Total
29809 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-0715 | 1 Solucija | 1 Snews | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in sNews 1.3 allows remote attackers to inject arbitrary web script or HTML via the comment field. | |||||
| CVE-2006-0371 | 1 Noah Medling | 1 Rcblog | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in Noah Medling RCBlog 1.03 allows remote attackers to read arbitrary .txt files, possibly including one that stores the administrator's account name and password, via a .. (dot dot) in the post parameter. | |||||
| CVE-2004-1311 | 1 Mplayer | 1 Mplayer | 2025-04-03 | 10.0 HIGH | N/A |
| Integer overflow in the real_setup_and_get_header function in real.c for Unix MPlayer 1.0pre5 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a Real RTSP streaming media file with a -1 content-length field, which leads to a heap-based buffer overflow. | |||||
| CVE-2004-0495 | 6 Avaya, Conectiva, Gentoo and 3 more | 18 Converged Communications Server, Intuity Audix, Modular Messaging Message Storage Server and 15 more | 2025-04-03 | 7.2 HIGH | N/A |
| Multiple unknown vulnerabilities in Linux kernel 2.4 and 2.6 allow local users to gain privileges or access kernel memory, as found by the Sparse source code checking tool. | |||||
| CVE-2006-2329 | 1 Angelinecms | 1 Angelinecms | 2025-04-03 | 5.0 MEDIUM | N/A |
| AngelineCMS 0.6.5 and earlier allow remote attackers to obtain sensitive information via a direct request for (1) adodb-access.inc.php, (2) adodb-ado.inc.php, (3) adodb-ado_access.inc, (4) adodb-ado_mssql.inc.php, (5) adodb-borland_ibase, (6) adodb-csv.inc.php, (7) adodb-db2.inc.php, (8) adodb-fbsql.inc.php, (9) adodb-firebird.inc.php, (10) adodb-ibase.inc.php, (11) adodb-informix.inc.php, (12) adodb-informix72.inc, (13) adodb-mssql.inc.php, (14) adodb-mssqlpo.inc.php, (15) adodb-mysql.inc.php, (16) adodb-mysqlt.inc.php, (17) adodb-oci8.inc.php, (18) adodb-oci805.inc.php, (19) adodb-oci8po.inc.php, and (20) adodb-odbc.inc.php, which reveal the path in various error messages; and via a direct request for the (21) lib/system/ directory and (22) possibly other lib/ directories, which provide a directory listing and "architecture view." | |||||
| CVE-2005-2730 | 1 Astaro | 1 Security Linux | 2025-04-03 | 5.0 MEDIUM | N/A |
| The HTTP proxy in Astaro Security Linux 6.0 allows remote attackers to obtain sensitive information via an invalid request, which reveals a Proxy-authorization string in an error message. | |||||
| CVE-2005-1574 | 1 Microsoft | 1 Windows Media Player | 2025-04-03 | 7.5 HIGH | N/A |
| Windows Media Player 9 and 10, in certain cases, allows content protected by Windows Media Digital Rights Management (WMDRM) to redirect the user to a web site to obtain a license, even when the "Acquire licenses automatically for protected content" setting is not enabled. | |||||
| CVE-2006-3788 | 1 Ufo2000 | 1 Ufo2000 | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple buffer overflows in multiplay.cpp in UFO2000 svn 1057 allow remote attackers to execute arbitrary code via (1) a long unit name in Net::recv_add_unit,; (2) large values to Net::recv_rules, Net::recv_select_unit, Net::recv_options, and Net::recv_unit_data; and (3) a large mapdata GEODATA structure in Net::recv_map_data. | |||||
| CVE-2004-2014 | 1 Gnu | 1 Wget | 2025-04-03 | 2.6 LOW | N/A |
| Wget 1.9 and 1.9.1 allows local users to overwrite arbitrary files via a symlink attack on the name of the file being downloaded. | |||||
| CVE-2002-0216 | 1 Xoops | 1 Xoops | 2025-04-03 | 5.0 MEDIUM | N/A |
| userinfo.php in XOOPS 1.0 RC1 allows remote attackers to obtain sensitive information via a SQL injection attack in the "uid" parameter. | |||||
| CVE-2001-0960 | 2 Broadcom, Ca | 3 Arcserve Backup, Arcserve Backup 2000, Arcserve Backup 2000 | 2025-04-03 | 10.0 HIGH | N/A |
| Computer Associates ARCserve for NT 6.61 SP2a and ARCserve 2000 7.0 stores the backup agent user name and password in cleartext in the aremote.dmp file in the ARCSERVE$ hidden share, which allows local and remote attackers to gain privileges. | |||||
| CVE-2000-0763 | 1 David Bagley | 1 Xlock | 2025-04-03 | 7.2 HIGH | N/A |
| xlockmore and xlockf do not properly cleanse user-injected format strings, which allows local users to gain root privileges via the -d option. | |||||
| CVE-2006-1828 | 1 Php121 | 1 Php121 Instant Messenger | 2025-04-03 | 5.1 MEDIUM | N/A |
| SQL injection vulnerability in php121language.php in PHP121 1.4 allows remote attackers to execute arbitrary SQL commands and execute arbitrary code via the sess_username variable, as set by the php121un HTTP COOKIE parameter, which is used in multiple files including php121login.php. NOTE: the code execution occurs because the SQL query results are used in an include statement. | |||||
| CVE-2001-0410 | 1 Trend Micro | 1 Virus Buster 2001 | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in Trend Micro Virus Buster 2001 8.02 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long "From" header. | |||||
| CVE-2001-0578 | 1 Sco | 1 Openserver | 2025-04-03 | 4.6 MEDIUM | N/A |
| Buffer overflow in lpforms in SCO OpenServer 5.0-5.0.6 can allow a local attacker to gain additional privileges via a long first argument to the lpforms command. | |||||
| CVE-2005-0760 | 1 Imagemagick | 1 Imagemagick | 2025-04-03 | 5.0 MEDIUM | N/A |
| The TIFF decoder in ImageMagick before 6.0 allows remote attackers to cause a denial of service (crash) via a crafted TIFF file. | |||||
| CVE-2005-3221 | 1 Fortinet | 1 Fortinet Antivirus | 2025-04-03 | 5.1 MEDIUM | N/A |
| Multiple interpretation error in unspecified versions of Fortinet Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper. | |||||
| CVE-2004-0728 | 1 Microsoft | 1 Systems Management Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| The Remote Control Client service in Microsoft's Systems Management Server (SMS) 2.50.2726.0 allows remote attackers to cause a denial of service (crash) via a data packet to TCP port 2702 that causes the server to read or write to an invalid memory address. | |||||
| CVE-1999-0451 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 2.1 LOW | N/A |
| Denial of service in Linux 2.0.36 allows local users to prevent any server from listening on any non-privileged port. | |||||
| CVE-2005-3690 | 1 Mailenable | 2 Mailenable Enterprise, Mailenable Professional | 2025-04-03 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the IMAP service (meimaps.exe) of MailEnable Professional 1.6 and earlier and Enterprise 1.1 and earlier allows remote attackers to execute arbitrary code via a long mailbox name in the (1) select, (2) create, (3) delete, (4) rename, (5) subscribe, or (6) unsubscribe commands. | |||||