Total
29562 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0500 | 1 Bea | 1 Weblogic Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| The default configuration of BEA WebLogic 5.1.0 allows a remote attacker to view source code of programs by requesting a URL beginning with /file/, which causes the default servlet to display the file without further processing. | |||||
| CVE-2004-0096 | 1 Apache | 1 Mod Python | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in mod_python 2.7.9 allows remote attackers to cause a denial of service (httpd crash) via a certain query string, a variant of CAN-2003-0973. | |||||
| CVE-2005-1262 | 1 Rob Flynn | 1 Gaim | 2025-04-03 | 5.0 MEDIUM | N/A |
| Gaim 1.2.1 and earlier allows remote attackers to cause a denial of service (application crash) via a malformed MSN message. | |||||
| CVE-1999-0736 | 1 Microsoft | 1 Internet Information Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| The showcode.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files. | |||||
| CVE-2004-0460 | 5 Infoblox, Isc, Mandrakesoft and 2 more | 11 Dns One Appliance, Dhcpd, Mandrake Linux and 8 more | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in the logging capability for the DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13 allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via multiple hostname options in (1) DISCOVER, (2) OFFER, (3) REQUEST, (4) ACK, or (5) NAK messages, which can generate a long string when writing to a log file. | |||||
| CVE-2006-1562 | 1 Vscripts | 1 Vbook | 2025-04-03 | 6.8 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index.php in vscripts (aka Kuba Kunkiewicz) [V]Book (aka VBook) 2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) autor, (2) www, (3) temat, and (4) tresc parameters. | |||||
| CVE-2006-0817 | 3 Deerfield, Icewarp, Merak | 3 Visnetic Mail Server, Web Mail, Mail Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Absolute path directory traversal vulnerability in (a) MERAK Mail Server for Windows 8.3.8r with before IceWarp Web Mail 5.6.1 and (b) VisNetic MailServer before 8.5.0.5 allows remote attackers to include arbitrary files via a full Windows path and drive letter in the (1) language parameter in accounts/inc/include.php and (2) lang_settings parameter in admin/inc/include.php, which is not properly sanitized by the securepath function, a related issue to CVE-2005-4556. | |||||
| CVE-2006-0320 | 1 Bit 5 Blog | 1 Bit 5 Blog | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin/processlogin.php in Bit 5 Blog 8.01 allows remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) username and (2) password parameter. | |||||
| CVE-2006-2563 | 1 Php | 1 Php | 2025-04-03 | 2.1 LOW | N/A |
| The cURL library (libcurl) in PHP 4.4.2 and 5.1.4 allows attackers to bypass safe mode and read files via a file:// request containing null characters. | |||||
| CVE-2001-0747 | 1 Iplanet | 1 Iplanet Web Server | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in iPlanet Web Server (iWS) Enterprise Edition 4.1, service packs 3 through 7, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long method name in an HTTP request. | |||||
| CVE-2001-0432 | 1 Trend Micro | 1 Interscan Viruswall | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflows in various CGI programs in the remote administration service for Trend Micro Interscan VirusWall 3.01 allow remote attackers to execute arbitrary commands. | |||||
| CVE-2004-1310 | 1 Mplayer | 1 Mplayer | 2025-04-03 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in the asf_mmst_streaming.c functionality for MPlayer 1.0pre5 allows remote attackers to execute arbitrary code via a large MMST stream packet. | |||||
| CVE-2004-1152 | 1 Adobe | 1 Acrobat Reader | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in the mailListIsPdf function in Adobe Acrobat Reader 5.09 for Unix allows remote attackers to execute arbitrary code via an e-mail message with a crafted PDF attachment. | |||||
| CVE-2004-2633 | 1 Arjohn Kampman | 1 Sesame Rdf Container | 2025-04-03 | 5.1 MEDIUM | N/A |
| Unspecified vulnerability in Sesamie 1.0 allows remote anonymous attackers to gain access to repositories of other users via unknown vectors. | |||||
| CVE-2004-1981 | 1 Businessobjects | 2 Crystal Enterprise, Crystal Reports | 2025-04-03 | 5.0 MEDIUM | N/A |
| The web interface for Crystal Reports allows remote attackers to cause a denial of service (disk exhaustion) by repeatedly requesting reports without retrieving the associated image files, which are not cleared from the image file folder. | |||||
| CVE-2001-0284 | 1 Openbsd | 1 Openbsd | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in IPSEC authentication mechanism for OpenBSD 2.8 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a malformed Authentication header (AH) IPv4 option. | |||||
| CVE-2006-3027 | 1 Enthrallweb | 1 Ephotos | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Enthrallwebe ePhotos 2.2 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) CAT_ID parameter in (a) subphotos.asp and (b) subLevel2.asp, the (2) AL_ID parameter in (c) photo.asp, and the (3) SUB_ID parameter in (d) subLevel2.asp. | |||||
| CVE-2006-2214 | 1 4images | 1 Image Gallery Management System | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in 4images 1.7.1 and earlier allow remote attackers to execute arbitrary SQL commands via the sessionid parameter in (1) top.php and (2) member.php. NOTE: this issue has also been reported to affect 1.7.2. | |||||
| CVE-2005-1584 | 1 Open Solution | 1 Quick.forum | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php for Quick.Forum 2.1.6 allows remote attackers to inject arbitrary web script or HTML via the topic field in a NewTopic action. | |||||
| CVE-2006-2549 | 1 Pdf Tools Ag | 1 Pdf Form Filling And Flattening Tool | 2025-04-03 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in PDF Form Filling and Flattening Tool before 3.1.0.12 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via long field names. | |||||