Total
29804 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-2406 | 1 Phpgroupware | 1 Phpgroupware | 2025-04-03 | 10.0 HIGH | N/A |
| Unknown "overflow" in the phpgw_config table for phpGroupWare before 0.9.14.002 has unknown attack vectors and impact. | |||||
| CVE-2006-1147 | 1 Cor Entertainment | 1 Alien Arena 2006 | 2025-04-03 | 4.0 MEDIUM | N/A |
| The Com_sprintf function in q_shared.c in Alien Arena 2006 Gold Edition 5.00 does not properly NULL terminate certain long strings, which allows remote attackers (possibly authenticated) to cause a denial of service (application crash) via a long skin, weapon, or model name. | |||||
| CVE-2006-0401 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | 4.6 MEDIUM | N/A |
| Unspecified vulnerability in Mac OS X before 10.4.6, when running on an Intel-based computer, allows attackers with physical access to bypass the firmware password and log on in Single User Mode via unspecified vectors. | |||||
| CVE-2000-0592 | 1 Sapporoworks | 1 Sapporoworks Winproxy | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflows in POP3 service in WinProxy 2.0 and 2.0.1 allow remote attackers to execute arbitrary commands via long USER, PASS, LIST, RETR, or DELE commands. | |||||
| CVE-2003-0651 | 1 Mod Mylo | 1 Mod Mylo | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the mylo_log logging function for mod_mylo 0.2.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request. | |||||
| CVE-2006-1707 | 1 Kansok Communications | 1 Shopweezle | 2025-04-03 | 5.0 MEDIUM | N/A |
| index.php in Shopweezle 2.0 allows remote attackers to include arbitrary local files via the url parameter. | |||||
| CVE-2004-1501 | 1 Software602 | 1 602lan Suite | 2025-04-03 | 5.0 MEDIUM | N/A |
| The webmail service in 602 Lan Suite 2004.0.04.0909 and earlier allows remote attackers to cause a denial of service (CPU and memory consumption) by sending a POST request with a large Content-Length value, then disconnecting without sending that amount of data. | |||||
| CVE-2001-0583 | 1 Alt-n | 1 Mdaemon | 2025-04-03 | 5.0 MEDIUM | N/A |
| Alt-N Technologies MDaemon 3.5.4 allows a remote attacker to create a denial of service via the URL request of a MS-DOS device (such as GET /aux) to (1) the Worldclient service at port 3000, or (2) the Webconfig service at port 3001. | |||||
| CVE-2006-0831 | 1 Tasarim Rehberi | 1 Tasarim Rehberi | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file include vulnerability in index.php in Tasarim Rehberi allows remote attackers to execute arbitrary PHP code via a URL in the (1) sayfaadi or (2) sayfa parameter. NOTE: this might be a site-specific issue. If so, it should not be included in CVE. | |||||
| CVE-2006-2673 | 1 E-board | 1 Elite-board | 2025-04-03 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in search.html in Bulletin Board Elite-Board (E-Board) 1.1 allows remote attackers to inject arbitrary web script or HTML via the search box. | |||||
| CVE-2006-2400 | 1 Outgun | 1 Outgun | 2025-04-03 | 7.8 HIGH | N/A |
| The leetnet functions (leetnet/rudp.cpp) in Outgun 1.0.3 bot 2 and earlier allow remote attackers to cause a denial of service (game interruption) via large packets, which cause an exception to be thrown. | |||||
| CVE-2004-0852 | 1 Htget | 1 Htget | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in htget 0.93 allows remote attackers to execute arbitrary code via a crafted URL. | |||||
| CVE-2005-0108 | 1 Apache | 1 Mod Auth Radius | 2025-04-03 | 5.0 MEDIUM | N/A |
| Apache mod_auth_radius 1.5.4 and libpam-radius-auth allow remote malicious RADIUS servers to cause a denial of service (crash) via a RADIUS_REPLY_MESSAGE with a RADIUS attribute length of 1, which leads to a memcpy operation with a -1 length argument. | |||||
| CVE-2002-0475 | 1 Phpbb Group | 1 Phpbb | 2025-04-03 | 5.1 MEDIUM | N/A |
| Cross-site scripting vulnerability in phpBB 1.4.4 and earlier allows remote attackers to execute arbitrary Javascript on web clients by embedding the script within an IMG image tag while editing a message. | |||||
| CVE-2006-1891 | 1 Betaboard | 1 Betaboard | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Martin Scheffler betaboard 0.1 allows remote attackers to inject arbitrary web script or HTML via a user's profile, possibly using the FormVal_profile parameter. NOTE: it is not clear whether this is a distributable product or a site-specific vulnerability. If it is site-specific, then it should not be included in CVE. | |||||
| CVE-2002-0926 | 1 Wolfram Research | 1 Webmathematica | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Wolfram Research webMathematica 1.0.0 and 1.0.0.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the MSPStoreID parameter. | |||||
| CVE-2006-4209 | 1 Webinsta | 1 Mailing List Manager | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in install3.php in WEBInsta Mailing List Manager 1.3e allows remote attackers to execute arbitrary PHP code via a URL in the cabsolute_path parameter. | |||||
| CVE-2005-0812 | 1 Notify Technology | 1 Notifylink | 2025-04-03 | 5.0 MEDIUM | N/A |
| The web interface in NotifyLink 3.0 displays passwords in cleartext on the administrative page, which could allow remote attackers or local users to obtain sensitive information. | |||||
| CVE-2004-1071 | 5 Linux, Redhat, Suse and 2 more | 8 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop and 5 more | 2025-04-03 | 7.2 HIGH | N/A |
| The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly handle a failed call to the mmap function, which causes an incorrect mapped image and may allow local users to execute arbitrary code. | |||||
| CVE-2005-3895 | 1 Otrs | 1 Otrs | 2025-04-03 | 5.8 MEDIUM | N/A |
| Open Ticket Request System (OTRS) 1.0.0 through 1.3.2 and 2.0.0 through 2.0.3, when AttachmentDownloadType is set to inline, renders text/html e-mail attachments as HTML in the browser when the queue moderator attempts to download the attachment, which allows remote attackers to execute arbitrary web script or HTML. NOTE: this particular issue is referred to as XSS by some sources. | |||||