Total
29810 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-0312 | 1 War Ftp Daemon | 1 War Ftp Daemon | 2025-04-03 | 2.1 LOW | N/A |
| WarFTPD 1.82 RC9, when running as an NT service, allows remote authenticated users to cause a denial of service (access violation) via a CWD command with a crafted pathname, as demonstrated using a large string of "%s" sequences, possibly indicating a format string vulnerability. | |||||
| CVE-2005-1870 | 1 Popper | 1 Popper | 2025-04-03 | 5.0 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in childwindow.inc.php in Popper 1.41-r2 and earlier allows remote attackers to execute arbitrary PHP code via the form parameter. | |||||
| CVE-2005-1211 | 1 Microsoft | 1 Internet Explorer | 2025-04-03 | 5.1 MEDIUM | N/A |
| Buffer overflow in the PNG image rendering component of Microsoft Internet Explorer allows remote attackers to execute arbitrary code via a crafted PNG file. | |||||
| CVE-2005-3636 | 1 Sap | 1 Sap Web Application Server | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in SAP Web Application Server (WAS) 6.10 allows remote attackers to inject arbitrary web script or HTML via Error Pages. | |||||
| CVE-2003-1128 | 1 X2 Studios | 1 Xmms Remote | 2025-04-03 | 7.5 HIGH | N/A |
| XMMS.pm in X2 XMMS Remote, as obtained from the vendor server between 4 AM 11 AM PST on May 7, 2003, allows remote attackers to execute arbitrary commands via shell metacharacters in a request to TCP port 8086. | |||||
| CVE-2006-3928 | 1 Mikael Software | 1 Wmnews | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in index.php in WMNews 0.2a and earlier allows remote attackers to execute arbitrary PHP code via a URL in the base_datapath parameter. | |||||
| CVE-1999-1103 | 1 Digital | 1 Osf 1 | 2025-04-03 | 4.6 MEDIUM | N/A |
| dxconsole in DEC OSF/1 3.2C and earlier allows local users to read arbitrary files by specifying the file with the -file parameter. | |||||
| CVE-2002-2032 | 1 Francisco Burzi | 1 Php-nuke | 2025-04-03 | 5.0 MEDIUM | N/A |
| sql_layer.php in PHP-Nuke 5.4 and earlier does not restrict access to debugging features, which allows remote attackers to gain SQL query information by setting the sql_debug parameter to (1) index.php and (2) modules.php. | |||||
| CVE-2000-0835 | 1 Sambar | 1 Sambar Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| search.dll Sambar ISAPI Search utility in Sambar Server 4.4 Beta 3 allows remote attackers to read arbitrary directories by specifying the directory in the query parameter. | |||||
| CVE-2000-0996 | 1 Openbsd | 1 Openbsd | 2025-04-03 | 7.2 HIGH | N/A |
| Format string vulnerability in OpenBSD su program (and possibly other BSD-based operating systems) allows local attackers to gain root privileges via a malformed shell. | |||||
| CVE-1999-1463 | 1 Microsoft | 1 Windows Nt | 2025-04-03 | 5.0 MEDIUM | N/A |
| Windows NT 4.0 before SP3 allows remote attackers to bypass firewall restrictions or cause a denial of service (crash) by sending improperly fragmented IP packets without the first fragment, which the TCP/IP stack incorrectly reassembles into a valid session. | |||||
| CVE-2006-2109 | 1 Jsboard | 1 Jsboard | 2025-04-03 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the parse_query_str function in include/print.php in JSBoard 2.0.10 and 2.0.11, and possibly other versions before 2.0.12, allows remote attackers to inject arbitrary web script or HTML via parameters that are set as global variables within the program, as demonstrated using the table parameter to login.php. | |||||
| CVE-2005-2252 | 1 Gianluca Baldo | 1 Phpauction | 2025-04-03 | 7.5 HIGH | N/A |
| PhpAuction 2.5 allows remote attackers to bypass authentication and gain privileges as another user by setting the PHPAUCTION_RM_ID cookie to the user ID. | |||||
| CVE-2003-0465 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 5.0 MEDIUM | N/A |
| The kernel strncpy function in Linux 2.4 and 2.5 does not %NUL pad the buffer on architectures other than x86, as opposed to the expected behavior of strncpy as implemented in libc, which could lead to information leaks. | |||||
| CVE-2006-3154 | 1 Thinkfactory | 1 Ultimate Estate | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.pl in Ultimate Estate 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2004-1807 | 1 Dogpatch Software | 1 Cfwebstore | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.cfm in CFWebstore 5.0 allows remote attackers to inject arbitrary web script or HTML via the URL. | |||||
| CVE-2005-0905 | 1 Maxthon | 1 Maxthon | 2025-04-03 | 2.6 LOW | N/A |
| Maxthon 1.2.0 allows remote malicious web sites to obtain potentially sensitive data from the search bar via the m2_search_text property. | |||||
| CVE-2006-3080 | 1 Axent | 1 Axentforum | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in viewposts.cfm in aXentForum II and earlier allows remote attackers to inject arbitrary web script or HTML via the startrow parameter. | |||||
| CVE-2006-3386 | 1 Vincent Leclercq | 1 News | 2025-04-03 | 5.0 MEDIUM | N/A |
| index.php in Vincent Leclercq News 5.2 allows remote attackers to obtain sensitive information, such as the installation path, via a mail[] parameter with invalid values. | |||||
| CVE-2001-0628 | 1 Microsoft | 1 Word | 2025-04-03 | 7.2 HIGH | N/A |
| Microsoft Word 2000 does not check AutoRecovery (.asd) files for macros, which allows a local attacker to execute arbitrary macros with the user ID of the Word user. | |||||