Total
29817 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-1780 | 1 Alcatech Gmbh | 1 Bpm Studio Pro | 2025-04-03 | 5.0 MEDIUM | N/A |
| BPM Studio Pro 4.2 by ALCATech GmbH includes a webserver that allows a remote attacker to cause a denial of service (crash) by sending a URL request for a MS-DOS device such as con. NOTE: it has been disputed that this and possibly other application-level DOS device issues stem from a bug in Windows, and as such, such applications should not be considered vulnerable themselves. | |||||
| CVE-2003-0846 | 1 Suse | 1 Suse Linux | 2025-04-03 | 4.6 MEDIUM | N/A |
| SuSEconfig.javarunt in the javarunt package on SuSE Linux 7.3Pro allows local users to overwrite arbitrary files via a symlink attack on the .java_wrapper temporary file. | |||||
| CVE-2004-0608 | 10 Arush, Dreamforge, Epic Games and 7 more | 14 Devastation, Tnn Outdoors Pro Hunter, Unreal Engine and 11 more | 2025-04-03 | 10.0 HIGH | N/A |
| The Unreal Engine, as used in DeusEx 1.112fm and earlier, Devastation 390 and earlier, Mobile Forces 20000 and earlier, Nerf Arena Blast 1.2 and earlier, Postal 2 1337 and earlier, Rune 107 and earlier, Tactical Ops 3.4.0 and earlier, Unreal 1 226f and earlier, Unreal II XMP 7710 and earlier, Unreal Tournament 451b and earlier, Unreal Tournament 2003 2225 and earlier, Unreal Tournament 2004 before 3236, Wheel of Time 333b and earlier, and X-com Enforcer, allows remote attackers to execute arbitrary code via a UDP packet containing a secure query with a long value, which overwrites memory. | |||||
| CVE-2006-4444 | 1 Cybozu | 1 Garoon | 2025-04-03 | 6.5 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in Cybozu Garoon 2.1.0 for Windows allow remote authenticated users to execute arbitrary SQL commands via the (1) tid parameter in the (a) todo/view (aka TODO List View), (b) todo/modify (aka TODO List Modify), or (c) todo/delete functionality; the (2) pid parameter in the (d) workflow/view or (e) workflow/print functionality; the (3) uid parameter in the (f) schedule/user_view, (g) phonemessage/add, (h) phonemessage/history, or (i) schedule/view functionality; the (4) cid parameter in (j) todo/index; the (5) iid parameter in the (k) memo/view or (l) memo/print functionality; or the (6) event parameter in the (m) schedule/view functionality. | |||||
| CVE-2005-3949 | 1 Webcalendar | 1 Webcalendar | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in WebCalendar 1.0.1 allow remote attackers to execute arbitrary SQL commands via the (1) startid parameter to activity_log.php, (2) startid parameter to admin_handler.php, (3) template parameter to edit_template.php, and (4) multiple parameters to export_handler.php. | |||||
| CVE-2002-1515 | 1 Coolforum | 1 Coolforum | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in avatar.php in CoolForum 0.5 beta allows remote attackers to read arbitrary files via .. (dot dot) sequences in the img parameter. | |||||
| CVE-2001-0058 | 1 Cisco | 2 Broadband Operating System, Cisco 6xx Routers | 2025-04-03 | 5.0 MEDIUM | N/A |
| The Web interface to Cisco 600 routers running CBOS 2.4.1 and earlier allow remote attackers to cause a denial of service via a URL that does not end in a space character. | |||||
| CVE-2002-1498 | 1 Trevor Lee | 1 Swserver | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in SWServer 2.2 and earlier allows remote attackers to read arbitrary files via a URL containing .. sequences with "/" or "\" characters. | |||||
| CVE-2001-1215 | 1 Michael Baumer | 1 Pfinger | 2025-04-03 | 7.5 HIGH | N/A |
| Format string vulnerability in PFinger 0.7.5 through 0.7.7 allows remote attackers to execute arbitrary code via format string specifiers in a .plan file. | |||||
| CVE-2000-0523 | 1 Etype | 1 Eserv | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in the logging feature of EServ 2.9.2 and earlier allows an attacker to execute arbitrary commands via a long MKD command. | |||||
| CVE-2003-0521 | 1 Cpanel | 1 Cpanel | 2025-04-03 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in cPanel 6.4.2 allows remote attackers to insert arbitrary HTML and possibly gain cPanel administrator privileges via script in a URL that is logged but not properly quoted when displayed via the (1) Error Log or (2) Latest Visitors screens. | |||||
| CVE-2000-1048 | 1 Qbik | 1 Wingate | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the logfile service of Wingate 4.1 Beta A and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack via an HTTP GET request that uses encoded characters in the URL. | |||||
| CVE-2004-2016 | 1 Netchat | 1 Subnet Chat Application | 2025-04-03 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the HTTP server in NetChat 7.3 and earlier allows remote attackers to execute arbitrary code via a long GET request. | |||||
| CVE-2000-0131 | 1 Jgaa | 1 Warftpd | 2025-04-03 | 5.0 MEDIUM | N/A |
| Buffer overflow in War FTPd 1.6x allows users to cause a denial of service via long MKD and CWD commands. | |||||
| CVE-2006-1262 | 1 Aspportal | 1 Aspportal | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in ASPPortal 3.00 have unknown impact and attack vectors. | |||||
| CVE-2003-0901 | 1 Postgresql | 1 Postgresql | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in to_ascii for PostgreSQL 7.2.x, and 7.3.x before 7.3.4, allows remote attackers to execute arbitrary code. | |||||
| CVE-2006-1019 | 1 Ukiweb | 1 Ukiboard | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in fce.php in UKiBoard 3.0.1 allows remote attackers to inject arbitrary web script or HTML via a BBCode url tag when using the show_post function. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information, some of which reference a source URL that appears to be for an unrelated issue. | |||||
| CVE-2002-1617 | 1 Hp | 1 Tru64 | 2025-04-03 | 7.2 HIGH | N/A |
| Multiple buffer overflows in HP Tru64 UNIX 5.x allow local users to execute arbitrary code via (1) a long -contextDir argument to dtaction, (2) a long -p argument to dtprintinfo, (3) a long -customization argument to dxterm, or (4) a long DISPLAY environment variable to dtterm. | |||||
| CVE-2000-0055 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in Solaris chkperm command allows local users to gain root access via a long -n option. | |||||
| CVE-2005-0182 | 1 Mod Dosevasive | 1 Mod Dosevasive | 2025-04-03 | 5.0 MEDIUM | N/A |
| The mod_dosevasive module 1.9 and earlier for Apache creates temporary files with predictable filenames, which could allow remote attackers to overwrite arbitrary files via a symlink attack. | |||||