Total
29827 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-2633 | 1 Phptb | 1 Topic Boards | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple PHP file inclusion vulnerabilities in (1) admin_o.php, (2) board_o.php, (3) dev_o.php, (4) file_o.php or (5) tech_o.php in PHPTB Topic Board 2.0 and earlier allow remote attackers to execute arbitrary PHP code via the absolutepath parameter. | |||||
| CVE-2005-0774 | 1 Photopost | 1 Photopost Php Pro | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in member.php and possibly other scripts in PhotoPost PHP 5.0 RC3 allows remote attackers to execute arbitrary SQL commands via the uid parameter. | |||||
| CVE-2003-1183 | 1 Oracle | 1 Oracle Files | 2025-04-03 | 4.6 MEDIUM | N/A |
| The WebCache component in Oracle Files 9.0.3.1.0, 9.0.3.2.0, and 9.0.3.3.0 of Oracle Collaboration Suite Release 1 caches files despite the cacheability rules imposed by Oracle Files, which allows local users to gain access. | |||||
| CVE-2000-0006 | 2 Linux, Paul Kranenburg | 2 Linux Kernel, Strace | 2025-04-03 | 2.6 LOW | N/A |
| strace allows local users to read arbitrary files via memory mapped file names. | |||||
| CVE-2006-3682 | 1 Awstats | 1 Awstats | 2025-04-03 | 5.0 MEDIUM | N/A |
| awstats.pl in AWStats 6.5 build 1.857 and earlier allows remote attackers to obtain the installation path via the (1) year, (2) pluginmode or (3) month parameters. | |||||
| CVE-2001-1069 | 1 Adobe | 1 Acrobat Reader | 2025-04-03 | 7.2 HIGH | N/A |
| libCoolType library as used in Adobe Acrobat (acroread) on Linux creates the AdobeFnt.lst file with world-writable permissions, which allows local users to modify the file and possibly modify acroread's behavior. | |||||
| CVE-2001-0835 | 1 Bradford Barrett | 1 Webalizer | 2025-04-03 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerability in Webalizer 2.01-06, and possibly other versions, allows remote attackers to inject arbitrary HTML tags by specifying them in (1) search keywords embedded in HTTP referrer information, or (2) host names that are retrieved via a reverse DNS lookup. | |||||
| CVE-2005-0547 | 1 Hp | 1 Hp-ux | 2025-04-03 | 4.6 MEDIUM | N/A |
| Unknown vulnerability in ftpd on HP-UX B.11.00, B.11.04, B.11.11, B.11.22, and B.11.23 allows remote authenticated users to gain "unauthorized access to files." | |||||
| CVE-2005-2431 | 1 Gforge | 1 Gforge | 2025-04-03 | 5.0 MEDIUM | N/A |
| The (1) lost password and (2) account pending features in GForge 4.5 do not properly set a limit on the number of e-mails sent to an e-mail address, which allows remote attackers to send a large number of messages to arbitrary e-mail addresses (aka mail bomb). | |||||
| CVE-2005-1732 | 1 Metro Marketing | 1 Cookie Cart | 2025-04-03 | 5.0 MEDIUM | N/A |
| Cookie Cart allows remote attackers to read the Order Notification list via the testmycgi and path parameters to testmy.cgi. | |||||
| CVE-2005-1164 | 1 Yager Development | 1 Yager Game | 2025-04-03 | 5.0 MEDIUM | N/A |
| Yager 5.24 and earlier allows remote attackers to cause a denial of service (application hang) via a packet with a game header that provides less data than indicated by the length. | |||||
| CVE-2004-0994 | 2 Debian, Zgv | 3 Debian Linux, Xzgv Image Viewer, Zgv Image Viewer | 2025-04-03 | 10.0 HIGH | N/A |
| Multiple integer overflows in xzgv 0.8 and earlier allow remote attackers to execute arbitrary code via images with large width and height values, which trigger a heap-based buffer overflow, as demonstrated in the read_prf_file function in readprf.c. NOTE: CVE-2004-0994 and CVE-2004-1095 identify sets of bugs that only partially overlap, despite having the same developer. Therefore, they should be regarded as distinct. | |||||
| CVE-2000-1042 | 1 Mandrakesoft | 1 Mandrake Linux | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in ypserv in Mandrake Linux 7.1 and earlier, and possibly other Linux operating systems, allows an attacker to gain root privileges when ypserv is built without a vsyslog() function. | |||||
| CVE-2006-0856 | 1 Scriptme | 1 Sme Gb Host | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in login.php in Scriptme SmE GB Host 1.21 allows remote attackers to execute arbitrary SQL commands and bypass authentication via the Username parameter. | |||||
| CVE-2000-1115 | 1 Software602 | 1 602pro Lan Suite | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in remote web administration component (webprox.dll) of 602Pro LAN SUITE before 2000.0.1.33 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long GET request. | |||||
| CVE-2004-1561 | 1 Icecast | 1 Icecast | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in Icecast 2.0.1 and earlier allows remote attackers to execute arbitrary code via an HTTP request with a large number of headers. | |||||
| CVE-2004-0390 | 1 Sco | 1 Openserver | 2025-04-03 | 7.5 HIGH | N/A |
| SCO OpenServer 5.0.5 through 5.0.7 only supports Xauthority style access control when users log in using scologin, which allows remote attackers to gain unauthorized access to an X session via other X login methods. | |||||
| CVE-2004-0277 | 1 Bolintech | 1 Dream Ftp Server | 2025-04-03 | 10.0 HIGH | N/A |
| Format string vulnerability in Dream FTP 1.02 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in the username. | |||||
| CVE-2006-1201 | 1 Eschew.net | 1 Phpbannerexchange | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in resetpw.php in eschew.net phpBannerExchange 2.0 and earlier, and other versions before 2.0 Update 5, allows remote attackers to read arbitrary files via a .. (dot dot) in the email parameter during a "Recover password" operation (recoverpw.php). | |||||
| CVE-1999-0054 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 5.0 MEDIUM | N/A |
| Sun's ftpd daemon can be subjected to a denial of service. | |||||