Total
29561 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-1921 | 1 Php Net Tools | 1 Php Net Tools | 2025-04-03 | 6.4 MEDIUM | N/A |
| nettools.php in PHP Net Tools 2.7.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the host parameter. | |||||
| CVE-2006-3287 | 1 Cisco | 1 Wireless Control System | 2025-04-03 | 7.5 HIGH | N/A |
| Cisco Wireless Control System (WCS) for Linux and Windows 4.0(1) and earlier uses a default administrator username "root" and password "public," which allows remote attackers to gain access (aka bug CSCse21391). | |||||
| CVE-2006-4665 | 1 Mkportal | 1 Mkportal | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in MKPortal M1.1 Rc1 allows remote attackers to inject arbitrary web script or HTML via the ind parameter, possibly related to the PHP_SELF variable. NOTE: Some details are obtained from third party information. | |||||
| CVE-2006-1344 | 1 Verisign | 1 Mpki | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in VeriSign haydn.exe, as used in Managed PKI (MPKI) 6.0, allows remote attackers to inject arbitrary web script or HTML via a javascript URI in the VHTML_FILE parameter. | |||||
| CVE-1999-1285 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 2.1 LOW | N/A |
| Linux 2.1.132 and earlier allows local users to cause a denial of service (resource exhaustion) by reading a large buffer from a random device (e.g. /dev/urandom), which cannot be interrupted until the read has completed. | |||||
| CVE-2001-0513 | 1 Oracle | 1 Oracle9i | 2025-04-03 | 5.0 MEDIUM | N/A |
| Oracle listener process on Windows NT redirects connection requests to another port and creates a separate thread to process the request, which allows remote attackers to cause a denial of service by repeatedly connecting to the Oracle listener but not connecting to the redirected port. | |||||
| CVE-2000-0584 | 2 Debian, Freebsd | 2 Debian Linux, Freebsd | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in Canna input system allows remote attackers to execute arbitrary commands via an SR_INIT command with a long user name or group name. | |||||
| CVE-2004-0205 | 2 Avaya, Microsoft | 5 Definity One Media Server, Ip600 Media Servers, Modular Messaging Message Storage Server and 2 more | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in Microsoft Internet Information Server (IIS) 4.0 allows local users to execute arbitrary code via the redirect function. | |||||
| CVE-2004-0849 | 1 Gnu | 1 Radius | 2025-04-03 | 5.0 MEDIUM | N/A |
| Integer overflow in the asn_decode_string() function defined in asn1.c in radiusd for GNU Radius 1.1 and 1.2 before 1.2.94, when compiled with the --enable-snmp option, allows remote attackers to cause a denial of service (daemon crash) via certain SNMP requests. | |||||
| CVE-2006-2345 | 1 Roostercode Ajax Softwares | 1 Alipager | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in inc/elementz.php in AliPAGER 1.5 allows remote attackers to inject arbitrary web script or HTML via the ubild parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information. NOTE: this issue might be resultant from SQL injection. | |||||
| CVE-2006-0868 | 1 Pear | 1 Xml Rpc | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple unspecified injection vulnerabilities in unspecified Auth Container back ends for PEAR::Auth before 1.2.4, and 1.3.x before 1.3.0r4, allow remote attackers to "falsify authentication credentials," related to the "underlying storage containers." | |||||
| CVE-2000-0413 | 1 Microsoft | 3 Frontpage, Internet Information Server, Internet Information Services | 2025-04-03 | 5.0 MEDIUM | N/A |
| The shtml.exe program in the FrontPage extensions package of IIS 4.0 and 5.0 allows remote attackers to determine the physical path of HTML, HTM, ASP, and SHTML files by requesting a file that does not exist, which generates an error message that reveals the path. | |||||
| CVE-2003-1214 | 1 Visualshapers | 1 Ezcontents | 2025-04-03 | 7.5 HIGH | N/A |
| Unknown vulnerability in the server login for VisualShapers ezContents 2.02 and earlier allows remote attackers to bypass access restrictions and gain access to restricted functions. | |||||
| CVE-2003-0196 | 5 Compaq, Hp, Samba and 2 more | 7 Tru64, Cifs-9000 Server, Hp-ux and 4 more | 2025-04-03 | 10.0 HIGH | N/A |
| Multiple buffer overflows in Samba before 2.2.8a may allow remote attackers to execute arbitrary code or cause a denial of service, as discovered by the Samba team and a different vulnerability than CVE-2003-0201. | |||||
| CVE-2005-1985 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2025-04-03 | 7.5 HIGH | N/A |
| The Client Service for NetWare (CSNW) on Microsoft Windows 2000 SP4, XP SP1 and Sp2, and Server 2003 SP1 and earlier, allows remote attackers to execute arbitrary code due to an "unchecked buffer" when processing certain crafted network messages. | |||||
| CVE-2006-1150 | 1 Teg | 1 Tenes Empanadas Graciela | 2025-04-03 | 7.8 HIGH | N/A |
| Buffer overflow in Tenes Empanadas Graciela (TEG) 0.11.1, automatically appends an _ (underscore) to the end of duplicate nicknames, which allows remote attackers to cause a denial of service (application crash) by creating multiple users with long, identical nicknames, which triggers an off-by-one error. | |||||
| CVE-2001-0087 | 1 Michael Glickman | 1 Itetris | 2025-04-03 | 7.2 HIGH | N/A |
| itetris/xitetris 1.6.2 and earlier trusts the PATH environmental variable to find and execute the gunzip program, which allows local users to gain root privileges by changing their PATH so that it points to a malicious gunzip program. | |||||
| CVE-2006-0377 | 1 Squirrelmail | 1 Squirrelmail | 2025-04-03 | 5.0 MEDIUM | N/A |
| CRLF injection vulnerability in SquirrelMail 1.4.0 to 1.4.5 allows remote attackers to inject arbitrary IMAP commands via newline characters in the mailbox parameter of the sqimap_mailbox_select command, aka "IMAP injection." | |||||
| CVE-2005-0691 | 1 Socialmpn | 1 Socialmpn | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in article mode for modules.php in SocialMPN allows remote attackers to execute arbitrary PHP code by modifying the name parameter to reference a URL on a remote web server that contains the code. | |||||
| CVE-2006-0823 | 1 Geeklog | 1 Geeklog | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Geeklog 1.4.0 before 1.4.0sr1 and 1.3.11 before 1.3.11sr4 allow remote attackers to inject arbitrary SQL commands via the (1) userid variable to users.php or (2) sessid variable to lib-sessions.php. | |||||