Total
29832 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-0833 | 1 Webfs | 1 Webfs | 2025-04-03 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in webfs before 1.20 allows attackers to execute arbitrary code by creating directories that result in a long pathname. | |||||
| CVE-2004-0070 | 1 Visualshapers | 1 Ezcontents | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in module.php for ezContents allows remote attackers to execute arbitrary PHP code by modifying the link parameter to reference a URL on a remote web server that contains the code. | |||||
| CVE-1999-0719 | 1 Gnu | 1 Gnumeric | 2025-04-03 | 4.6 MEDIUM | N/A |
| The Guile plugin for the Gnumeric spreadsheet package allows attackers to execute arbitrary code. | |||||
| CVE-2004-0313 | 1 Psoproxy | 1 Psoproxy Server | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in PSOProxy 0.91 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long HTTP request, as demonstrated using a long (1) GET argument or (2) method name. | |||||
| CVE-2005-1663 | 1 Jeuce | 1 Jeuce Personal Web Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Jeuce Personal Web Server 2.13 allows remote attackers to cause a denial of service (server crash) via a GET request beginning with "://". | |||||
| CVE-2000-0770 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2025-04-03 | 6.4 MEDIUM | N/A |
| IIS 4.0 and 5.0 does not properly restrict access to certain types of files when their parent folders have less restrictive permissions, which could allow remote attackers to bypass access restrictions to some files, aka the "File Permission Canonicalization" vulnerability. | |||||
| CVE-2006-1361 | 1 Oswiki | 1 Oswiki | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in OSWiki before 0.3.1 allows remote attackers to inject arbitrary web script or HTML via the username field to (1) list.rhtml or (2) show.rhtml. | |||||
| CVE-2006-3903 | 1 Mywebland | 1 Mybloggie | 2025-04-03 | 5.8 MEDIUM | N/A |
| CRLF injection vulnerability in (1) index.php and (2) admin.php in myWebland MyBloggie 2.1.3 allows remote attackers to hijack sessions and conduct cross-site scripting (XSS) attacks via a cookie. | |||||
| CVE-1999-0894 | 1 Redhat | 1 Linux | 2025-04-03 | 10.0 HIGH | N/A |
| Red Hat Linux screen program does not use Unix98 ptys, allowing local users to write to other terminals. | |||||
| CVE-2005-2433 | 1 Tincan | 1 Phplist | 2025-04-03 | 5.0 MEDIUM | N/A |
| PhpList allows remote attackers to obtain sensitive information via a direct request to (1) about.php, (2) connect.php, (3) domainstats.php or (4) usercheck.php in public_html/lists/admin directory, (5) attributes.php, (6) dbcheck.php, (7) importcsv.php, (8) user.php, (9) usermgt.php, or (10) users.php in admin/commonlib/pages directory, (11) helloworld.php, or (12) sidebar.php in public_html/lists/admin/plugins directory, or (13) main.php in public_html/lists/admin/plugsins/defaultplugin directory, which reveal the path in an error message. | |||||
| CVE-2004-2292 | 1 Alt-n | 1 Mdaemon | 2025-04-03 | 5.0 MEDIUM | N/A |
| Buffer overflow in Alt-N MDaemon 7.0.1 allows remote attackers to cause a denial of service (application crash) via a long STATUS command to the IMAP server. | |||||
| CVE-2001-1344 | 1 Cgicentral | 2 Webstore 400, Webstore 400cs | 2025-04-03 | 7.5 HIGH | N/A |
| WSSecurity.pl in WebStore allows remote attackers to bypass authentication by providing the program with a filename that exists, which is made easier by (1) inserting a null character or (2) .. (dot dot). | |||||
| CVE-2001-1013 | 1 Redhat | 1 Linux | 2025-04-03 | 5.0 MEDIUM | N/A |
| Apache on Red Hat Linux with with the UserDir directive enabled generates different error codes when a username exists and there is no public_html directory and when the username does not exist, which could allow remote attackers to determine valid usernames on the server. | |||||
| CVE-2003-1290 | 1 Bea | 1 Weblogic Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| BEA WebLogic Server and WebLogic Express 6.1, 7.0, and 8.1, with RMI and anonymous admin lookup enabled, allows remote attackers to obtain configuration information by accessing MBeanHome via the Java Naming and Directory Interface (JNDI). | |||||
| CVE-2000-0857 | 1 Sebastian Kienzl | 1 Muh | 2025-04-03 | 7.5 HIGH | N/A |
| The logging capability in muh 2.05d IRC server does not properly cleanse user-injected format strings, which allows remote attackers to cause a denial of service or execute arbitrary commands via a malformed nickname. | |||||
| CVE-2006-4822 | 1 Emusoft | 1 Emucms | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index.php in eMuSOFT emuCMS 0.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) query or (2) page parameters. | |||||
| CVE-2005-0423 | 1 Aspjar | 1 Aspjar Guestbook | 2025-04-03 | 5.0 MEDIUM | N/A |
| SQL injection vulnerability in login.asp in ASPjar Guestbook allows remote attackers to execute arbitrary SQL commands via the password field. | |||||
| CVE-2005-3875 | 1 Enterprise Heart | 1 Enterprise Connector | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Enterprise Connector 1.0.2 and earlier allow remote attackers to execute arbitrary SQL commands via the messageid parameter in (1) send.php or (2) a delete action in messages.php. | |||||
| CVE-2001-1079 | 1 Ibm | 1 Aix | 2025-04-03 | 3.6 LOW | N/A |
| create_keyfiles in PSSP 3.2 with DCE 3.1 authentication on AIX creates keyfile directories with world-writable permissions, which could allow a local user to delete key files and cause a denial of service. | |||||
| CVE-2005-1279 | 1 Lbl | 1 Tcpdump | 2025-04-03 | 5.0 MEDIUM | N/A |
| tcpdump 3.8.3 and earlier allows remote attackers to cause a denial of service (infinite loop) via a crafted (1) BGP packet, which is not properly handled by RT_ROUTING_INFO, or (2) LDP packet, which is not properly handled by the ldp_print function. | |||||