Total
29811 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-2140 | 1 Fsboard | 1 Fsboard | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in default.asp for FSboard 2.0 allows remote attackers to read arbitrary files via ".." sequences in the filename parameter. | |||||
| CVE-1999-0188 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 7.2 HIGH | N/A |
| The passwd command in Solaris can be subjected to a denial of service. | |||||
| CVE-2005-0404 | 2 Kde, Kmail | 2 Kde, Kmail | 2025-04-03 | 5.0 MEDIUM | N/A |
| KMail 1.7.1 in KDE 3.3.2 allows remote attackers to spoof email information, such as whether the email has been digitally signed or encrypted, via HTML formatted email. | |||||
| CVE-2005-2038 | 1 Fortibus | 1 Fortibus Cms | 2025-04-03 | 5.0 MEDIUM | N/A |
| Fortibus CMS 4.0.0 allows remote attackers to modify information of other users, including Admin, via the "My info" page. | |||||
| CVE-2004-0870 | 1 Kde | 1 Konqueror | 2025-04-03 | 5.0 MEDIUM | N/A |
| KDE Konqueror does not prevent cookies that are sent over an insecure channel (HTTP) from also being sent over a secure channel (HTTPS/SSL) in the same domain, which could allow remote attackers to steal cookies and conduct unauthorized activities, aka "Cross Security Boundary Cookie Injection." | |||||
| CVE-2005-0033 | 1 Isc | 1 Bind | 2025-04-03 | 5.0 MEDIUM | N/A |
| Buffer overflow in the code for recursion and glue fetching in BIND 8.4.4 and 8.4.5 allows remote attackers to cause a denial of service (crash) via queries that trigger the overflow in the q_usedns array that tracks nameservers and addresses. | |||||
| CVE-1999-1376 | 1 Microsoft | 1 Internet Information Server | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in fpcount.exe in IIS 4.0 with FrontPage Server Extensions allows remote attackers to execute arbitrary commands. | |||||
| CVE-2002-0352 | 1 Phorum | 1 Phorum | 2025-04-03 | 5.0 MEDIUM | N/A |
| Phorum 3.3.2 allows remote attackers to determine the email addresses of the 10 most active users via a direct HTTP request to the stats.php program, which does not require authentication. | |||||
| CVE-2004-0298 | 1 Aclogic | 1 Cesarftp | 2025-04-03 | 5.0 MEDIUM | N/A |
| CesarFTP 0.99e allows remote attackers to cause a denial of service (CPU consumption) via a long RETR parameter. | |||||
| CVE-2002-1900 | 1 Pinboard | 1 Pinboard | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Pinboard 1.0 allows remote attackers to inject arbitrary web script or HTML via tasklists. | |||||
| CVE-2005-3805 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 4.9 MEDIUM | N/A |
| A locking problem in POSIX timer cleanup handling on exit in Linux kernel 2.6.10 to 2.6.14, when running on SMP systems, allows local users to cause a denial of service (deadlock) involving process CPU timers. | |||||
| CVE-2006-2370 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the Routing and Remote Access service (RRAS) in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows remote unauthenticated or authenticated attackers to execute arbitrary code via certain crafted "RPC related requests," aka the "RRAS Memory Corruption Vulnerability." | |||||
| CVE-2005-1049 | 1 Postnuke Software Foundation | 1 Postnuke | 2025-04-03 | 2.6 LOW | N/A |
| Multiple cross-site scripting vulnerabilities in PostNuke 0.760-RC3 allow remote attackers to inject arbitrary web script or HTML via the (1) module parameter to admin.php or (2) op parameter to user.php. NOTE: the vendor reports that certain issues could not be reproduced for 760 RC3, or for .750. However, the op/user.php issue exists when the pnAntiCracker setting is disabled. | |||||
| CVE-2004-1987 | 2 Coppermine, Francisco Burzi | 2 Coppermine Photo Gallery, Php-nuke | 2025-04-03 | 7.5 HIGH | N/A |
| picmgmtbatch.inc.php in Coppermine Photo Gallery 1.2.2b and 1.2.0 RC4 allows remote attackers with administrative privileges to execute arbitrary commands via shell metacharacters in the (1) $CONFIG['impath'] or (2) $CONFIG['jpeg_qual'] parameters. | |||||
| CVE-2004-2357 | 1 Proofpoint | 1 Proofpoint Protection Server | 2025-04-03 | 6.4 MEDIUM | N/A |
| The embedded MySQL 4.0 server for Proofpoint Protection Server does not require a password for the root user of MySQL, which allows remote attackers to read or modify the backend database. | |||||
| CVE-2006-0640 | 1 Orbicule | 1 Undercover | 2025-04-03 | 2.1 LOW | N/A |
| Orbicule Undercover allows attackers with physical or root access to disable the protection by using the chmod command to change the permissions of the /private/etc/uc.app/Contents/MacOS/uc file, which prevents the service from being started in LaunchDaemon. | |||||
| CVE-2001-0414 | 1 Dave Mills | 2 Ntpd, Xntp3 | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in ntpd ntp daemon 4.0.99k and earlier (aka xntpd and xntp3) allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long readvar argument. | |||||
| CVE-2006-0294 | 1 Mozilla | 3 Firefox, Seamonkey, Thunderbird | 2025-04-03 | 7.5 HIGH | N/A |
| Mozilla Firefox before 1.5.0.1, Thunderbird 1.5 if running Javascript in mail, and SeaMonkey before 1.0 allow remote attackers to execute arbitrary code by changing an element's style from position:relative to position:static, which causes Gecko to operate on freed memory. | |||||
| CVE-2000-0562 | 1 Iss | 2 Blackice Agent, Blackice Defender | 2025-04-03 | 7.5 HIGH | N/A |
| BlackIce Defender 2.1 and earlier, and BlackIce Pro 2.0.23 and earlier, do not properly block Back Orifice traffic when the security setting is Nervous or lower. | |||||
| CVE-2001-0588 | 1 Sco | 1 Openserver | 2025-04-03 | 4.6 MEDIUM | N/A |
| sendmail 8.9.3, as included with the MMDF 2.43.3b package in SCO OpenServer 5.0.6, can allow a local attacker to gain additional privileges via a buffer overflow in the first argument to the command. | |||||