Total
29807 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-2228 | 1 Bdc Enterprises | 1 Web Wiz Forums | 2025-04-03 | 5.0 MEDIUM | N/A |
| Web Wiz Forums 7.9 and 8.0 allows remote attackers to view message titles of a hidden forum. | |||||
| CVE-2002-1323 | 5 Redhat, Safe.pm, Sco and 2 more | 9 Enterprise Linux, Linux Advanced Workstation, Safe.pm and 6 more | 2025-04-03 | 4.6 MEDIUM | N/A |
| Safe.pm 2.0.7 and earlier, when used in Perl 5.8.0 and earlier, may allow attackers to break out of safe compartments in (1) Safe::reval or (2) Safe::rdo using a redefined @_ variable, which is not reset between successive calls. | |||||
| CVE-2005-3405 | 1 Adaptive Technology Resource Centre | 1 Atutor | 2025-04-03 | 7.5 HIGH | N/A |
| ATutor 1.4.1 through 1.5.1-pl1 allows remote attackers to execute arbitrary PHP functions via a direct request to forum.inc.php with a modified addslashes parameter with either the (1) asc or (2) desc parameters set, possibly due to an eval injection vulnerability. | |||||
| CVE-2002-1687 | 1 Ibm | 1 Aix | 2025-04-03 | 2.1 LOW | N/A |
| Buffer overflow in the diagnostics library in AIX allows local users to "cause data and instructions to be overwritten" via a long DIAGNOSTICS environment variable. | |||||
| CVE-2006-2005 | 1 Clansys | 1 Clansys | 2025-04-03 | 7.5 HIGH | N/A |
| Eval injection vulnerability in index.php in ClanSys 1.1 allows remote attackers to execute arbitrary PHP code via PHP code in the page parameter, as demonstrated by using an "include" statement that is injected into the eval statement. NOTE: this issue has been described as file inclusion by some sources, but that is just one attack; the primary vulnerability is eval injection. | |||||
| CVE-1999-0091 | 1 Ibm | 1 Aix | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in AIX writesrv command allows local users to obtain root access. | |||||
| CVE-2005-4152 | 1 Soti | 1 Pocket Controller-professional | 2025-04-03 | 7.8 HIGH | N/A |
| Soti Pocket Controller-Professional 5.0 allows remote attackers to turn off, reboot, or hard reset a PDA via a series of initialization, command, and reset packets sent to port 5492. | |||||
| CVE-2004-2611 | 1 Steven Schaefer | 1 Sophster | 2025-04-03 | 4.6 MEDIUM | N/A |
| The Change Permissions function in the Sophster suite before 0.9.6 28 May 2004 (aka 0.9.6-r5), possibly including Sophster, FreeSophster, and FreeSophsterPAM, removes the (1) setuid, (2) setgid, and (3) sticky bits when changing a file, which might allow attackers to gain privileges or conduct other unauthorized activities. | |||||
| CVE-2005-3660 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 4.9 MEDIUM | N/A |
| Linux kernel 2.4 and 2.6 allows attackers to cause a denial of service (memory exhaustion and panic) by creating a large number of connected file descriptors or socketpairs and setting a large data transfer buffer, then preventing Linux from being able to finish the transfer by causing the process to become a zombie, or closing the file descriptor without closing an associated reference. | |||||
| CVE-1999-1221 | 1 Digital | 1 Unix | 2025-04-03 | 2.1 LOW | N/A |
| dxchpwd in Digital Unix (OSF/1) 3.x allows local users to modify arbitrary files via a symlink attack on the dxchpwd.log file. | |||||
| CVE-2002-1658 | 1 Apache | 1 Http Server | 2025-04-03 | 4.6 MEDIUM | N/A |
| Buffer overflow in htdigest in Apache 1.3.26 and 1.3.27 may allow attackers to execute arbitrary code via a long user argument. NOTE: since htdigest is normally only locally accessible and not setuid or setgid, there are few attack vectors which would lead to an escalation of privileges, unless htdigest is executed from a CGI program. Therefore this may not be a vulnerability. | |||||
| CVE-2005-4448 | 1 Flatnuke | 1 Flatnuke | 2025-04-03 | 10.0 HIGH | N/A |
| FlatNuke 2.5.6 verifies authentication credentials based on an MD5 checksum of the admin name and the hashed password rather than the plaintext password, which allows attackers to gain privileges by obtaining the password hash (possibly via CVE-2005-2813), then calculating the credentials and including them in the secid cookie. | |||||
| CVE-2006-1689 | 1 Hp | 1 Hp-ux | 2025-04-03 | 7.2 HIGH | N/A |
| Unspecified vulnerability in su in HP HP-UX B.11.11, when using the LDAP netgroup feature, allows local users to gain unspecified access. | |||||
| CVE-2005-0340 | 1 Apple | 1 Afp Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Integer signedness error in Apple File Service (AFP Server) allows remote attackers to cause a denial of service (application crash) via a negative UAM string length in a FPLoginExt packet. | |||||
| CVE-2006-2222 | 1 Norz | 1 Zawhttpd | 2025-04-03 | 5.0 MEDIUM | N/A |
| Buffer overflow in zawhttpd 0.8.23, and possibly previous versions, allows remote attackers to cause a denial of service (daemon crash) via a request for a URI composed of several "\" (backslash) characters. | |||||
| CVE-2006-2232 | 1 Scriptsez | 1 Cute Guestbook | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Scriptsez Cute Guestbook 20060211 allows remote attackers to inject arbitrary web script or HTML via the Comments field when signing the guestbook. | |||||
| CVE-2006-0555 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 2.1 LOW | N/A |
| The Linux Kernel before 2.6.15.5 allows local users to cause a denial of service (NFS client panic) via unknown attack vectors related to the use of O_DIRECT (direct I/O). | |||||
| CVE-2001-0245 | 1 Microsoft | 2 Index Server, Indexing Service | 2025-04-03 | 5.0 MEDIUM | N/A |
| Microsoft Index Server 2.0 in Windows NT 4.0, and Indexing Service in Windows 2000, allows remote attackers to read server-side include files via a malformed search request, aka a new variant of the "Malformed Hit-Highlighting" vulnerability. | |||||
| CVE-2005-3116 | 1 Symantec Veritas | 1 Netbackup | 2025-04-03 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in a shared library as used by the Volume Manager daemon (vmd) in VERITAS NetBackup Enterprise Server 5.0 MP1 to MP5 and 5.1 up to MP3A allows remote attackers to execute arbitrary code via a crafted packet. | |||||
| CVE-2000-0963 | 4 Freebsd, Gnu, Immunix and 1 more | 4 Freebsd, Ncurses, Immunix and 1 more | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in ncurses library allows local users to execute arbitrary commands via long environmental information such as TERM or TERMINFO_DIRS. | |||||