Total
29810 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-0381 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2025-04-03 | 2.1 LOW | N/A |
| mysqlbug in MySQL allows local users to overwrite arbitrary files via a symlink attack on the failed-mysql-bugreport temporary file. | |||||
| CVE-2002-1828 | 1 Savant | 1 Savant Webserver | 2025-04-03 | 5.0 MEDIUM | N/A |
| Savant Webserver 3.1 allows remote attackers to cause a denial of service (crash) via an HTTP GET request with a negative Content-Length value. | |||||
| CVE-2003-0203 | 2 Moxftp, Xftp | 2 Moxftp, Xftp | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in moxftp 2.2 and earlier allows remote malicious FTP servers to execute arbitrary code via a long FTP banner. | |||||
| CVE-2006-4108 | 1 Drupal | 1 Bibliography Module | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Bibliography (biblio.module) 4.6 before revision 1.1.1.1.4.11 and 4.7 before revision 1.13.2.5 for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2006-2295 | 1 Timobraun | 1 Dynamic Galerie | 2025-04-03 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in Dynamic Galerie 1.0 allows remote attackers to access arbitrary files via an absolute path in the pfad parameter to (1) index.php and (2) galerie.php. | |||||
| CVE-1999-0313 | 1 Sgi | 1 Irix | 2025-04-03 | 7.2 HIGH | N/A |
| disk_bandwidth on SGI IRIX 6.4 S2MP for Origin/Onyx2 allows local users to gain root access using relative pathnames. | |||||
| CVE-2005-0640 | 1 Broadcom | 1 Unicenter Asset Management | 2025-04-03 | 4.6 MEDIUM | N/A |
| Computer Associates (CA) Unicenter Asset Management (UAM) 4.0 does not properly initialize the "Change Credentials for Database" window, which allows local users to recover the SQL Admin password via certain methods. | |||||
| CVE-2004-2681 | 1 Peersec Networks | 1 Matrixssl | 2025-04-03 | 7.5 HIGH | N/A |
| PeerSec MatrixSSL before 1.1 caches session keys for an indefinitely long time, which might make it easier for remote attackers to hijack a session. | |||||
| CVE-2005-1197 | 1 Oracle | 1 Database Server | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the SYS.DBMS_CDC_IPUBLISH.CREATE_SCN_CHANGE_SET procedure in Oracle Database Server 10g allows remote attackers to execute arbitrary SQL commands via the CHANGE_SET_NAME parameter. | |||||
| CVE-2006-1084 | 1 Php-stats | 1 Php-stats | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in PHP-Stats 0.1.9.1 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the option[prefix] parameter in admin.php and other unspecified PHP scripts, and (2) the PC_REMOTE_ADDR HTTP header to click.php. | |||||
| CVE-2000-0456 | 1 Netbsd | 1 Netbsd | 2025-04-03 | 2.1 LOW | N/A |
| NetBSD 1.4.2 and earlier allows local users to cause a denial of service by repeatedly running certain system calls in the kernel which do not yield the CPU, aka "cpu-hog". | |||||
| CVE-2000-1137 | 1 Gnu | 1 Ed | 2025-04-03 | 4.6 MEDIUM | N/A |
| GNU ed before 0.2-18.1 allows local users to overwrite the files of other users via a symlink attack. | |||||
| CVE-2002-0924 | 1 Cgiscript.net | 1 Csnews | 2025-04-03 | 7.5 HIGH | N/A |
| CGIScript.net csNews.cgi allows remote authenticated users to execute arbitrary Perl code via terminating quotes and metacharacters in text fields of the "Advanced Settings" capability. | |||||
| CVE-2004-0603 | 1 Gnu | 1 Gzip | 2025-04-03 | 10.0 HIGH | N/A |
| gzexe in gzip 1.3.3 and earlier will execute an argument when the creation of a temp file fails instead of exiting the program, which could allow remote attackers or local users to execute arbitrary commands, a different vulnerability than CVE-1999-1332. | |||||
| CVE-2006-2460 | 1 Sugarcrm | 1 Sugarcrm | 2025-04-03 | 6.4 MEDIUM | N/A |
| Sugar Suite Open Source (SugarCRM) 4.2 and earlier, when register_globals is enabled, does not protect critical variables such as $_GLOBALS and $_SESSION from modification, which allows remote attackers to conduct attacks such as directory traversal or PHP remote file inclusion, as demonstrated by modifying the GLOBALS[sugarEntry] parameter. | |||||
| CVE-2005-1093 | 1 Popup Plus Plugin | 1 Popup Plus Plugin For Miranda Im | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the PopUp Plus 2.0.3.8 plugin for Miranda IM, with "Use SmileyAdd Setting" enabled, allows remote attackers to execute arbitrary code. | |||||
| CVE-2003-0745 | 1 Castle Rock Computing | 1 Snmpc | 2025-04-03 | 10.0 HIGH | N/A |
| SNMPc 6.0.8 and earlier performs authentication to the server on the client side, which allows remote attackers to gain privileges by decrypting the password that is returned by the server. | |||||
| CVE-2001-1398 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 7.5 HIGH | N/A |
| Masquerading code for Linux kernel before 2.2.19 does not fully check packet lengths in certain cases, which may lead to a vulnerability. | |||||
| CVE-1999-1035 | 1 Microsoft | 1 Internet Information Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| IIS 3.0 and 4.0 on x86 and Alpha allows remote attackers to cause a denial of service (hang) via a malformed GET request, aka the IIS "GET" vulnerability. | |||||
| CVE-2001-0891 | 2 Cray, Sgi | 2 Unicos, Nqsdaemon | 2025-04-03 | 7.2 HIGH | N/A |
| Format string vulnerability in NQS daemon (nqsdaemon) in NQE 3.3.0.16 for CRAY UNICOS and SGI IRIX allows a local user to gain root privileges by using qsub to submit a batch job whose name contains formatting characters. | |||||