Total
29809 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-2175 | 1 Php | 1 Phpsquidpass | 2025-04-03 | 4.0 MEDIUM | N/A |
| phpSquidPass before 0.2 uses an incomplete regular expression to find a matching username in its database, which allows remote authenticated attackers to effectively delete other usernames via a short username that matches the end of the targeted username. | |||||
| CVE-2004-2209 | 1 Ideal Science | 1 Idealbb | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Ideal Science IdealBB 1.4.9 through 1.5.3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | |||||
| CVE-2005-4083 | 1 Phpbb Styles | 1 Extreme Styles Phpbb Module | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in xs_edit.php in the eXtreme Styles phpBB module 2.2.1 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the edit parameter. | |||||
| CVE-2006-2189 | 1 Servous | 1 Sblog | 2025-04-03 | 10.0 HIGH | N/A |
| SQL injection vulnerability in search.php in Servous sBLOG 0.7.2 allows remote attackers to execute arbitrary SQL commands via the keyword parameter. NOTE: this issue can be used to trigger path disclosure. In addition, it might be primary to vector 1 in CVE-2006-1135. | |||||
| CVE-2006-3813 | 1 Redhat | 1 Enterprise Linux | 2025-04-03 | 2.1 LOW | N/A |
| A regression error in the Perl package for Red Hat Enterprise Linux 4 omits the patch for CVE-2005-0155, which allows local users to overwrite arbitrary files with debugging information. | |||||
| CVE-2003-0342 | 1 Selom Ofori | 1 Blackmoon Ftp Server | 2025-04-03 | 4.6 MEDIUM | N/A |
| BlackMoon FTP Server 2.6 Free Edition, and possibly other distributions and versions, stores user names and passwords in plaintext in the blackmoon.mdb file, which can allow local users to gain privileges. | |||||
| CVE-2000-0661 | 1 Wircsrv | 1 Irc Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| WircSrv IRC Server 5.07s allows remote attackers to cause a denial of service via a long string to the server port. | |||||
| CVE-2004-2264 | 1 Gnu | 1 Less | 2025-04-03 | 6.4 MEDIUM | N/A |
| Format string bug in the open_altfile function in filename.c for GNU less 382, 381, and 358 might allow local users to cause a denial of service or possibly execute arbitrary code via format strings in the LESSOPEN environment variable. NOTE: since less is not setuid or setgid, then this is not a vulnerability unless there are plausible scenarios under which privilege boundaries could be crossed | |||||
| CVE-2004-0567 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Nt | 2025-04-03 | 7.5 HIGH | N/A |
| The Windows Internet Naming Service (WINS) in Windows NT Server 4.0 SP 6a, NT Terminal Server 4.0 SP 6, Windows 2000 Server SP3 and SP4, and Windows Server 2003 does not properly validate the computer name value in a WINS packet, which allows remote attackers to execute arbitrary code or cause a denial of service (server crash), which results in an "unchecked buffer" and possibly triggers a buffer overflow, aka the "Name Validation Vulnerability." | |||||
| CVE-1999-1447 | 1 Microsoft | 1 Internet Explorer | 2025-04-03 | 5.0 MEDIUM | N/A |
| Internet Explorer 4.0 allows remote attackers to cause a denial of service (crash) via HTML code that contains a long CLASSID parameter in an OBJECT tag. | |||||
| CVE-2006-1055 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 4.9 MEDIUM | N/A |
| The fill_write_buffer function in sysfs/file.c in Linux kernel 2.6.12 up to versions before 2.6.17-rc1 does not zero terminate a buffer when a length of PAGE_SIZE or more is requested, which might allow local users to cause a denial of service (crash) by causing an out-of-bounds read. | |||||
| CVE-2002-1123 | 1 Microsoft | 2 Data Engine, Sql Server | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the authentication function for Microsoft SQL Server 2000 and Microsoft Desktop Engine (MSDE) 2000 allows remote attackers to execute arbitrary code via a long request to TCP port 1433, aka the "Hello" overflow. | |||||
| CVE-1999-1022 | 1 Sgi | 1 Irix | 2025-04-03 | 6.2 MEDIUM | N/A |
| serial_ports administrative program in IRIX 4.x and 5.x trusts the user's PATH environmental variable to find and execute the ls program, which allows local users to gain root privileges via a Trojan horse ls program. | |||||
| CVE-2003-0061 | 1 Hp | 1 Hp-ux | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in passwd for HP UX B.10.20 allows local users to execute arbitrary commands with root privileges via a long LANG environment variable. | |||||
| CVE-2006-2947 | 1 Dmx Forum | 1 Dmx Forum | 2025-04-03 | 5.0 MEDIUM | N/A |
| Dmx Forum 2.1a allows remote attackers to obtain username and password information via a direct request to pops/edit.php with a modified membre parameter. | |||||
| CVE-2004-0295 | 1 Transsoft | 1 Broker Ftp Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| TsFtpSrv.exe in Broker FTP 6.1.0.0 allows remote attackers to cause a denial of service (CPU consumption) via an open idle connection. | |||||
| CVE-2000-1030 | 1 Csandt | 1 Corporatetime For The Web | 2025-04-03 | 5.0 MEDIUM | N/A |
| CS&T CorporateTime for the Web returns different error messages for invalid usernames and invalid passwords, which allows remote attackers to determine valid usernames on the server. | |||||
| CVE-2005-1430 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | 3.6 LOW | N/A |
| Mac OS X 10.3.x and earlier uses insecure permissions for a pseudo terminal tty (pty) that is managed by a non-setuid program, which allows local users to read or modify sessions of other users. | |||||
| CVE-2003-0209 | 2 Smoothwall, Sourcefire | 2 Smoothwall, Snort | 2025-04-03 | 10.0 HIGH | N/A |
| Integer overflow in the TCP stream reassembly module (stream4) for Snort 2.0 and earlier allows remote attackers to execute arbitrary code via large sequence numbers in packets, which enable a heap-based buffer overflow. | |||||
| CVE-1999-1244 | 1 Darren Reed | 1 Ipfilter | 2025-04-03 | 7.2 HIGH | N/A |
| IPFilter 3.2.3 through 3.2.10 allows local users to modify arbitrary files via a symlink attack on the saved output file. | |||||