Total
29560 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-2626 | 1 Siemens | 1 S55 | 2025-04-03 | 3.7 LOW | N/A |
| GUI overlay vulnerability in the Java API in Siemens S55 cellular phones allows remote attackers to send unauthorized SMS messages by overlaying a confirmation message with a malicious message. | |||||
| CVE-1999-0112 | 2 Cde, Ibm | 2 Cde, Aix | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in AIX dtterm program for the CDE. | |||||
| CVE-2005-3715 | 1 Senao | 1 Si-680h Wireless Voip Phone | 2025-04-03 | 7.5 HIGH | N/A |
| Senao SI-680H Wireless VoIP Phone Firmware 0.03.0839 leaves the VxWorks debugger UDP port 17185 available without authentication, which allows attackers to access the phone OS, obtain sensitive information, and cause a denial of service. | |||||
| CVE-2002-0213 | 2 Sgi, Xinet | 2 Irix, K-ashare | 2025-04-03 | 2.1 LOW | N/A |
| xkas in Xinet K-AShare 0.011.01 for IRIX allows local users to read arbitrary files via a symlink attack on the VOLICON file, which is copied to the .HSicon file in a shared directory. | |||||
| CVE-2005-2291 | 1 Oracle | 1 Jdeveloper | 2025-04-03 | 4.6 MEDIUM | N/A |
| Oracle JDeveloper 9.0.4, 9.0.5, and 10.1.2 passes the cleartext password as a parameter when starting sqlplus, which allows local users to gain sensitive information. | |||||
| CVE-2004-2383 | 1 Microsoft | 2 Ie, Internet Explorer | 2025-04-03 | 5.1 MEDIUM | N/A |
| Microsoft Internet Explorer 5.0 through 6.0 allows remote attackers to bypass cross-frame scripting restrictions and capture keyboard events from other domains via an HTML document with Javascript that is outside a frameset that includes the target domain, then forcing the frameset to maintain focus. NOTE: the discloser claimed that the vendor does not categorize this as a vulnerability, but it can be used in a spoofing scenario; the discloser provides alternate scenarios. Spoofing scenarios are currently included in CVE. | |||||
| CVE-2006-0173 | 1 Hummingbird | 1 Enterprise Collaboration | 2025-04-03 | 4.0 MEDIUM | N/A |
| Hummingbird Collaboration (aka Hummingbird Enterprise Collaboration) 5.21 and earlier allows remote attackers to misrepresent the type and name of a file via modified doc_ext and id parameters, which might trick a user into downloading dangerous or unexpected content. | |||||
| CVE-1999-1241 | 1 Microsoft | 1 Internet Explorer | 2025-04-03 | 10.0 HIGH | N/A |
| Internet Explorer, with a security setting below Medium, allows remote attackers to execute arbitrary commands via a malicious web page that uses the FileSystemObject ActiveX object. | |||||
| CVE-2005-1261 | 1 Rob Flynn | 1 Gaim | 2025-04-03 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the URL parsing function in Gaim before 1.3.0 allows remote attackers to execute arbitrary code via an instant message (IM) with a large URL. | |||||
| CVE-2006-3017 | 1 Php | 1 Php | 2025-04-03 | 9.3 HIGH | N/A |
| zend_hash_del_key_or_index in zend_hash.c in PHP before 4.4.3 and 5.x before 5.1.3 can cause zend_hash_del to delete the wrong element, which prevents a variable from being unset even when the PHP unset function is called, which might cause the variable's value to be used in security-relevant operations. | |||||
| CVE-2002-0488 | 1 Linux Directory Penguin | 1 Linux Directory Penguin Traceroute | 2025-04-03 | 10.0 HIGH | N/A |
| Linux Directory Penguin traceroute.pl CGI script 1.0 allows remote attackers to execute arbitrary code via shell metacharacters in the host parameter. | |||||
| CVE-2004-0544 | 1 Ibm | 1 Aix | 2025-04-03 | 7.2 HIGH | N/A |
| Multiple buffer overflows in LVM for AIX 5.1 and 5.2 allow local users to gain privileges via the (1) putlvcb or (2) getlvcb commands. | |||||
| CVE-2000-1215 | 1 Ibm | 1 Lotus Domino | 2025-04-03 | 5.0 MEDIUM | N/A |
| The default configuration of Lotus Domino server 5.0.8 includes system information (version, operating system, and build date) in the HTTP headers of replies, which allows remote attackers to obtain sensitive information. | |||||
| CVE-2005-2974 | 1 Libungif | 1 Libungif | 2025-04-03 | 2.6 LOW | N/A |
| libungif library before 4.1.0 allows attackers to cause a denial of service via a crafted GIF file that triggers a null dereference. | |||||
| CVE-2004-0340 | 1 Texas Imperial Software | 1 Wftpd | 2025-04-03 | 7.2 HIGH | N/A |
| Stack-based buffer overflow in WFTPD Pro Server 3.21 Release 1, Pro Server 3.20 Release 2, Server 3.21 Release 1, and Server 3.10 allows local users to execute arbitrary code via long (1) LIST, (2) NLST, or (3) STAT commands. | |||||
| CVE-2006-4918 | 1 Simple Discussion Board | 1 Simple Discussion Board | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Simple Discussion Board 0.1.0 allow remote attackers to execute arbitrary PHP code via a URL in the (1) env_dir parameter to (a) blank.php, (b) admin.php, or (c) builddb.php, and the (2) script_root parameter to blank.php. | |||||
| CVE-2003-1057 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 7.2 HIGH | N/A |
| Unknown vulnerability in CDE Print Viewer (dtprintinfo) for Sun Solaris 2.6 through 9 may allow local users to execute arbitrary code. | |||||
| CVE-1999-0826 | 1 Freebsd | 1 Freebsd | 2025-04-03 | 4.6 MEDIUM | N/A |
| Buffer overflow in FreeBSD angband allows local users to gain privileges. | |||||
| CVE-2005-4713 | 1 Pam Mysql | 1 Pam Mysql | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the SQL logging facility in PAM-MySQL 0.6.x before 0.6.2 and 0.7.x before 0.7pre3 allows remote attackers to cause a denial of service (segmentation fault) via unspecified vectors, probably involving the pam_mysql_sql_log function when being used in vsftpd, which does not include the IP address argument to an sprintf call. | |||||
| CVE-2004-1407 | 1 Singapore | 1 Image Gallery Web Application | 2025-04-03 | 5.0 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in singapore Image Gallery Web Application 0.9.10 allow remote attackers to (1) read arbitrary files via the showThumb method for thumb.php, or (2) delete arbitrary files via admin.class.php. | |||||