Total
29576 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-0518 | 1 Freebsd | 1 Freebsd | 2025-04-03 | 5.0 MEDIUM | N/A |
| The SYN cache (syncache) and SYN cookie (syncookie) mechanism in FreeBSD 4.5 and earlier allows remote attackers to cause a denial of service (crash) (1) via a SYN packet that is accepted using syncookies that causes a null pointer to be referenced for the socket's TCP options, or (2) by killing and restarting a process that listens on the same socket, which does not properly clear the old inpcb pointer on restart. | |||||
| CVE-2005-3475 | 1 Hasbani Web Server | 1 Hasbani Web Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Hasbani Web Server (WindWeb) 2.0 allows remote attackers to cause a denial of service (infinite loop) via HTTP crafted GET requests. | |||||
| CVE-1999-0212 | 1 Sun | 1 Sunos | 2025-04-03 | 7.8 HIGH | N/A |
| Solaris rpc.mountd generates error messages that allow a remote attacker to determine what files are on the server. | |||||
| CVE-2004-1904 | 1 Panda | 1 Activescan | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in ascontrol.dll in Panda ActiveScan 5.0 allows remote attackers to execute arbitrary code via the Internacional property followed by a long string. | |||||
| CVE-2006-2075 | 1 Don Moore | 1 Mydns | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in MyDNS 1.1.0 allows remote attackers to cause a denial of service via a crafted DNS message, aka "Query-of-death," as demonstrated by the OUSPG PROTOS DNS test suite. | |||||
| CVE-2006-3385 | 1 Vincent Leclercq | 1 News | 2025-04-03 | 5.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in divers.php in Vincent Leclercq News 5.2 allows remote attackers to inject arbitrary web script or HTML via the (1) id and (2) disabled parameters. | |||||
| CVE-2002-2201 | 1 Webmin | 1 Webmin | 2025-04-03 | 10.0 HIGH | N/A |
| The Printer Administration module for Webmin 0.990 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the printer name. | |||||
| CVE-2004-0539 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | 10.0 HIGH | N/A |
| The "Show in Finder" button in the Safari web browser in Mac OS X 10.3.4 and 10.2.8 may execute downloaded applications, which could allow remote attackers to execute arbitrary code. | |||||
| CVE-2005-4171 | 1 Efiction Project | 1 Efiction | 2025-04-03 | 7.5 HIGH | N/A |
| The "Upload new image" command in the "Manage Images" eFiction 1.1, when members are allowed to upload images, allows remote attackers to execute arbitrary PHP code by uploading a filename with a .php extension that contains a GIF header, which passes the image validity check but executes any PHP code within the file. | |||||
| CVE-2002-0403 | 1 Ethereal Group | 1 Ethereal | 2025-04-03 | 5.0 MEDIUM | N/A |
| DNS dissector in Ethereal before 0.9.3 allows remote attackers to cause a denial of service (CPU consumption) via a malformed packet that causes Ethereal to enter an infinite loop. | |||||
| CVE-2004-2312 | 1 Ibm | 1 Aix | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in GNU make for IBM AIX 4.3.3, when installed setgid, allows local users to gain privileges via a long CC argument. | |||||
| CVE-2006-2102 | 1 Poweriso | 1 Poweriso | 2025-04-03 | 7.8 HIGH | N/A |
| Directory traversal vulnerability in PowerISO 2.9 allows remote attackers to write arbitrary files via a .. (dot dot) in a filename in an ISO image. | |||||
| CVE-2002-2175 | 1 Php | 1 Phpsquidpass | 2025-04-03 | 4.0 MEDIUM | N/A |
| phpSquidPass before 0.2 uses an incomplete regular expression to find a matching username in its database, which allows remote authenticated attackers to effectively delete other usernames via a short username that matches the end of the targeted username. | |||||
| CVE-2004-2209 | 1 Ideal Science | 1 Idealbb | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Ideal Science IdealBB 1.4.9 through 1.5.3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | |||||
| CVE-2005-4083 | 1 Phpbb Styles | 1 Extreme Styles Phpbb Module | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in xs_edit.php in the eXtreme Styles phpBB module 2.2.1 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the edit parameter. | |||||
| CVE-2006-2189 | 1 Servous | 1 Sblog | 2025-04-03 | 10.0 HIGH | N/A |
| SQL injection vulnerability in search.php in Servous sBLOG 0.7.2 allows remote attackers to execute arbitrary SQL commands via the keyword parameter. NOTE: this issue can be used to trigger path disclosure. In addition, it might be primary to vector 1 in CVE-2006-1135. | |||||
| CVE-2006-3813 | 1 Redhat | 1 Enterprise Linux | 2025-04-03 | 2.1 LOW | N/A |
| A regression error in the Perl package for Red Hat Enterprise Linux 4 omits the patch for CVE-2005-0155, which allows local users to overwrite arbitrary files with debugging information. | |||||
| CVE-2003-0342 | 1 Selom Ofori | 1 Blackmoon Ftp Server | 2025-04-03 | 4.6 MEDIUM | N/A |
| BlackMoon FTP Server 2.6 Free Edition, and possibly other distributions and versions, stores user names and passwords in plaintext in the blackmoon.mdb file, which can allow local users to gain privileges. | |||||
| CVE-2000-0661 | 1 Wircsrv | 1 Irc Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| WircSrv IRC Server 5.07s allows remote attackers to cause a denial of service via a long string to the server port. | |||||
| CVE-2004-2264 | 1 Gnu | 1 Less | 2025-04-03 | 6.4 MEDIUM | N/A |
| Format string bug in the open_altfile function in filename.c for GNU less 382, 381, and 358 might allow local users to cause a denial of service or possibly execute arbitrary code via format strings in the LESSOPEN environment variable. NOTE: since less is not setuid or setgid, then this is not a vulnerability unless there are plausible scenarios under which privilege boundaries could be crossed | |||||