Total
29802 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-2319 | 1 Ibm | 2 Informix Dynamic Server, Informix Extended Parallel Server | 2025-04-03 | 3.6 LOW | N/A |
| IBM Informix Dynamic Server (IDS) before 9.40.xC3 allows local users to (1) create or overwrite files via the /001 log file to onedcu or (2) read arbitrary files via a symlink attack on a file in /tmp to onshowaudit. | |||||
| CVE-2006-0539 | 1 Thibault Godouet | 1 Fcron | 2025-04-03 | 4.6 MEDIUM | N/A |
| The convert-fcrontab program in fcron 3.0.0 might allow local users to gain privileges via a long command-line argument, which causes Linux glibc to report heap memory corruption, possibly because a strcpy in the strdup2 function can "overwrite some data." | |||||
| CVE-2004-2048 | 1 Esesix | 7 Thintune Extreme, Thintune L, Thintune M and 4 more | 2025-04-03 | 10.0 HIGH | N/A |
| radmin in eSeSIX Thintune thin clients running firmware 2.4.38 and earlier starts a process port 25072 that can be accessed with a default "jstwo" password, which allows remote attackers to gain access. | |||||
| CVE-2005-2101 | 1 Kde | 1 Kde | 2025-04-03 | 5.0 MEDIUM | N/A |
| langen2kvtml in KDE 3.0 to 3.4.2 creates insecure temporary files in /tmp with predictable names, which allows local users to overwrite arbitrary files. | |||||
| CVE-2006-3151 | 1 Associated | 1 Associated Cms | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in AssoCIateD (aka ACID) 1.2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the menu parameter. | |||||
| CVE-2000-0505 | 2 Apache, Ibm | 2 Http Server, Http Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| The Apache 1.3.x HTTP server for Windows platforms allows remote attackers to list directory contents by requesting a URL containing a large number of / characters. | |||||
| CVE-2004-0720 | 1 Apple | 1 Safari | 2025-04-03 | 7.5 HIGH | N/A |
| Safari 1.2.2 does not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability. | |||||
| CVE-2005-4661 | 1 Campware.org | 1 Campsite | 2025-04-03 | 5.0 MEDIUM | N/A |
| The notifyendsubs cron job in Campsite before 2.3.3 sends an e-mail message containing a certain unencrypted MySQL password, which allows remote attackers to sniff the password. | |||||
| CVE-2005-2877 | 1 Twiki | 1 Twiki | 2025-04-03 | 7.5 HIGH | N/A |
| The history (revision control) function in TWiki 02-Sep-2004 and earlier allows remote attackers to execute arbitrary code via shell metacharacters, as demonstrated via the rev parameter to TWikiUsers. | |||||
| CVE-2000-0057 | 1 Allaire | 1 Coldfusion Server | 2025-04-03 | 7.5 HIGH | N/A |
| Cold Fusion CFCACHE tag places temporary cache files within the web document root, allowing remote attackers to obtain sensitive system information. | |||||
| CVE-2005-0925 | 1 Uapplication | 1 Ublog Reload | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in login.asp for Ublog Reload 1.0 through 1.0.4 allows remote attackers to inject arbitrary web script or HTML via the msg parameter. | |||||
| CVE-2005-1859 | 1 Sgi | 1 Propack | 2025-04-03 | 7.2 HIGH | N/A |
| Unknown vulnerability in arshell in the Array Service (arrayd) for SGI ProPack 3 with SP 5 and 6, and SGI ProPack 4, allows local users to execute arbitrary shells as root on other hosts in the cluster or array. | |||||
| CVE-2001-0956 | 1 Speechio | 1 Speechd | 2025-04-03 | 7.2 HIGH | N/A |
| speechd 0.54 and earlier, with the Festival or rsynth speech synthesis package, allows attackers to execute arbitrary commands via shell metacharacters. | |||||
| CVE-2006-0903 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2025-04-03 | 4.6 MEDIUM | N/A |
| MySQL 5.0.18 and earlier allows local users to bypass logging mechanisms via SQL queries that contain the NULL character, which are not properly handled by the mysql_real_query function. NOTE: this issue was originally reported for the mysql_query function, but the vendor states that since mysql_query expects a null character, this is not an issue for mysql_query. | |||||
| CVE-2002-0256 | 1 Arescom | 1 Netdsl | 2025-04-03 | 5.0 MEDIUM | N/A |
| The telnet port in Arescom NetDSL 1000 router allows remote attackers to cause a denial of service via a series of connections with long strings, which causes a large number of login failures and causes the telnet service to stop. | |||||
| CVE-2006-2768 | 1 Ipw Systems | 1 Metajour | 2025-04-03 | 5.1 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in METAjour 2.1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via the (1) system_path parameter in a large number of files in the (a) app/edocument/, (b) app/eproject/, (c) app/erek/, and (d) extension/ directories, and the (2) GLOBALS[system_path] parameter in (e) extension/sitemap/sitemap.datatype.php. | |||||
| CVE-2005-1440 | 1 Codetosell | 1 Viart Shop Enterprise | 2025-04-03 | 6.8 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in ViArt Shop Enterprise 2.1.6 allow remote attackers to inject arbitrary web script or HTML via (1) various parameters to basket.php, (2) the nickname, email, topic, and message fields in forum.php, as demonstrated using forum_new_thread.php and forum_thread.php, (3) the page parameter to page.php, (4) category_id and item_id parameters to reviews.php, (5) the category_id parameter to product_details.php, (6) the category_id or search_string parameters to products.php, or (7) the rp or page parameters to news_view.php. | |||||
| CVE-2000-0232 | 1 Microsoft | 3 Terminal Server, Windows 2000, Windows Nt | 2025-04-03 | 2.1 LOW | N/A |
| Microsoft TCP/IP Printing Services, aka Print Services for Unix, allows an attacker to cause a denial of service via a malformed TCP/IP print request. | |||||
| CVE-2004-0288 | 1 Mnogosearch | 1 Mnogosearch | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in the UdmDocToTextBuf function in mnoGoSearch 3.2.13 through 3.2.15 could allow remote attackers to execute arbitrary code by indexing a large document. | |||||
| CVE-2003-0632 | 1 Oracle | 2 Applications, E-business Suite | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the Oracle Applications Web Report Review (FNDWRR) CGI program (FNDWRR.exe) of Oracle E-Business Suite 11.0 and 11.5.1 through 11.5.8 may allow remote attackers to execute arbitrary code via a long URL. | |||||