Total
29809 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-1761 | 1 Ethereal Group | 1 Ethereal | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in Ethereal 0.8.13 to 0.10.2 allows attackers to cause a denial of service (segmentation fault) via a malformed color filter file. | |||||
| CVE-2002-0961 | 1 Voxel | 1 Cbms | 2025-04-03 | 7.5 HIGH | N/A |
| Vulnerabilities in Voxel Dot Net CBMS 0.7 and earlier allow remote attackers to conduct unauthorized operations as other users, e.g. by deleting clients via dltclnt.php, possibly in a SQL injection attack. | |||||
| CVE-2004-2427 | 1 Axis | 14 2100 Network Camera, 2110 Network Camera, 2120 Network Camera and 11 more | 2025-04-03 | 10.0 HIGH | N/A |
| Axis Network Camera 2.40 and earlier, and Video Server 3.12 and earlier, allows remote attackers to obtain sensitive information via direct requests to (1) admin/getparam.cgi, (2) admin/systemlog.cgi, (3) admin/serverreport.cgi, and (4) admin/paramlist.cgi, modify system information via (5) setparam.cgi and (6) factorydefault.cgi, or (7) cause a denial of service (reboot) via restart.cgi. | |||||
| CVE-2000-0362 | 1 Suse | 1 Suse Linux | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflows in Linux cdwtools 093 and earlier allows local users to gain root privileges. | |||||
| CVE-2006-0296 | 1 Mozilla | 2 Firefox, Seamonkey | 2025-04-03 | 5.0 MEDIUM | N/A |
| The XULDocument.persist function in Mozilla, Firefox before 1.5.0.1, and SeaMonkey before 1.0 does not validate the attribute name, which allows remote attackers to execute arbitrary Javascript by injecting RDF data into the user's localstore.rdf file. | |||||
| CVE-2002-1470 | 1 Nullsoft | 1 Shoutcast Server | 2025-04-03 | 2.1 LOW | N/A |
| SHOUTcast 1.8.9 and earlier allows local users to obtain the cleartext administrative password via a GET request to port 8001, which causes the password to be logged in the world-readable sc_serv.log file. | |||||
| CVE-2006-0892 | 1 Nocc | 1 Nocc | 2025-04-03 | 7.5 HIGH | N/A |
| NOCC Webmail 1.0 stores e-mail attachments in temporary files with predictable filenames, which makes it easier for remote attackers to execute arbitrary code by accessing the e-mail attachment via directory traversal vulnerabilities. | |||||
| CVE-2006-3265 | 1 Qdig | 1 Qdig | 2025-04-03 | 2.6 LOW | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index.php in Qdig before 1.2.9.3, when register_globals is enabled, allow remote attackers to inject arbitrary web script or HTML via the (1) pre_gallery or (2) post_gallery parameters. | |||||
| CVE-2000-0473 | 1 Analogx | 1 Simpleserver Www | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in AnalogX SimpleServer 1.05 allows a remote attacker to cause a denial of service via a long GET request for a program in the cgi-bin directory. | |||||
| CVE-2005-2074 | 1 Php Fusion | 1 Php Fusion | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in PHP-Fusion 6.0.105 allows remote attackers to inject arbitrary web script or HTML via a news or article post, possibly involving the (1) news_body, (2) article_description, or (3) article_body parameters to submit.php. | |||||
| CVE-2004-1869 | 1 Nival Interactive | 2 Etherlords, Etherlords Ii | 2025-04-03 | 5.0 MEDIUM | N/A |
| Etherlords I 1.07 and earlier and Etherlords II 1.03 and earlier allows remote attackers to cause a denial of service (crash) by sending a packet that specifies the size for the next packet, then sending a larger packet than specified, which causes Etherlords to read unallocated memory. | |||||
| CVE-2002-0510 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 5.0 MEDIUM | N/A |
| The UDP implementation in Linux 2.4.x kernels keeps the IP Identification field at 0 for all non-fragmented packets, which could allow remote attackers to determine that a target system is running Linux. | |||||
| CVE-2005-0141 | 1 Mozilla | 2 Firefox, Mozilla | 2025-04-03 | 2.6 LOW | N/A |
| Firefox before 1.0 and Mozilla before 1.7.5 allow remote attackers to load local files via links "with a custom getter and toString method" that are middle-clicked by the user to be opened in a new tab. | |||||
| CVE-2001-0464 | 1 Crosswind | 1 Cyberscheduler | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in websync.exe in Cyberscheduler allows remote attackers to execute arbitrary commands via a long tzs (timezone) parameter. | |||||
| CVE-2000-1004 | 1 Openbsd | 1 Openbsd | 2025-04-03 | 4.6 MEDIUM | N/A |
| Format string vulnerability in OpenBSD photurisd allows local users to execute arbitrary commands via a configuration file directory name that contains formatting characters. | |||||
| CVE-2005-4174 | 1 Efiction Project | 1 Efiction | 2025-04-03 | 7.5 HIGH | N/A |
| eFiction 1.0, 1.1, and 2.0, in unspecified environments, might allow remote attackers to conduct unauthorized operations by directly accessing (1) install.php or (2) upgrade.php. NOTE: it is unclear whether this is a vulnerability in eFiction itself or the result of incorrect system administration practices, e.g. by not removing utility scripts once they have been used. | |||||
| CVE-2000-0990 | 1 Krzysztof Dabrowski | 1 Cmd5checkpw | 2025-04-03 | 7.5 HIGH | N/A |
| cmd5checkpw 0.21 and earlier allows remote attackers to cause a denial of service via an "SMTP AUTH" command with an unknown username. | |||||
| CVE-2006-1971 | 1 Krankikom | 1 Contentboxx | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in login.php in KRANKIKOM ContentBoxX allows remote attackers to inject arbitrary web script or HTML via the action parameter. | |||||
| CVE-2003-0021 | 1 Michael Jennings | 1 Eterm | 2025-04-03 | 5.0 MEDIUM | N/A |
| The "screen dump" feature in Eterm 0.9.1 and earlier allows attackers to overwrite arbitrary files via a certain character escape sequence when it is echoed to a user's terminal, e.g. when the user views a file containing the malicious sequence. | |||||
| CVE-2005-0368 | 1 Chipmunk Scripts | 1 Cmscore | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in CMScore allow remote attackers to execute arbitrary SQL commands via the (1) EntryID or (2) searchterm parameter to index.php, or (3) username parameter to authenticate.php. | |||||