Total
29809 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0566 | 3 Caldera, Mandrakesoft, Redhat | 3 Openlinux, Mandrake Linux, Linux | 2025-04-03 | 7.2 HIGH | N/A |
| makewhatis in Linux man package allows local users to overwrite files via a symlink attack. | |||||
| CVE-2006-4617 | 1 Vtiger | 1 Vtiger Crm | 2025-04-03 | 7.5 HIGH | N/A |
| Unrestricted file upload vulnerability in fileupload.html in vtiger CRM 4.2.4, and possibly earlier versions, allows remote attackers to upload and execute arbitrary files with executable extensions in the /cashe/mails folder. | |||||
| CVE-2004-1285 | 1 Mplayer | 1 Mplayer | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in the get_header function in asf_mmst_streaming.c for MPlayer 1.0pre5 allows remote attackers to execute arbitrary code via a crafted ASF video stream. | |||||
| CVE-2000-0398 | 1 Rockliffe | 1 Mailsite | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in wconsole.dll in Rockliffe MailSite Management Agent allows remote attackers to execute arbitrary commands via a long query_string parameter in the HTTP GET request. | |||||
| CVE-2005-2485 | 1 Logicampus | 1 Logicampus | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Helpdesk in Logicampus before 1.1.1 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | |||||
| CVE-2001-0430 | 1 Debian | 1 Debian Linux | 2025-04-03 | 3.6 LOW | N/A |
| Vulnerability in exuberant-ctags before 3.2.4-0.1 insecurely creates temporary files. | |||||
| CVE-2006-4884 | 1 Idevspot | 1 Isupport | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in IDevSpot iSupport 1.8 allow remote attackers to inject arbitrary web script or HTML via (1) the suser parameter in support/rightbar.php, (2) the ticket_id parameter in support/open_tickets.php, and (3) the cons_page_title parameter in index.php. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | |||||
| CVE-2001-0653 | 1 Sendmail | 1 Sendmail | 2025-04-03 | 4.6 MEDIUM | N/A |
| Sendmail 8.10.0 through 8.11.5, and 8.12.0 beta, allows local users to modify process memory and possibly gain privileges via a large value in the 'category' part of debugger (-d) command line arguments, which is interpreted as a negative number. | |||||
| CVE-2001-1547 | 1 Microsoft | 1 Outlook Express | 2025-04-03 | 7.5 HIGH | N/A |
| Outlook Express 6.0, with "Do not allow attachments to be saved or opened that could potentially be a virus" enabled, does not block email attachments from forwarded messages, which could allow remote attackers to execute arbitrary code. | |||||
| CVE-2003-0346 | 1 Microsoft | 1 Directx | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple integer overflows in a Microsoft Windows DirectX MIDI library (QUARTZ.DLL) allow remote attackers to execute arbitrary code via a MIDI (.mid) file with (1) large length for a Text or Copyright string, or (2) a large number of tracks, which leads to a heap-based buffer overflow. | |||||
| CVE-2006-1387 | 1 Twiki | 1 Twiki | 2025-04-03 | 4.0 MEDIUM | N/A |
| TWiki 4.0, 4.0.1, and 20010901 through 20040904 allows remote authenticated users with edit rights to cause a denial of service (infinite recursion leading to CPU and memory consumption) via INCLUDE by URL statements that form a loop, such as a page that includes itself. | |||||
| CVE-2005-0625 | 1 Debian | 1 Reportbug | 2025-04-03 | 2.1 LOW | N/A |
| reportbug 3.2 includes settings from .reportbugrc in bug reports, which exposes sensitive information such as smtpuser and smtppasswd. | |||||
| CVE-2002-1803 | 1 Francisco Burzi | 1 Php-nuke | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in PHP-Nuke 6.0 allows remote attackers to inject arbitrary web script or HTML via Javascript in an IMG tag. | |||||
| CVE-2005-0293 | 1 Minis | 1 Minis | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in minis.php in Minis 0.2.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the month parameter. | |||||
| CVE-2004-0717 | 3 Linux, Microsoft, Opera | 3 Linux Kernel, Windows, Opera Browser | 2025-04-03 | 7.5 HIGH | N/A |
| Opera 7.51 for Windows and 7.50 for Linux does not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability. | |||||
| CVE-2000-0704 | 3 Freewnn, Omron, Wnn | 3 Freewnn, Worldview, Wnn4 | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in SGI Omron WorldView Wnn allows remote attackers to execute arbitrary commands via long JS_OPEN, JS_MKDIR, or JS_FILE_INFO commands. | |||||
| CVE-2006-4769 | 1 Gtasoft | 1 P4cms | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in abf_js.php in p4CMS 1.05 allows remote attackers to execute arbitrary PHP code via a URL in the abs_pfad parameter. | |||||
| CVE-2002-0136 | 1 Microsoft | 1 Internet Explorer | 2025-04-03 | 5.0 MEDIUM | N/A |
| Microsoft Internet Explorer 5.5 on Windows 98 allows remote web pages to cause a denial of service (hang) via extremely long values for form fields such as INPUT and TEXTAREA, which can be automatically filled via Javascript. | |||||
| CVE-2004-1565 | 1 W-agora | 1 W-agora | 2025-04-03 | 5.0 MEDIUM | N/A |
| list.php in w-Agora 4.1.6a allows remote attackers to reveal the full path via a crafted HTTP request, possibly involving a malformed id parameter. | |||||
| CVE-2004-1049 | 1 Microsoft | 4 Windows 2000, Windows 2003 Server, Windows Nt and 1 more | 2025-04-03 | 5.1 MEDIUM | N/A |
| Integer overflow in the LoadImage API of the USER32 Lib for Microsoft Windows allows remote attackers to execute arbitrary code via a .bmp, .cur, .ico or .ani file with a large image size field, which leads to a buffer overflow, aka the "Cursor and Icon Format Handling Vulnerability." | |||||