Total
29559 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-0752 | 1 Openoffice | 1 Openoffice | 2025-04-03 | 2.1 LOW | N/A |
| OpenOffice (OOo) 1.1.2 creates predictable directory names with insecure permissions during startup, which may allow local users to read or list files of other users. | |||||
| CVE-2004-1706 | 1 U.s.robotics | 1 Usr808054 | 2025-04-03 | 7.5 HIGH | N/A |
| The U.S. Robotics USR808054 wireless access point allows remote attackers to cause a denial of service (device crash) and possibly execute arbitrary code via an HTTP GET request with a long version string. | |||||
| CVE-2006-4023 | 1 Php | 1 Php | 2025-04-03 | 5.0 MEDIUM | N/A |
| The ip2long function in PHP 5.1.4 and earlier may incorrectly validate an arbitrary string and return a valid network IP address, which allows remote attackers to obtain network information and facilitate other attacks, as demonstrated using SQL injection in the X-FORWARDED-FOR Header in index.php in MiniBB 2.0. NOTE: it could be argued that the ip2long behavior represents a risk for security-relevant issues in a way that is similar to strcpy's role in buffer overflows, in which case this would be a class of implementation bugs that would require separate CVE items for each PHP application that uses ip2long in a security-relevant manner. | |||||
| CVE-1999-0108 | 1 Sgi | 1 Irix | 2025-04-03 | 7.2 HIGH | N/A |
| The printers program in IRIX has a buffer overflow that gives root access to local users. | |||||
| CVE-2004-2670 | 1 Endonesia | 1 Endonesia | 2025-04-03 | 6.8 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in mod.php in eNdonesia 8.3 allow remote attackers to inject arbitrary web script or HTML via (1) the mod parameter in a viewcat operation or (2) the query parameter in a search operation in the publisher module. | |||||
| CVE-2004-0309 | 1 Zonelabs | 2 Integrity, Zonealarm | 2025-04-03 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in the SMTP service support in vsmon.exe in Zone Labs ZoneAlarm before 4.5.538.001, ZoneLabs Integrity client 4.0 before 4.0.146.046, and 4.5 before 4.5.085, allows remote attackers to execute arbitrary code via a long RCPT TO argument. | |||||
| CVE-2006-0102 | 1 Ralph Capper | 1 Tinyphpforum | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in TinyPHPForum (TPF) 3.6 and earlier allows remote attackers to inject arbitrary web script via a javascript: scheme in an "[a]" bbcode tag, possibly the txt parameter to action.php. | |||||
| CVE-2004-1276 | 1 Iglooftp | 1 Iglooftp | 2025-04-03 | 2.1 LOW | N/A |
| IglooFTP 0.6.1, when recursively uploading a directory, allows local users to overwrite the files that are being uploaded by creating temporary files with names generated by the tmpnam function, before the files are opened by IglooFTP. | |||||
| CVE-2005-3242 | 1 Ethereal Group | 1 Ethereal | 2025-04-03 | 5.0 MEDIUM | N/A |
| Ethereal 0.10.12 and earlier allows remote attackers to cause a denial of service (crash) via unknown vectors in (1) the IrDA dissector and (2) the SMB dissector when SMB transaction payload reassembly is enabled. | |||||
| CVE-2005-2404 | 1 Sendcard | 1 Sendcard | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in sendcard.php in Sendcard 3.2.3 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2005-0750 | 5 Conectiva, Linux, Redhat and 2 more | 8 Linux, Linux Kernel, Enterprise Linux and 5 more | 2025-04-03 | 7.2 HIGH | N/A |
| The bluez_sock_create function in the Bluetooth stack for Linux kernel 2.4.6 through 2.4.30-rc1 and 2.6 through 2.6.11.5 allows local users to gain privileges via (1) socket or (2) socketpair call with a negative protocol value. | |||||
| CVE-2004-2500 | 1 Ilohamail | 1 Ilohamail | 2025-04-03 | 10.0 HIGH | N/A |
| Unknown vulnerability in IlohaMail before 0.8.14-rc1 has unknown impact and attack vectors. | |||||
| CVE-2004-1521 | 1 Qualcomm | 1 Eudora | 2025-04-03 | 5.0 MEDIUM | N/A |
| Eudora 6.2.0.14 does not issue a warning when a user forwards an e-mail message that contains base64 or quoted-printable encoded attachments, which makes it easier for remote attackers to read arbitrary files via spoofed "Converted" headers. | |||||
| CVE-2006-4531 | 1 Bare Concept Media | 1 Pheap Cms | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in lib/config.php in Pheap CMS 1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the lpref parameter. | |||||
| CVE-2006-4426 | 1 Albert | 1 Albert-easysite | 2025-04-03 | 5.1 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in AES/modules/auth/phpsecurityadmin/include/logout.php in AlberT-EasySite (AES) 1.0a5 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the PSA_PATH parameter. | |||||
| CVE-2002-0040 | 1 Sgi | 1 Irix | 2025-04-03 | 2.1 LOW | N/A |
| Vulnerability in SGI IRIX 6.5.11 through 6.5.15f allows local users to cause privileged applications to dump core via the HOSTALIASES environment variable, which might allow the users to gain privileges. | |||||
| CVE-1999-0521 | 2025-04-03 | 7.2 HIGH | N/A | ||
| An NIS domain name is easily guessable. | |||||
| CVE-2002-0009 | 1 Mozilla | 1 Bugzilla | 2025-04-03 | 5.0 MEDIUM | N/A |
| show_bug.cgi in Bugzilla before 2.14.1 allows a user with "Bugs Access" privileges to see other products that are not accessible to the user, by submitting a bug and reading the resulting Product pulldown menu. | |||||
| CVE-2003-0783 | 1 Yongguang Zhang | 1 Hztty | 2025-04-03 | 7.2 HIGH | N/A |
| Multiple buffer overflows in hztty 2.0 allow local users to gain root privileges. | |||||
| CVE-2000-0860 | 1 Php | 1 Php | 2025-04-03 | 5.0 MEDIUM | N/A |
| The file upload capability in PHP versions 3 and 4 allows remote attackers to read arbitrary files by setting hidden form fields whose names match the names of internal PHP script variables. | |||||