Total
29802 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-2691 | 1 Amule | 1 Amule | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unspecified "information leakage" vulnerabilities in aMuleWeb for AMule before 2.1.2 allow remote attackers to access arbitrary images, including dynamically generated images, via unknown vectors. | |||||
| CVE-2006-0563 | 1 Pluggedout | 1 Pluggedout Blog | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in exec.php in PluggedOut Blog 1.9.9c allows remote attackers to execute arbitrary SQL commands via the entryid parameter in a comment_add action. | |||||
| CVE-2002-1132 | 1 Squirrelmail | 1 Squirrelmail | 2025-04-03 | 5.0 MEDIUM | N/A |
| SquirrelMail 1.2.7 and earlier allows remote attackers to determine the absolute pathname of the options.php script via a malformed optpage file argument, which generates an error message when the file cannot be included in the script. | |||||
| CVE-2000-1224 | 1 Caucho Technology | 1 Resin | 2025-04-03 | 5.0 MEDIUM | N/A |
| Caucho Technology Resin 1.2 and possibly earlier allows remote attackers to view JSP source via an HTTP request to a .jsp file with certain characters appended to the file name, such as (1) "..", (2) "%2e..", (3) "%81", (4) "%82", and others. | |||||
| CVE-2006-1298 | 1 Symantec Veritas | 1 Backup Exec | 2025-04-03 | 4.6 MEDIUM | N/A |
| Format string vulnerability in the Job Engine service (bengine.exe) in the Media Server in Veritas Backup Exec 10d (10.1) for Windows Servers rev. 5629, Backup Exec 10.0 for Windows Servers rev. 5520, Backup Exec 10.0 for Windows Servers rev. 5484, and Backup Exec 9.1 for Windows Servers rev. 4691, when the job log mode is Full Detailed (aka Full Details), allows remote authenticated users to cause a denial of service and possibly execute arbitrary code via a crafted filename on a machine that is backed up by Backup Exec. | |||||
| CVE-2005-3400 | 1 Fortinet | 1 Fortinet | 2025-04-03 | 5.0 MEDIUM | N/A |
| Multiple interpretation error in Fortinet 2.48.0.0 allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a dangerous file type by applications on the end system, as demonstrated by a "triple headed" program that contains EXE, EML, and HTML content, aka the "magic byte bug." | |||||
| CVE-2004-1104 | 1 Microsoft | 1 Ie | 2025-04-03 | 7.5 HIGH | N/A |
| Microsoft Internet Explorer 6.0 SP2 allows remote attackers to spoof a legitimate URL in the status bar and conduct a phishing attack via a web page that contains a BASE element that points to the legitimate site, followed by an anchor (a) element with an empty "href" attribute, and a FORM whose action points to a malicious URL, and an INPUT submit element that is modified to look like a legitimate URL. | |||||
| CVE-2004-0949 | 5 Linux, Redhat, Suse and 2 more | 8 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop and 5 more | 2025-04-03 | 6.4 MEDIUM | N/A |
| The smb_recv_trans2 function call in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 does not properly handle the re-assembly of fragmented packets correctly, which could allow remote samba servers to (1) read arbitrary kernel information or (2) raise a counter value to an arbitrary number by sending the first part of the fragmented packet multiple times. | |||||
| CVE-2000-0550 | 2 Cygnus, Mit | 4 Cygnus Network Security, Kerbnet, Kerberos and 1 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| Kerberos 4 KDC program improperly frees memory twice (aka "double-free"), which allows remote attackers to cause a denial of service. | |||||
| CVE-2005-0402 | 1 Mozilla | 1 Firefox | 2025-04-03 | 2.6 LOW | N/A |
| Firefox before 1.0.2 allows remote attackers to execute arbitrary code by tricking a user into saving a page as a Firefox sidebar panel, then using the sidebar panel to inject Javascript into a privileged page. | |||||
| CVE-2005-4437 | 1 Extended Interior Gateway Routing Protocol | 1 Extended Interior Gateway Routing Protocol | 2025-04-03 | 7.5 HIGH | N/A |
| MD5 Neighbor Authentication in Extended Interior Gateway Routing Protocol (EIGRP) 1.2, as implemented in Cisco IOS 11.3 and later, does not include the Message Authentication Code (MAC) in the checksum, which allows remote attackers to sniff message hashes and (1) replay EIGRP HELLO messages or (2) cause a denial of service by sending a large number of spoofed EIGRP neighbor announcements, which results in an ARP storm on the local network. | |||||
| CVE-2004-0557 | 4 Conectiva, Gentoo, Redhat and 1 more | 6 Linux, Linux, Enterprise Linux and 3 more | 2025-04-03 | 10.0 HIGH | N/A |
| Multiple buffer overflows in the st_wavstartread function in wav.c for Sound eXchange (SoX) 12.17.2 through 12.17.4 allow remote attackers to execute arbitrary code via certain WAV file header fields. | |||||
| CVE-1999-0750 | 1 Microsoft | 1 Hotmail | 2025-04-03 | 5.1 MEDIUM | N/A |
| Hotmail allows Javascript to be executed via the HTML STYLE tag, allowing remote attackers to execute commands on the user's Hotmail account. | |||||
| CVE-2001-0052 | 1 Ibm | 1 Db2 Universal Database | 2025-04-03 | 2.1 LOW | N/A |
| IBM DB2 Universal Database version 6.1 allows users to cause a denial of service via a malformed query. | |||||
| CVE-2001-0838 | 1 Network Solutions | 1 Rwhoisd | 2025-04-03 | 7.5 HIGH | N/A |
| Format string vulnerability in Network Solutions Rwhoisd 1.5.x allows remote attackers to execute arbitrary code via format string specifiers in the -soa command. | |||||
| CVE-2000-0878 | 1 Ranson Johnson | 1 Mailto Cgi Script | 2025-04-03 | 7.5 HIGH | N/A |
| The mailto CGI script allows remote attacker to execute arbitrary commands via shell metacharacters in the emailadd form field. | |||||
| CVE-1999-0296 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 7.2 HIGH | N/A |
| Solaris volrmmount program allows attackers to read any file. | |||||
| CVE-2005-0388 | 1 Remstats | 1 Remstats | 2025-04-03 | 7.5 HIGH | N/A |
| Unknown vulnerability in the remoteping service in remstats 1.0.13 and earlier allows remote attackers to execute arbitrary commands "due to missing input sanitising." | |||||
| CVE-2005-2651 | 1 Phpoutsourcing | 1 Zorum | 2025-04-03 | 7.5 HIGH | N/A |
| gorum/prod.php in Zorum 3.5 allows remote attackers to execute arbitrary code via shell metacharacters in the argv parameter. | |||||
| CVE-2006-4966 | 1 Chumpsoft | 1 Phpquestionnaire | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in inc/ifunctions.php in chumpsoft phpQuestionnaire (phpQ) 3.12 allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[phpQRootDir] parameter. | |||||