Total
29559 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-4867 | 1 Gnuturk | 1 Gnuturk Portal System | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in mods.php in GNUTurk 2G and earlier allows remote attackers to execute arbitrary SQL commands via the t_id parameter when the go parameter is "Forum." | |||||
| CVE-2000-0737 | 1 Microsoft | 1 Windows 2000 | 2025-04-03 | 4.6 MEDIUM | N/A |
| The Service Control Manager (SCM) in Windows 2000 creates predictable named pipes, which allows a local user with console access to gain administrator privileges, aka the "Service Control Manager Named Pipe Impersonation" vulnerability. | |||||
| CVE-2006-3410 | 1 Tor | 1 Tor | 2025-04-03 | 5.0 MEDIUM | N/A |
| Tor before 0.1.1.20 creates "internal circuits" primarily consisting of nodes with "useful exit nodes," which allows remote attackers to conduct unspecified statistical attacks. | |||||
| CVE-2001-1407 | 1 Mozilla | 1 Bugzilla | 2025-04-03 | 7.5 HIGH | N/A |
| Bugzilla before 2.14 allows Bugzilla users to bypass group security checks by marking a bug as the duplicate of a restricted bug, which adds the user to the CC list of the restricted bug and allows the user to view the bug. | |||||
| CVE-2001-0898 | 1 Opera Software | 1 Opera Web Browser | 2025-04-03 | 5.0 MEDIUM | N/A |
| Opera 6.0 and earlier allows remote attackers to access sensitive information such as cookies and links for other domains via Javascript that uses setTimeout to (1) access data after a new window to the domain has been opened or (2) access data via about:cache. | |||||
| CVE-1999-0047 | 3 Bsdi, Caldera, Eric Allman | 3 Bsd Os, Openlinux, Sendmail | 2025-04-03 | 10.0 HIGH | N/A |
| MIME conversion buffer overflow in sendmail versions 8.8.3 and 8.8.4. | |||||
| CVE-2001-0400 | 1 Matt Tourtillott | 1 Nph-maillist | 2025-04-03 | 7.5 HIGH | N/A |
| nph-maillist.pl allows remote attackers to execute arbitrary commands via shell metacharacters ("`") in the email address. | |||||
| CVE-2006-0576 | 1 Maynard Johnson | 1 Oprofile | 2025-04-03 | 7.2 HIGH | N/A |
| Untrusted search path vulnerability in opcontrol in OProfile 0.9.1 and earlier allows local users to execute arbitrary commands via a modified PATH that references malicious (1) which or (2) dirname programs. NOTE: while opcontrol normally is not run setuid, a common configuration suggests accessing opcontrol using sudo. In such a context, this is a vulnerability. | |||||
| CVE-2002-0781 | 1 Novell | 1 Bordermanager | 2025-04-03 | 5.0 MEDIUM | N/A |
| RTSP proxy for Novell BorderManager 3.6 SP 1a allows remote attackers to cause a denial of service via a GET request to port 9090 followed by a series of carriage returns, which causes proxy.nlm to ABEND. | |||||
| CVE-2000-1184 | 1 Freebsd | 1 Freebsd | 2025-04-03 | 5.0 MEDIUM | N/A |
| telnetd in FreeBSD 4.2 and earlier, and possibly other operating systems, allows remote attackers to cause a denial of service by specifying an arbitrary large file in the TERMCAP environmental variable, which consumes resources as the server processes the file. | |||||
| CVE-2003-1207 | 1 Crob | 1 Crob Ftp Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Crob FTP Server 3.5.1 allows remote authenticated users to cause a denial of service (crash) via a dir command with a large number of "." characters followed by a "/*" string. | |||||
| CVE-2006-3608 | 1 Flatnuke | 1 Flatnuke | 2025-04-03 | 4.6 MEDIUM | N/A |
| The Gallery module in Simone Vellei Flatnuke 2.5.7 and earlier, when Gallery uploads are enabled, does not restrict the extensions of uploaded files that begin with a GIF header, which allows remote authenticated users to execute arbitrary PHP code via an uploaded .php file. | |||||
| CVE-2006-0068 | 1 Primo Place | 1 Primo Cart | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Primo Cart 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) q parameter to search.php and (2) email parameter to user.php. | |||||
| CVE-2002-0811 | 1 Mozilla | 1 Bugzilla | 2025-04-03 | 7.5 HIGH | N/A |
| Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, may allow remote attackers to cause a denial of service or execute certain queries via a SQL injection attack on the sort order parameter to buglist.cgi. | |||||
| CVE-2006-4631 | 1 Softbb | 1 Softbb | 2025-04-03 | 6.5 MEDIUM | N/A |
| Direct static code injection vulnerability in admin/save_opt.php in SoftBB 0.1, and possibly earlier, allows remote authenticated users to upload and execute arbitrary PHP code via the cache_forum parameter, which saves the code to info_options.php, which is accessible via a direct request. | |||||
| CVE-2002-1509 | 1 Redhat | 1 Linux | 2025-04-03 | 3.6 LOW | N/A |
| A patch for shadow-utils 20000902 causes the useradd command to create a mail spool files with read/write privileges of the new user's group (mode 660), which allows other users in the same group to read or modify the new user's incoming email. | |||||
| CVE-2004-0787 | 1 Openca | 1 Openca | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the web frontend in OpenCA 0.9.1-8 and earlier, and 0.9.2 RC6 and earlier, allows remote attackers to inject arbitrary web script or HTML via the form input fields. | |||||
| CVE-2003-1237 | 1 Matt Wright | 1 Wwwboard | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting vulnerability (XSS) in WWWBoard 2.0A2.1 and earlier allows remote attackers to inject arbitrary HTML or web script via a message post. | |||||
| CVE-2000-1174 | 1 Ethereal Group | 1 Ethereal | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple buffer overflows in AFS ACL parser for Ethereal 0.8.13 and earlier allows remote attackers to execute arbitrary commands via a packet with a long username. | |||||
| CVE-2006-1944 | 1 Sibsoft | 1 Communimail | 2025-04-03 | 2.6 LOW | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in SibSoft CommuniMail 1.2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the list_id parameter in mailadmin.cgi and (2) the form_id parameter in templates.cgi. | |||||