Total
29801 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-1256 | 1 Ipswitch | 3 Imail, Imail Server, Ipswitch Collaboration Suite | 2025-04-03 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in the IMAP daemon (IMAPD32.EXE) in IMail 8.13 in Ipswitch Collaboration Suite (ICS), and other versions before IMail Server 8.2 Hotfix 2, allows remote authenticated users to execute arbitrary code via a STATUS command with a long mailbox name. | |||||
| CVE-2002-0455 | 1 Incredimail | 1 Incredimail | 2025-04-03 | 5.0 MEDIUM | N/A |
| IncrediMail stores attachments in a directory with a fixed name, which could make it easier for attackers to exploit vulnerabilities in other software that rely on installing and reading files from directories with known pathnames. | |||||
| CVE-1999-0231 | 1 Seattle Lab Software | 1 Slmail | 2025-04-03 | 5.0 MEDIUM | N/A |
| Buffer overflow in IP-Switch IMail and Seattle Labs Slmail 2.6 packages using a long VRFY command, causing a denial of service and possibly remote access. | |||||
| CVE-2004-0475 | 1 Microsoft | 1 Ie | 2025-04-03 | 5.1 MEDIUM | N/A |
| The showHelp function in Internet Explorer 6 on Windows XP Pro allows remote attackers to execute arbitrary local .CHM files via a double backward slash ("\\") before the target CHM file, as demonstrated using an "ms-its" URL to ntshared.chm. NOTE: this bug may overlap CVE-2003-1041. | |||||
| CVE-1999-1332 | 1 Redhat | 1 Linux | 2025-04-03 | 2.1 LOW | N/A |
| gzexe in the gzip package on Red Hat Linux 5.0 and earlier allows local users to overwrite files of other users via a symlink attack on a temporary file. | |||||
| CVE-2000-0486 | 1 Cisco | 2 Ios, Tacacs\+ | 2025-04-03 | 5.0 MEDIUM | N/A |
| Buffer overflow in Cisco TACACS+ tac_plus server allows remote attackers to cause a denial of service via a malformed packet with a long length field. | |||||
| CVE-2006-0421 | 1 Bea | 1 Weblogic Server | 2025-04-03 | 4.6 MEDIUM | N/A |
| By design, BEA WebLogic Server and WebLogic Express 7.0 and 6.1, when creating multiple domains from the same WebLogic instance on the same machine, allows administrators of any created domain to access other created domains, which could allow administrators to gain privileges that were not intended. | |||||
| CVE-2006-4787 | 1 Alphamail | 1 Alphamail | 2025-04-03 | 2.1 LOW | N/A |
| AlphaMail before 1.0.16 allows local users to obtain sensitive information via the logging functionality, which displays unencrypted passwords in an error message. NOTE: some details are obtained from third party information. | |||||
| CVE-2004-0426 | 1 Andrew Tridgell | 1 Rsync | 2025-04-03 | 5.0 MEDIUM | N/A |
| rsync before 2.6.1 does not properly sanitize paths when running a read/write daemon without using chroot, which allows remote attackers to write files outside of the module's path. | |||||
| CVE-1999-0254 | 1 Sun | 1 Solaris | 2025-04-03 | 10.0 HIGH | N/A |
| A hidden SNMP community string in HP OpenView allows remote attackers to modify MIB tables and obtain sensitive information. | |||||
| CVE-2005-0826 | 1 Ollydbg | 1 Ollydbg | 2025-04-03 | 5.0 MEDIUM | N/A |
| OllyDbg 1.10 and earlier allows remote attackers to cause a denial of service (application crash) via a dynamic link library (DLL) with a long filename. | |||||
| CVE-2001-0292 | 1 Francisco Burzi | 1 Php-nuke | 2025-04-03 | 7.5 HIGH | N/A |
| PHP-Nuke 4.4.1a allows remote attackers to modify a user's email address and obtain the password by guessing the user id (UID) and calling user.php with the saveuser operator. | |||||
| CVE-2006-0493 | 1 Thomas Rybak | 1 Mg2 | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in MG2 (formerly known as Minigal) 0.5.1 allows remote attackers to inject arbitrary web script or HTML via the Name field in a comment associated with a picture. | |||||
| CVE-2006-4495 | 1 Microsoft | 2 Ie, Windows 2003 Server | 2025-04-03 | 7.5 HIGH | N/A |
| Microsoft Internet Explorer allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code by instantiating certain Windows 2000 ActiveX COM Objects including (1) ciodm.dll, (2) myinfo.dll, (3) msdxm.ocx, and (4) creator.dll. | |||||
| CVE-2004-1785 | 1 Invision Power Services | 1 Invision Board | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in calendar.php for Invision Power Board 1.3 allows remote attackers to execute arbitrary SQL commands via the m parameter, which sets the $this->chosen_month variable. | |||||
| CVE-2002-2158 | 1 Zendocs | 1 Zentrack | 2025-04-03 | 5.0 MEDIUM | N/A |
| zenTrack 2.0.3 and earlier allows remote attackers to obtain the full path to the web root via an invalid ticket ID, which leaks the path in an error message. | |||||
| CVE-2001-0331 | 1 Sgi | 1 Irix | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in Embedded Support Partner (ESP) daemon (rpc.espd) in IRIX 6.5.8 and earlier allows remote attackers to execute arbitrary commands. | |||||
| CVE-2001-0526 | 1 Sun | 1 Solaris | 2025-04-03 | 4.6 MEDIUM | N/A |
| Buffer overflow in the Xview library as used by mailtool in Solaris 8 and earlier allows a local attacker to gain privileges via the OPENWINHOME environment variable. | |||||
| CVE-2005-3557 | 1 Tincan | 1 Phplist | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in admin/defaults.php in PHPlist 2.10.1 and earlier allows remote attackers to access arbitrary files via a .. (dot dot) in the selected%5B%5D parameter in an HTTP POST request. | |||||
| CVE-2002-1726 | 1 Brokenbytes | 1 Photodb | 2025-04-03 | 7.5 HIGH | N/A |
| secure_inc.php in PhotoDB 1.4 allows remote attackers to bypass authentication via a URL with a large Time parameter, non-empty rmtusername and rmtpassword parameter, and an accesslevel parameter that is lower than the access level of the requested page. | |||||