Total
29804 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-0561 | 1 Drummond Miles | 1 A1stats | 2025-04-03 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in Drummond Miles A1Stats prior to 1.6 allows a remote attacker to read arbitrary files via a '..' (dot dot) attack in (1) a1disp2.cgi, (2) a1disp3.cgi, or (3) a1disp4.cgi. | |||||
| CVE-2004-2650 | 1 Apache | 1 James | 2025-04-03 | 4.9 MEDIUM | N/A |
| Spooler in Apache Foundation James 2.2.0 allows local users to cause a denial of service (memory consumption) by triggering various error conditions in the retrieve function, which prevents a lock from being released and causes a memory leak. | |||||
| CVE-2000-0228 | 1 Microsoft | 1 Windows Media Rights Manager | 2025-04-03 | 5.0 MEDIUM | N/A |
| Microsoft Windows Media License Manager allows remote attackers to cause a denial of service by sending a malformed request that causes the manager to halt, aka the "Malformed Media License Request" Vulnerability. | |||||
| CVE-2004-1745 | 1 People Can Fly | 1 Painkiller | 2025-04-03 | 5.0 MEDIUM | N/A |
| Buffer overflow in Painkiller 1.3.1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long password. | |||||
| CVE-2002-2210 | 1 Openoffice | 1 Openoffice | 2025-04-03 | 6.2 MEDIUM | N/A |
| The installation of OpenOffice 1.0.1 allows local users to overwrite files and possibly gain privileges via a symlink attack on the USERNAME_autoresponse.conf temporary file. | |||||
| CVE-2005-1568 | 1 Directtopics | 1 Directtopics | 2025-04-03 | 5.0 MEDIUM | N/A |
| topic.php in DirectTopics 2.1 and 2.2 allows remote attackers to obtain sensitive information via an invalid topic parameter, which reveals the path in an error message. | |||||
| CVE-2002-0768 | 2 Luke Mewburn, Suse | 2 Lukemftp, Suse Linux | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in lukemftp FTP client in SuSE 6.4 through 8.0, and possibly other operating systems, allows a malicious FTP server to execute arbitrary code via a long PASV command. | |||||
| CVE-2006-3045 | 1 Teake Nutma | 1 Foing | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in manage_songs.php in Foing 0.7.0e and earlier allows remote attackers to execute arbitrary PHP code via a URL in the foing_root_path parameter. | |||||
| CVE-2006-0127 | 1 Rockliffe | 1 Mailsite | 2025-04-03 | 4.0 MEDIUM | N/A |
| Directory traversal vulnerability in the IMAP service of Rockliffe MailSite before 6.1.22.1 allows remote authenticated users to rename the folders of other users via a .. (dot dot) in the RENAME command. | |||||
| CVE-2006-1830 | 1 Sun | 1 Java Studio Enterprise | 2025-04-03 | 3.7 LOW | N/A |
| Sun Java Studio Enterprise 8, when installed as root, creates certain files with world-writable permissions, which allows local users to execute arbitrary commands via unspecified vectors. | |||||
| CVE-2004-0110 | 2 Sgi, Xmlsoft | 3 Propack, Libxml, Libxml2 | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the (1) nanohttp or (2) nanoftp modules in XMLSoft Libxml 2 (Libxml2) 2.6.0 through 2.6.5 allow remote attackers to execute arbitrary code via a long URL. | |||||
| CVE-2002-0658 | 1 Ossp | 1 Mm | 2025-04-03 | 6.2 MEDIUM | N/A |
| OSSP mm library (libmm) before 1.2.0 allows the local Apache user to gain privileges via temporary files, possibly via a symbolic link attack. | |||||
| CVE-2006-2921 | 1 Cmpro Team | 1 Clan Manager Pro | 2025-04-03 | 5.1 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in cmpro_header.inc.php in Clan Manager Pro (CMPRO) 1.1 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the (1) cm_ext_server and (2) sitepath parameters. | |||||
| CVE-2004-2170 | 1 Niti Telecom | 1 Caravan Business Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in sample_showcode.html in Caravan 2.00/03d and earlier allows remote attackers to read arbitrary files via the fname parameter. | |||||
| CVE-2006-2895 | 1 Mediawiki | 1 Mediawiki | 2025-04-03 | 2.6 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in MediaWiki 1.6.0 up to versions before 1.6.7 allows remote attackers to inject arbitrary HTML and web script via the edit form. | |||||
| CVE-2004-0117 | 1 Microsoft | 6 Netmeeting, Windows 2000, Windows 2003 Server and 3 more | 2025-04-03 | 7.5 HIGH | N/A |
| Unknown vulnerability in the H.323 protocol implementation in Windows 98, Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code. | |||||
| CVE-2005-0306 | 1 Mercuryboard | 1 Mercuryboard | 2025-04-03 | 5.0 MEDIUM | N/A |
| MercuryBoard 1.1.1 allows remote attackers to gain sensitive information via an HTTP request with the n parameter set to 0, which causes a divide-by-zero error and reveals the path in the resulting error message. | |||||
| CVE-1999-0705 | 2 Isc, Redhat | 2 Inn, Linux | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in INN inews program. | |||||
| CVE-2004-2615 | 1 Cutephp | 1 Cutenews | 2025-04-03 | 4.6 MEDIUM | N/A |
| The documentation for CuteNews 1.3.6 and possibly other versions specifies that files under cutenews/data must be manually given world-writable permissions, which allows local users to insert false news, delete news, and possibly gain privileges or have other unknown impact. | |||||
| CVE-2006-2073 | 1 Isc | 1 Bind | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in ISC BIND allows remote attackers to cause a denial of service via a crafted DNS message with a "broken" TSIG, as demonstrated by the OUSPG PROTOS DNS test suite. | |||||