Total
29836 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-1373 | 1 Dream4 | 1 Koobi Cms | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in index.php in Dream4 Koobi CMS 4.2.3 allow remote attackers to execute arbitrary SQL commands via the (1) q or (2) p parameters. | |||||
| CVE-2002-0928 | 1 Pirch | 1 Pirch Irc | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the Pirch 98 IRC client allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long hyperlink in a channel or private message. | |||||
| CVE-2001-1295 | 1 Grant Averett | 1 Cerberus Ftp Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Cerberus FTP Server 1.5 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the CD command. | |||||
| CVE-2002-2402 | 1 Surecom | 1 Ep-4501 | 2025-04-03 | 10.0 HIGH | N/A |
| SURECOM broadband router EP-4501 uses a default SNMP read community string of "public" and a default SNMP read/write community string of "secret," which allows remote attackers to read and modify router configuration information. | |||||
| CVE-2000-0036 | 1 Microsoft | 2 Ie, Outlook Express | 2025-04-03 | 5.0 MEDIUM | N/A |
| Outlook Express 5 for Macintosh downloads attachments to HTML mail without prompting the user, aka the "HTML Mail Attachment" vulnerability. | |||||
| CVE-2004-2337 | 1 Inlook | 1 Inlook | 2025-04-03 | 2.1 LOW | N/A |
| The /.inlook/.crypt file for inlook 0.7.3 and earlier is installed with world readable permissions, which allows local users to obtain user POP3 credentials. | |||||
| CVE-2001-1403 | 1 Mozilla | 1 Bugzilla | 2025-04-03 | 7.5 HIGH | N/A |
| Bugzilla before 2.14 includes the username and password in URLs, which could allow attackers to gain privileges by reading the information from the web server logs, or by "shoulder-surfing" and observing the web browser's location bar. | |||||
| CVE-2001-0297 | 1 Dattaraj Rao | 1 Simple Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Simple Server HTTPd 1.0 (originally Free Java Server) allows remote attackers to read arbitrary files via a .. (dot dot) in the URL. | |||||
| CVE-2004-1411 | 1 Gadu-gadu | 1 Gadu-gadu Instant Messenger | 2025-04-03 | 2.6 LOW | N/A |
| Gadu-Gadu build 155 and earlier allows remote attackers to cause a denial of service (infinite loop) via a message that contains an image whose filename does not start with restricted characters. | |||||
| CVE-1999-1418 | 1 Mirabilis | 1 Icq Web Front | 2025-04-03 | 5.0 MEDIUM | N/A |
| ICQ99 ICQ web server build 1701 with "Active Homepage" enabled generates allows remote attackers to determine the existence of files on the server by comparing server responses when a file exists ("404 Forbidden") versus when a file does not exist ("404 not found"). | |||||
| CVE-2005-4829 | 1 Virtuemart | 1 Virtuemart | 2025-04-03 | 10.0 HIGH | N/A |
| VirtueMart before 1.0.1 does not properly handle errors when a user is forbidden to read a requested page, which has unknown impact and remote attack vectors. | |||||
| CVE-2002-1920 | 1 Datawizard | 1 Ftpxq | 2025-04-03 | 5.0 MEDIUM | N/A |
| Buffer overflow in FtpXQ 2.5 allows remote attackers to cause a denial of service (crash) via a MKD command with a long directory name. | |||||
| CVE-2005-3674 | 1 Sun | 1 Solaris | 2025-04-03 | 7.8 HIGH | N/A |
| The Internet Key Exchange version 1 (IKEv1) implementation in the libike library in Sun Solaris 9 and 10 allows remote attackers to cause a denial of service (in.iked crash) via certain crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to. | |||||
| CVE-2004-1053 | 1 Freebsd | 1 Fetch | 2025-04-03 | 10.0 HIGH | N/A |
| Integer overflow in fetch on FreeBSD 4.1 through 5.3 allows remote malicious servers to execute arbitrary code via certain HTTP headers in an HTTP response, which lead to a buffer overflow. | |||||
| CVE-2006-4235 | 1 Sony | 1 Sonicstage Mastering Studio | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the import project functionality in Sony SonicStage Mastering Studio 1.1.00 through 2.2.01 allows remote attackers to execute arbitrary code via a crafted SMP file. | |||||
| CVE-2002-0151 | 1 Microsoft | 3 Windows 2000, Windows Nt, Windows Xp | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in Multiple UNC Provider (MUP) in Microsoft Windows operating systems allows local users to cause a denial of service or possibly gain SYSTEM privileges via a long UNC request. | |||||
| CVE-2005-3331 | 1 Rogers Software Source | 1 Mgdiff Patch Viewer | 2025-04-03 | 2.1 LOW | N/A |
| viewpatch in mgdiff 1.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files. | |||||
| CVE-2006-4184 | 1 Smartline | 1 Devicelock | 2025-04-03 | 4.9 MEDIUM | N/A |
| SmartLine DeviceLock before 5.73 Build 305 does not properly enforce access control lists (ACL) in raw mode, which allows local users to bypass NTFS controls and obtain sensitive information. | |||||
| CVE-2006-3250 | 1 Microsoft | 1 Windows Live Messenger | 2025-04-03 | 5.1 MEDIUM | N/A |
| Heap-based buffer overflow in Windows Live Messenger 8.0 allows user-assisted attackers to execute arbitrary code via a crafted Contact List (.ctt) file, which triggers the overflow when it is imported by the user. | |||||
| CVE-2006-3669 | 1 Mercury Messenger | 1 Mercury Messenger | 2025-04-03 | 2.1 LOW | N/A |
| Mercury Messenger, possibly 1.7.1.1 and other versions, when running on a multi-user Mac OS X platform, stores chat logs with world-readable permissions within the /Users directory, which allows local users to read the chat logs from other users. | |||||