Total
29575 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-0829 | 1 Freebsd | 1 Freebsd | 2025-04-03 | 4.6 MEDIUM | N/A |
| Integer overflow in the Berkeley Fast File System (FFS) in FreeBSD 4.6.1 RELEASE-p4 and earlier allows local users to access arbitrary file contents within FFS to gain privileges by creating a file that is larger than allowed by the virtual memory system. | |||||
| CVE-2004-0803 | 9 Apple, Kde, Libtiff and 6 more | 13 Mac Os X, Mac Os X Server, Kde and 10 more | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer overflows, allow remote attackers to execute arbitrary code via TIFF files. | |||||
| CVE-2005-1746 | 2 Bea, Oracle | 2 Weblogic Server, Weblogic Portal | 2025-04-03 | 5.0 MEDIUM | N/A |
| The cluster cookie parsing code in BEA WebLogic Server 7.0 through Service Pack 5 attempts to contact any host or port specified in a cookie, even when it is not in the cluster, which allows remote attackers to cause a denial of service (cluster slowdown) via modified cookies. | |||||
| CVE-2005-2603 | 1 My Image Gallery | 1 My Image Gallery | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php for My Image Gallery (Mig ) 1.4.1 allows remote attackers to inject arbitrary web script or HTML via the (1) currDir or (2) image parameters. | |||||
| CVE-2006-4970 | 1 Wahm E-commerce | 1 Pie Cart Pro | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in enc/content.php in WAHM E-Commerce Pie Cart Pro allows remote attackers to execute arbitrary PHP code via a URL in the Home_Path parameter. | |||||
| CVE-2005-4623 | 1 Efilego | 1 Efilego | 2025-04-03 | 5.0 MEDIUM | N/A |
| upload.exe in eFileGo 3.01 allows remote attackers to cause a denial of service (CPU consumption) via an argument with an invalid directory name. | |||||
| CVE-2004-0664 | 1 Powerportal | 1 Powerportal | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in modules.php in PowerPortal 1.x allows remote attackers to list arbitrary directories via a .. (dot dot) in the files parameter. | |||||
| CVE-2002-1825 | 1 Wasd | 1 Wasd Http Server | 2025-04-03 | 6.4 MEDIUM | N/A |
| Format string vulnerability in PerlRTE_example1.pl in WASD 7.1, 7.2.0 through 7.2.3, and 8.0.0 allows remote attackers to execute arbitrary commands or crash the server via format strings in the $name variable. | |||||
| CVE-2004-0686 | 2 Samba, Trustix | 2 Samba, Secure Linux | 2025-04-03 | 5.0 MEDIUM | N/A |
| Buffer overflow in Samba 2.2.x to 2.2.9, and 3.0.0 to 3.0.4, when the "mangling method = hash" option is enabled in smb.conf, has unknown impact and attack vectors. | |||||
| CVE-2006-0567 | 1 Curtis Farnham | 1 Files Xaraya Module | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Files Xaraya module before 0.5.1, when the Archive Directory field on the Modify Config page is blank, allows remote attackers to access files outside of the web root via ".." (dot dot) sequences. | |||||
| CVE-2000-0554 | 1 Lilikoi | 1 Ceilidh | 2025-04-03 | 5.0 MEDIUM | N/A |
| Ceilidh allows remote attackers to obtain the real path of the Ceilidh directory via the translated_path hidden form field. | |||||
| CVE-2005-1490 | 2 Icewarp, Merak | 2 Web Mail, Mail Server | 2025-04-03 | 2.1 LOW | N/A |
| Merak Mail Server 8.0.3 with Icewarp Web Mail 5.4.2, when the mailbox.dat file does not exist, allows remote authenticated users to determine if a file exists via the folder parameter to attachment.html. | |||||
| CVE-2004-1544 | 1 Jspwiki | 1 Jspwiki | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Search.jsp in JSPWiki 2.1.120-cvs and earlier allows remote attackers to execute arbitrary web script as other users via the query parameter. | |||||
| CVE-2006-4382 | 1 Apple | 1 Quicktime | 2025-04-03 | 5.1 MEDIUM | N/A |
| Multiple buffer overflows in Apple QuickTime before 7.1.3 allow user-assisted remote attackers to execute arbitrary code via a crafted QuickTime movie. | |||||
| CVE-2006-4139 | 1 Sun | 1 Solaris | 2025-04-03 | 5.4 MEDIUM | N/A |
| Race condition in Sun Solaris 10 allows attackers to cause a denial of service (system panic) via unspecified vectors related to ifconfig and either netstat or SNMP queries. | |||||
| CVE-2002-1762 | 1 Microsoft | 1 Baseline Security Analyzer | 2025-04-03 | 5.0 MEDIUM | N/A |
| Microsoft Baseline Security Analyzer (MBSA) 1.0 stores security scans in a known location C:\Documents and Settings\username\SecurityScans in plaintext, which could allow remote attackers to obtain sensitive information about the system via malicious active content such as ActiveX controls or Java. | |||||
| CVE-1999-1503 | 1 Nfr | 1 Nfr | 2025-04-03 | 5.0 MEDIUM | N/A |
| Network Flight Recorder (NFR) 1.5 and 1.6 allows remote attackers to cause a denial of service in nfrd (crash) via a TCP packet with a null header and data field. | |||||
| CVE-1999-0068 | 1 Php | 1 Php | 2025-04-03 | 7.5 HIGH | N/A |
| CGI PHP mylog script allows an attacker to read any file on the target server. | |||||
| CVE-2001-1234 | 1 Gallery Project | 1 Gallery | 2025-04-03 | 7.5 HIGH | N/A |
| Bharat Mediratta Gallery PHP script before 1.2.1 allows remote attackers to execute arbitrary code by including files from remote web sites via an HTTP request that modifies the includedir variable. | |||||
| CVE-2006-2861 | 1 Particle Soft | 1 Particle Wiki | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Particle Wiki 1.0.2 and earlier allows remote attackers to execute arbitrary SQL commands via the version parameter. | |||||