Total
29810 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-1207 | 1 Crob | 1 Crob Ftp Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Crob FTP Server 3.5.1 allows remote authenticated users to cause a denial of service (crash) via a dir command with a large number of "." characters followed by a "/*" string. | |||||
| CVE-2006-3608 | 1 Flatnuke | 1 Flatnuke | 2025-04-03 | 4.6 MEDIUM | N/A |
| The Gallery module in Simone Vellei Flatnuke 2.5.7 and earlier, when Gallery uploads are enabled, does not restrict the extensions of uploaded files that begin with a GIF header, which allows remote authenticated users to execute arbitrary PHP code via an uploaded .php file. | |||||
| CVE-2006-0068 | 1 Primo Place | 1 Primo Cart | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Primo Cart 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) q parameter to search.php and (2) email parameter to user.php. | |||||
| CVE-2002-0811 | 1 Mozilla | 1 Bugzilla | 2025-04-03 | 7.5 HIGH | N/A |
| Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, may allow remote attackers to cause a denial of service or execute certain queries via a SQL injection attack on the sort order parameter to buglist.cgi. | |||||
| CVE-2006-4631 | 1 Softbb | 1 Softbb | 2025-04-03 | 6.5 MEDIUM | N/A |
| Direct static code injection vulnerability in admin/save_opt.php in SoftBB 0.1, and possibly earlier, allows remote authenticated users to upload and execute arbitrary PHP code via the cache_forum parameter, which saves the code to info_options.php, which is accessible via a direct request. | |||||
| CVE-2002-1509 | 1 Redhat | 1 Linux | 2025-04-03 | 3.6 LOW | N/A |
| A patch for shadow-utils 20000902 causes the useradd command to create a mail spool files with read/write privileges of the new user's group (mode 660), which allows other users in the same group to read or modify the new user's incoming email. | |||||
| CVE-2004-0787 | 1 Openca | 1 Openca | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the web frontend in OpenCA 0.9.1-8 and earlier, and 0.9.2 RC6 and earlier, allows remote attackers to inject arbitrary web script or HTML via the form input fields. | |||||
| CVE-2003-1237 | 1 Matt Wright | 1 Wwwboard | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting vulnerability (XSS) in WWWBoard 2.0A2.1 and earlier allows remote attackers to inject arbitrary HTML or web script via a message post. | |||||
| CVE-2000-1174 | 1 Ethereal Group | 1 Ethereal | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple buffer overflows in AFS ACL parser for Ethereal 0.8.13 and earlier allows remote attackers to execute arbitrary commands via a packet with a long username. | |||||
| CVE-2006-1944 | 1 Sibsoft | 1 Communimail | 2025-04-03 | 2.6 LOW | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in SibSoft CommuniMail 1.2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the list_id parameter in mailadmin.cgi and (2) the form_id parameter in templates.cgi. | |||||
| CVE-2002-0340 | 1 Microsoft | 1 Windows Media Player | 2025-04-03 | 7.5 HIGH | N/A |
| Windows Media Player (WMP) 8.00.00.4477, and possibly other versions, automatically detects and executes .wmf and other content, even when the file's extension or content type does not specify .wmf, which could make it easier for attackers to conduct unauthorized activities via Trojan horse files containing .wmf content. | |||||
| CVE-2005-1815 | 1 Hummingbird | 1 Connectivity | 2025-04-03 | 5.0 MEDIUM | N/A |
| Multiple buffer overflows in Hummingbird Connectivity inetD 10.0.0.1 and 9.0.0.4 allows attackers to cause a denial of service and possibly execute arbitrary code via (1) an FTP command with a long argument to FTPD (ftpdw.exe) or (2) a large amount of data to LPD (Lpdw.exe). | |||||
| CVE-2004-2225 | 1 Mozilla | 1 Firefox | 2025-04-03 | 5.0 MEDIUM | N/A |
| Mozilla Firefox before 0.10.1 allows remote attackers to delete arbitrary files in the download directory via a crafted data: URI that is not properly handled when the user clicks the Save button. | |||||
| CVE-2003-0063 | 1 Xfree86 Project | 1 X11r6 | 2025-04-03 | 7.5 HIGH | 7.3 HIGH |
| The xterm terminal emulator in XFree86 4.2.0 and earlier allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. | |||||
| CVE-2000-0932 | 1 Clearswift | 1 Mailsweeper For Smtp | 2025-04-03 | 5.0 MEDIUM | N/A |
| MAILsweeper for SMTP 3.x does not properly handle corrupt CDA documents in a ZIP file and hangs, which allows remote attackers to cause a denial of service. | |||||
| CVE-2005-3014 | 1 Ensim | 1 Webppliance | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Ensim webplliance allows remote attackers to inject arbitrary web script or HTML via the Login (OCW_login_username) field. | |||||
| CVE-1999-0364 | 2 Fms Inc., Microsoft | 2 Total Vb Sourcebook, Access | 2025-04-03 | 10.0 HIGH | N/A |
| Microsoft Access 97 stores a database password as plaintext in a foreign mdb, allowing access to data. | |||||
| CVE-2006-4972 | 1 Mybulletinboard | 1 Mybulletinboard | 2025-04-03 | 5.1 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in archive/index.php/forum-4.html in MyBB (aka MyBulletinBoard) allows remote attackers to inject arbitrary web script or HTML via the navbits[][name] parameter. | |||||
| CVE-2006-2309 | 1 Etype | 1 Eserv | 2025-04-03 | 4.0 MEDIUM | N/A |
| The HTTP service in EServ/3 3.25 allows remote attackers to obtain sensitive information via crafted HTTP requests containing dot, space, and slash characters, which reveals the source code of script files. | |||||
| CVE-2002-2200 | 1 Benjamin Lefevre | 1 Dobermann Forum | 2025-04-03 | 7.5 HIGH | N/A |
| Benjamin Lefevre Dobermann FORUM 0.5 and earlier allows remote attackers to remotely include and execute malicious PHP files via the "subpath" variablein (1) entete.php, (2) enteteacceuil.php, (3) index.php, or (4) newtopic.php. | |||||