetWare Emulation (NWE, mars_nwe) package via long directory names. | |||||
| CVE-2005-1994 | 1 Finjan Software | 1 Surfingate | 2025-04-03 | 5.0 MEDIUM | N/A |
| Finjan SurfinGate 7.0SP2 and SP3 allows remote attackers to download blocked files via hex-encoded characters in a filename, as demonstrated using "%2e". | |||||
| CVE-2006-2537 | 3 Horizontal Shooter Bor, Openbor, Senile Team | 3 Horizontal Shooter Bor, Openbor, Beats Of Rage | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple format string vulnerabilities in (a) OpenBOR 2.0046 and earlier, (b) Beats of Rage (BOR) 1.0029 and earlier, and (c) Horizontal Shooter BOR (HOR) 2.0000 and earlier allow remote attackers to execute code via format string specifiers in configurations used in various mod files, as demonstrated by the (1) music identifier in data/scenes/intro.txt, which is not properly handled in the update function, and (2) background identifier in data/easy/1aeasy.txt, which is not properly handled in the shutdown function. | |||||
| CVE-2002-1608 | 1 Hp | 2 Hp-ux, Tru64 | 2025-04-03 | 4.6 MEDIUM | N/A |
| Buffer overflow in traceroute in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to execute arbitrary code. | |||||
| CVE-2006-1579 | 1 Dbbs | 1 Dbbs | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in topics.php in Dynamic Bulletin Board System (DbbS) 2.0-alpha and earlier allows remote attackers to execute arbitrary SQL commands via the limite parameter. | |||||
| CVE-2001-1497 | 1 Microsoft | 2 Ie, Internet Explorer | 2025-04-03 | 2.1 LOW | N/A |
| Microsoft Internet Explorer 4.0 through 6.0 could allow local users to differentiate between alphanumeric and non-alphanumeric characters used in a password by pressing certain control keys that jump between non-alphanumeric characters, which makes it easier to conduct a brute-force password guessing attack. | |||||
| CVE-1999-0223 | 1 Sun | 1 Sunos | 2025-04-03 | 2.1 LOW | N/A |
| Solaris syslogd crashes when receiving a message from a host that doesn't have an inverse DNS entry. | |||||
| CVE-2000-0249 | 1 Ibm | 1 Aix | 2025-04-03 | 7.2 HIGH | N/A |
| The AIX Fast Response Cache Accelerator (FRCA) allows local users to modify arbitrary files via the configuration capability in the frcactrl program. | |||||
| CVE-2004-1664 | 1 Activision | 2 Call Of Duty, Call Of Duty United Offensive | 2025-04-03 | 5.0 MEDIUM | N/A |
| Call of Duty 1.4 and earlier allows remote attackers to cause a denial of service (game end) via a large (1) query or (2) reply packet, which is not properly handled by the buffer overflow protection mechanism. NOTE: this issue might overlap CVE-2005-0430. | |||||
| CVE-2002-1845 | 1 Yabb | 1 Yabb | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Yet Another Bulletin Board (YaBB) 1.40 and 1.41 allows remote attackers to inject arbitrary web script or HTML via the password (passwrd) parameter. | |||||
| CVE-2005-2243 | 1 Cisco | 1 Call Manager | 2025-04-03 | 5.0 MEDIUM | N/A |
| Memory leak in inetinfo.exe in Cisco CallManager (CCM) 3.2 and earlier, 3.3 before 3.3(5), 4.0 before 4.0(2a)SR2b, and 4.1 4.1 before 4.1(3)SR1, when Multi Level Admin (MLA) is enabled, allows remote attackers to cause a denial of service (memory consumption) via a large number of Admin Service Tool (AST) logins that fail. | |||||
| CVE-2002-0277 | 1 Add2it | 1 Mailman Free | 2025-04-03 | 7.5 HIGH | N/A |
| Add2it Mailman Free 1.73 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the list parameter. | |||||
| CVE-2006-2419 | 1 Php | 1 Directory Listing Script | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Directory Listing Script allows remote attackers to inject arbitrary web script or HTML via the dir parameter. | |||||
| CVE-2003-1022 | 1 Debian | 1 Fsp | 2025-04-03 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in fsp before 2.81.b18 allows remote users to access files outside the FSP root directory. | |||||
| CVE-2005-1287 | 1 Bk Dev | 1 Bk Forum | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in BK Forum 4.0 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to member.asp, (2) forum parameter to forum.asp, or (3) various parameters in register.asp. | |||||
| CVE-2004-0057 | 1 Lbl | 1 Tcpdump | 2025-04-03 | 5.0 MEDIUM | N/A |
| The rawprint function in the ISAKMP decoding routines (print-isakmp.c) for tcpdump 3.8.1 and earlier allows remote attackers to cause a denial of service (segmentation fault) via malformed ISAKMP packets that cause invalid "len" or "loc" values to be used in a loop, a different vulnerability than CVE-2003-0989. | |||||
| CVE-2003-0693 | 1 Openbsd | 1 Openssh | 2025-04-03 | 10.0 HIGH | N/A |
| A "buffer management error" in buffer_append_space of buffer.c for OpenSSH before 3.7 may allow remote attackers to execute arbitrary code by causing an incorrect amount of memory to be freed and corrupting the heap, a different vulnerability than CVE-2003-0695. | |||||
| CVE-2001-0389 | 1 Ibm | 2 Net.commerce, Websphere Application Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| IBM Websphere/NetCommerce3 3.1.2 allows remote attackers to determine the real path of the server by directly calling the macro.d2w macro with a NOEXISTINGHTMLBLOCK argument. | |||||