Total
29818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-1642 | 1 Woltlab | 1 Burning Board | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the verify_email function in Woltlab Burning Board 2.x and earlier allows remote attackers to execute arbitrary SQL commands via the $email variable. | |||||
| CVE-2005-3953 | 1 Bedeng Psp | 1 Bedeng Psp | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Bedeng PSP 1.1 allows remote attackers to execute arbitrary SQL commands via the cwhere parameter to (1) index.php and (2) download.php, or (3) ckode parameter to baca.php. | |||||
| CVE-2006-4548 | 1 E107 | 1 E107 | 2025-04-03 | 7.5 HIGH | N/A |
| e107 0.75 and earlier does not properly unset variables when the input data includes a numeric parameter with a value matching an alphanumeric parameter's hash value, which allows remote attackers to execute arbitrary PHP code via the tinyMCE_imglib_include image/jpeg parameter in e107_handlers/tiny_mce/plugins/ibrowser/ibrowser.php, as demonstrated by a multipart/form-data request. NOTE: it could be argued that this vulnerability is due to a bug in the unset PHP command (CVE-2006-3017) and the proper fix should be in PHP; if so, then this should not be treated as a vulnerability in e107. | |||||
| CVE-2002-1609 | 1 Hp | 2 Hp-ux, Tru64 | 2025-04-03 | 4.6 MEDIUM | N/A |
| Buffer overflow in binmail in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to gain privileges. | |||||
| CVE-2001-0287 | 1 Symantec Veritas | 1 Cluster Server | 2025-04-03 | 2.1 LOW | N/A |
| VERITAS Cluster Server (VCS) 1.3.0 on Solaris allows local users to cause a denial of service (system panic) via the -L option to the lltstat command. | |||||
| CVE-2006-2919 | 1 Microsoft | 1 Netmeeting | 2025-04-03 | 7.8 HIGH | N/A |
| Unspecified vulnerability in Microsoft NetMeeting 3.01 allows remote attackers to cause a denial of service (crash or CPU consumption) and possibly execute arbitrary code via crafted inputs that trigger memory corruption. | |||||
| CVE-2005-1660 | 1 Htmljunction | 1 Ezguestbook | 2025-04-03 | 7.5 HIGH | N/A |
| HTMLJunction EZGuestbook stores the guestbook.mdb file under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as the administrative password. | |||||
| CVE-2004-0560 | 1 University Of Minnesota | 1 Gopherd | 2025-04-03 | 7.5 HIGH | N/A |
| Integer overflow in gopher daemon (gopherd) 3.0.3 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted content of a certain size that triggers the overflow. | |||||
| CVE-2006-4124 | 1 Lesstif | 1 Lesstif | 2025-04-03 | 4.6 MEDIUM | N/A |
| The libXm library in LessTif 0.95.0 and earlier allows local users to gain privileges via the DEBUG_FILE environment variable, which is used to create world-writable files when libXm is run from a setuid program. | |||||
| CVE-2001-0471 | 1 Ssh | 1 Ssh | 2025-04-03 | 7.5 HIGH | N/A |
| SSH daemon version 1 (aka SSHD-1 or SSH-1) 1.2.30 and earlier does not log repeated login attempts, which could allow remote attackers to compromise accounts without detection via a brute force attack. | |||||
| CVE-2005-1649 | 1 Microsoft | 2 Windows 2003 Server, Windows Xp | 2025-04-03 | 5.0 MEDIUM | N/A |
| The IPv6 support in Windows XP SP2, 2003 Server SP1, and Longhorn, with Windows Firewall turned off, allows remote attackers to cause a denial of service (CPU consumption) via a TCP packet with the SYN flag set and the same destination and source address and port, a variant of CVE-2005-0688 and a reoccurrence of the "Land" vulnerability (CVE-1999-0016). | |||||
| CVE-2006-0643 | 1 Wiredred | 1 E Pop Web Conferencing | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in WiredRed e/pop Web Conferencing 4.1.0.755 allows remote authenticated users to inject arbitrary web script or HTML via the topic name of a conference. | |||||
| CVE-2000-0991 | 1 Hilgraeve | 1 Hyperterminal | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in Hilgraeve, Inc. HyperTerminal client on Windows 98, ME, and 2000 allows remote attackers to execute arbitrary commands via a long telnet URL, aka the "HyperTerminal Buffer Overflow" vulnerability. | |||||
| CVE-2006-4005 | 1 Bomberclone | 1 Bomberclone | 2025-04-03 | 5.0 MEDIUM | N/A |
| BomberClone 0.11.6 and earlier allows remote attackers to cause a denial of service (daemon crash) via (1) a certain malformed PKGF_ackreq packet, which triggers a crash in the rscache_add() function in pkgcache.c; and (2) an error packet, which is intended to be received by clients and force client shutdown, but also triggers server shutdown. | |||||
| CVE-2005-0869 | 1 Phpsysinfo | 1 Phpsysinfo | 2025-04-03 | 5.0 MEDIUM | N/A |
| phpSysInfo 2.3 allows remote attackers to obtain sensitive information via a direct request to (1) class.OpenBSD.inc.php, (2) class.NetBSD.inc.php, (3) class.FreeBSD.inc.php, (4) class.Darwin.inc.php, (5) XPath.class.php, (6) system_header.php, or (7) system_footer.php, which reveal the path in a PHP error message. | |||||
| CVE-2005-2081 | 1 Digium | 1 Asterisk | 2025-04-03 | 5.0 MEDIUM | N/A |
| Stack-based buffer overflow in the function that parses commands in Asterisk 1.0.7, when the 'write = command' option is enabled, allows remote attackers to execute arbitrary code via a command that has two double quotes followed by a tab character. | |||||
| CVE-2004-0724 | 1 Valve Software | 2 Half-life, Half-life Dedicated Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| The Half-Life engine before July 7 2004 allows remote attackers to cause a denial of service (server or client crash) via an empty fragmented packet. | |||||
| CVE-2001-0599 | 1 Sybase | 1 Adaptive Server Anywhere | 2025-04-03 | 5.0 MEDIUM | N/A |
| Sybase Adaptive Server Anywhere Database Engine 6.0.3.2747 and earlier as included with Symantec Ghost 6.5 allows a remote attacker to create a denial of service by sending large (> 45Kb) amounts of data to port 2638. | |||||
| CVE-1999-1560 | 1 Tamu | 1 Tiger | 2025-04-03 | 7.2 HIGH | N/A |
| Vulnerability in a script in Texas A&M University (TAMU) Tiger allows local users to execute arbitrary commands as the Tiger user, usually root. | |||||
| CVE-2006-3485 | 1 Astrodog Press | 1 Some Chess | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in AstroDog Press Some Chess 1.5-RC2 and earlier allow remote attackers to execute arbitrary SQL commands via unspecified vectors, possibly including the gameID parameter in board.php. | |||||