Total
29804 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-1027 | 3 Arjsoftware, Debian, Gentoo | 3 Unarj, Debian Linux, Linux | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the -x (extract) command line option in unarj allows remote attackers to overwrite arbitrary files via an arj archive with filenames that contain .. (dot dot) sequences. | |||||
| CVE-2004-2268 | 1 Pimentech | 1 Pimengest2 | 2025-04-03 | 5.0 MEDIUM | N/A |
| PimenGest2 before 1.1.1 allows remote attackers to obtain the database password via debug information in rowLatex.inc.php. | |||||
| CVE-2005-0991 | 1 Ibm | 1 Aix | 2025-04-03 | 2.1 LOW | N/A |
| RC.BOOT in IBM AIX 5.1, 5.2, and 5.3 does not "use a secure location for temporary files," which allows local users to have an unknown impact, probably by overwriting files. | |||||
| CVE-2006-4349 | 1 Toenda Software Development | 1 Toendacms | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in ToendaCMS 1.0.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the tcms_administer_site parameter to an unspecified script, probably index.php. NOTE: this issue has been disputed by a third party, who states that $tcms_administer_site is initialized to a constant value within index.php | |||||
| CVE-2006-4506 | 1 Netiq | 1 Identity Manager | 2025-04-03 | 3.6 LOW | N/A |
| idmlib.sh in nxdrv in Novell Identity Manager (IDM) 3.0.1 allows local users to execute arbitrary commands via unspecified vectors, possibly involving the " (quote) and \ (backslash) characters and eval injection. | |||||
| CVE-2004-1296 | 1 Gnu | 1 Groff | 2025-04-03 | 2.1 LOW | N/A |
| The (1) eqn2graph and (2) pic2graph scripts in groff 1.18.1 allow local users to overwrite arbitrary files via a symlink attack on temporary files. | |||||
| CVE-2002-1309 | 1 Macromedia | 1 Coldfusion | 2025-04-03 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in the error-handling mechanism for the IIS ISAPI handler in Macromedia ColdFusion 6.0 allows remote attackers to execute arbitrary via an HTTP GET request with a long .cfm file name. | |||||
| CVE-2001-1373 | 1 Zonelabs | 1 Zonealarm | 2025-04-03 | 5.0 MEDIUM | N/A |
| MailSafe in Zone Labs ZoneAlarm 2.6 and earlier and ZoneAlarm Pro 2.6 and 2.4 does not block prohibited file types with long file names, which allows remote attackers to send potentially dangerous attachments. | |||||
| CVE-2005-0005 | 6 Debian, Gentoo, Graphicsmagick and 3 more | 6 Debian Linux, Linux, Graphicsmagick and 3 more | 2025-04-03 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in psd.c for ImageMagick 6.1.0, 6.1.7, and possibly earlier versions allows remote attackers to execute arbitrary code via a .PSD image file with a large number of layers. | |||||
| CVE-2002-0324 | 1 Noah Gray | 1 Graymatter | 2025-04-03 | 7.5 HIGH | N/A |
| Greymatter 1.21c and earlier with the Bookmarklet feature enabled allows remote attackers to read a cleartext password and gain administrative privileges by guessing the name of a gmrightclick-*.reg file which contains the administrator name and password in cleartext, then retrieving the file from the web server before the Greymatter administrator performs a "Clear And Exit" action. | |||||
| CVE-2005-3124 | 1 Acme Labs | 1 Thttpd | 2025-04-03 | 2.1 LOW | N/A |
| syslogtocern in Acme thttpd before 2.23 allows local users to write arbitrary files via a symlink attack on a temporary file. | |||||
| CVE-2002-0950 | 1 Transware | 1 Active Mail | 2025-04-03 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerability in TransWARE Active! mail 1.422 and 2.0 allows remote attackers to execute arbitrary code via a certain e-mail header, which is not properly filtered. | |||||
| CVE-2004-1206 | 1 Pntresmailer | 1 Pntresmailer | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in codebrowserpntm.php in pnTresMailer 6.0.3 allows remote attackers to read arbitrary files via a .. (dot dot) in the filetodownload parameter. | |||||
| CVE-2005-3960 | 1 Kadu | 1 Kadu | 2025-04-03 | 7.8 HIGH | N/A |
| Kadu 0.4.2 and 0.5.0pre allows remote attackers to cause a denial of service (crash or generated traffic) via a malformed message, possibly with incomplete information. | |||||
| CVE-2001-0129 | 1 Tinyproxy | 1 Tinyproxy | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in Tinyproxy HTTP proxy 1.3.3 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long connect request. | |||||
| CVE-2005-1349 | 1 Perl | 1 Convert Uulib | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in Convert-UUlib (Convert::UUlib) before 1.051 allows remote attackers to execute arbitrary code via a malformed parameter to a read operation. | |||||
| CVE-2004-0186 | 2 Linux, Samba | 2 Linux Kernel, Samba | 2025-04-03 | 7.2 HIGH | N/A |
| smbmnt in Samba 2.x and 3.x on Linux 2.6, when installed setuid, allows local users to gain root privileges by mounting a Samba share that contains a setuid root program, whose setuid attributes are not cleared when the share is mounted. | |||||
| CVE-2001-1284 | 1 Ipswitch | 1 Imail | 2025-04-03 | 7.5 HIGH | N/A |
| Ipswitch IMail 7.04 and earlier uses predictable session IDs for authentication, which allows remote attackers to hijack sessions of other users. | |||||
| CVE-2004-1913 | 2 Francisco Burzi, Shiba-design | 2 Php-nuke, Nukecalendar | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in modules.php in NukeCalendar 1.1.a, as used in PHP-Nuke, allows remote attackers to inject arbitrary web script or HTML via the eid parameter. | |||||
| CVE-2006-0387 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | 6.4 MEDIUM | N/A |
| Stack-based buffer overflow in Safari in Mac OS X 10.4.5 and earlier, and 10.3.9 and earlier, allows remote attackers to execute arbitrary code via unspecified vectors involving a web page with crafted JavaScript, a different vulnerability than CVE-2005-4504. | |||||