Total
29827 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-1319 | 1 Runit | 1 Runit | 2025-04-03 | 6.2 MEDIUM | N/A |
| chpst in runit 1.3.3-1 for Debian GNU/Linux, when compiled on little endian i386 machines against dietlibc, does not properly handle when multiple groups are specified in the -u option, which causes chpst to assign permissions for the root group due to inconsistent bit sizes for the gid_t type. | |||||
| CVE-2003-0314 | 1 Snowblind.net | 1 Snowblind Web Server | 2025-04-03 | 6.4 MEDIUM | N/A |
| Snowblind Web Server 1.0 allows remote attackers to cause a denial of service (crash) via a URL that ends in a "</" sequence. | |||||
| CVE-1999-1328 | 1 Redhat | 1 Linux | 2025-04-03 | 7.2 HIGH | N/A |
| linuxconf before 1.11.r11-rh3 on Red Hat Linux 5.1 allows local users to overwrite arbitrary files and gain root access via a symlink attack. | |||||
| CVE-2006-3260 | 1 Virtual Design Studios | 1 Vlbook | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in vlbook 1.02 allows remote attackers to inject arbitrary web script or HTML via the message parameter. | |||||
| CVE-1999-1556 | 1 Microsoft | 1 Sql Server | 2025-04-03 | 7.2 HIGH | N/A |
| Microsoft SQL Server 6.5 uses weak encryption for the password for the SQLExecutiveCmdExec account and stores it in an accessible portion of the registry, which could allow local users to gain privileges by reading and decrypting the CmdExecAccount value. | |||||
| CVE-2006-0466 | 1 Goldstag | 1 Goldstag Content Management System | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in search.asp in Goldstag Content Management System allows remote attackers to inject arbitrary web script or HTML via the text parameter. | |||||
| CVE-2002-0941 | 1 Ncipher | 2 Nforce, Nshield | 2025-04-03 | 4.6 MEDIUM | N/A |
| The ConsoleCallBack class for nCipher running under JRE 1.4.0 and 1.4.0_01, as used by the TrustedCodeTool and possibly other applications, may leak a passphrase when the user aborts an application that is prompting for the passphrase, which could allow attackers to gain privileges. | |||||
| CVE-1999-0129 | 7 Bsdi, Eric Allman, Freebsd and 4 more | 9 Bsd Os, Sendmail, Freebsd and 6 more | 2025-04-03 | 4.6 MEDIUM | N/A |
| Sendmail allows local users to write to a file and gain group permissions via a .forward or :include: file. | |||||
| CVE-2005-1851 | 1 Ekg | 1 Ekg | 2025-04-03 | 10.0 HIGH | N/A |
| A certain contributed script for ekg Gadu Gadu client 1.5 and earlier allows attackers to execute shell commands via unknown attack vectors. | |||||
| CVE-2000-0299 | 1 Apple | 1 Webobjects | 2025-04-03 | 5.0 MEDIUM | N/A |
| Buffer overflow in WebObjects.exe in the WebObjects Developer 4.5 package allows remote attackers to cause a denial of service via an HTTP request with long headers such as Accept. | |||||
| CVE-2002-1519 | 2 Rapidstream, Watchguard | 2 Rapidstream, Firebox | 2025-04-03 | 10.0 HIGH | N/A |
| Format string vulnerability in the CLI interface for WatchGuard Firebox Vclass 3.2 and earlier, and RSSA Appliance 3.0.2, allows remote attackers to cause a denial of service and possibly execute arbitrary code via format string specifiers in the password parameter. | |||||
| CVE-2006-4205 | 1 Webdynamite | 1 Projectbutler | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in WebDynamite ProjectButler 0.8.4 allow remote attackers to execute arbitrary PHP code via a URL in the rootdir parameter to /classes/ scripts including (1) Cache.class.php, (2) Customer.class.php, (3) Performance.class.php, (4) Project.class.php, (5) Representative.class.php, (6) User.class.php, or (7) common.php. | |||||
| CVE-2005-0521 | 1 Sendlink | 1 Sendlink | 2025-04-03 | 2.1 LOW | N/A |
| SendLink 1.5 stores sensitive information, possibly including passwords, in plaintext in the data.eat file, which allows local users to gain privileges. | |||||
| CVE-2003-0211 | 1 Xinetd | 1 Xinetd | 2025-04-03 | 5.0 MEDIUM | N/A |
| Memory leak in xinetd 2.3.10 allows remote attackers to cause a denial of service (memory consumption) via a large number of rejected connections. | |||||
| CVE-2006-0436 | 1 Hp | 1 Hp-ux | 2025-04-03 | 7.2 HIGH | N/A |
| Unspecified vulnerability in HP HP-UX B.11.00, B.11.04, and B.11.11 allows local users to gain privileges via unknown attack vectors. | |||||
| CVE-2005-2988 | 1 Hp | 1 Laserjet 2430 | 2025-04-03 | 5.0 MEDIUM | N/A |
| HP LaserJet 2430, and possibly other printers that use Jetdirect controls, stores information about recently printed documents without proper protection, which could allow remote attackers to obtain sensitive information via SNMP. | |||||
| CVE-2006-4197 | 1 Musicbrainz | 2 Libmusicbrainz, Libmusicbrainz Svn | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple buffer overflows in libmusicbrainz (aka mb_client or MusicBrainz Client Library) 2.1.2 and earlier, and SVN 8406 and earlier, allow remote attackers to cause a denial of service (crash) or execute arbitrary code via (1) a long Location header by the HTTP server, which triggers an overflow in the MBHttp::Download function in lib/http.cpp; and (2) a long URL in RDF data, as demonstrated by a URL in an rdf:resource field in an RDF XML document, which triggers overflows in many functions in lib/rdfparse.c. | |||||
| CVE-2006-1107 | 1 Nmdeluxe | 1 Nmdeluxe | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in news.php in NMDeluxe before 1.0.1 allows remote attackers to inject arbitrary web script or HTML via the nick parameter. | |||||
| CVE-2000-0242 | 1 Geocel | 1 Windmail | 2025-04-03 | 5.0 MEDIUM | N/A |
| WindMail allows remote attackers to read arbitrary files or execute commands via shell metacharacters. | |||||
| CVE-2006-1520 | 1 Libspf | 1 Libspf | 2025-04-03 | 6.4 MEDIUM | N/A |
| Format string vulnerability in ANSI C Sender Policy Framework library (libspf) before 1.0.0-p5, when debugging is enabled, allows remote attackers to execute arbitrary code via format string specifiers, possibly in an e-mail address. | |||||