Total
29559 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-1027 | 1 Cisco | 1 Pix Firewall Software | 2025-04-03 | 5.0 MEDIUM | N/A |
| Cisco Secure PIX Firewall 5.2(2) allows remote attackers to determine the real IP address of a target FTP server by flooding the server with PASV requests, which includes the real IP address in the response when passive mode is established. | |||||
| CVE-2005-3470 | 1 Mailscanner | 1 Mailscanner | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in in the authenticate function in MailWatch for MailScanner 1.0.2 allows remote attackers to execute arbitrary SQL commands. | |||||
| CVE-2006-2615 | 1 Russcom Network | 1 Russcom.ping | 2025-04-03 | 7.5 HIGH | N/A |
| ping.php in Russcom.Ping allows remote attackers to execute arbitrary commands via shell metacharacters in the domain parameter. | |||||
| CVE-2006-2632 | 1 Andrew Godwin | 1 Bytehoard | 2025-04-03 | 3.5 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in Andrew Godwin ByteHoard 2.1 and earlier allows remote authenticated users to inject arbitrary web script or HTML via file descriptions. | |||||
| CVE-2005-0265 | 1 Owl | 1 Owl Intranet Engine | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in browse.php in OWL 0.7 and 0.8 allow remote attackers to execute arbitrary SQL commands via the (1) parent or (2) sortposted parameter. | |||||
| CVE-1999-1343 | 1 Xerox | 1 Docucolor 4lp | 2025-04-03 | 5.0 MEDIUM | N/A |
| HTTP server for Xerox DocuColor 4 LP allows remote attackers to cause a denial of service (hang) via a long URL that contains a large number of . characters. | |||||
| CVE-2004-2322 | 1 Phpwebsite | 1 Phpwebsite | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the (1) announce and (2) notes modules of phpWebSite before 0.9.3-2 allows remote attackers to execute arbitrary SQL queries, as demonstrated using the ANN_id parameter to the announce module. | |||||
| CVE-2003-0143 | 1 Qualcomm | 1 Qpopper | 2025-04-03 | 10.0 HIGH | N/A |
| The pop_msg function in qpopper 4.0.x before 4.0.5fc2 does not null terminate a message buffer after a call to Qvsnprintf, which could allow authenticated users to execute arbitrary code via a buffer overflow in a mdef command with a long macro name. | |||||
| CVE-2002-1849 | 1 Parachat | 1 Parachat Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| ParaChat Server 4.0 does not log users off if the browser's back button is used, which allows remote attackers to cause a denial of service by repeatedly logging into a chat room, hitting the back button, then logging into the same chat room as a different user, which fills the chat room with invalid users. | |||||
| CVE-2002-1356 | 1 Ethereal Group | 1 Ethereal | 2025-04-03 | 7.5 HIGH | N/A |
| Ethereal 0.9.7 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via malformed packets to the (1) LMP, (2) PPP, or (3) TDS dissectors, possibly related to a missing field for EndVerifyAck messages. | |||||
| CVE-2005-0578 | 1 Mozilla | 2 Firefox, Mozilla | 2025-04-03 | 2.1 LOW | N/A |
| Firefox before 1.0.1 and Mozilla Suite before 1.7.6 use a predictable filename for the plugin temporary directory, which allows local users to delete arbitrary files of other users via a symlink attack on the plugtmp directory. | |||||
| CVE-2002-1371 | 2 Apple, Easy Software Products | 2 Mac Os X, Cups | 2025-04-03 | 7.5 HIGH | N/A |
| filters/image-gif.c in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly check for zero-length GIF images, which allows remote attackers to execute arbitrary code via modified chunk headers, as demonstrated by nogif. | |||||
| CVE-2002-2045 | 1 Xqus | 1 X-stat | 2025-04-03 | 6.4 MEDIUM | N/A |
| x_stat_admin.php in x-stat 2.3 and earlier allows remote attackers to (1) execute PHP commands such as phpinfo or (2) obtain the full path of the web server via an invalid action parameter, which leaks the pathname in an error message. | |||||
| CVE-2006-1091 | 1 Kaspersky Lab | 1 Kaspersky Anti-virus | 2025-04-03 | 7.8 HIGH | N/A |
| Kaspersky Antivirus 5.0.5 and 5.5.3 allows remote attackers to cause a denial of service (CPU and memory consumption) via unknown attack vectors. | |||||
| CVE-2001-0118 | 3 Immunix, Mandrakesoft, Redhat | 3 Immunix, Mandrake Linux, Linux | 2025-04-03 | 1.2 LOW | N/A |
| rdist 6.1.5 allows local users to overwrite arbitrary files via a symlink attack. | |||||
| CVE-2000-0613 | 1 Cisco | 1 Pix Firewall | 2025-04-03 | 5.0 MEDIUM | N/A |
| Cisco Secure PIX Firewall does not properly identify forged TCP Reset (RST) packets, which allows remote attackers to force the firewall to close legitimate connections. | |||||
| CVE-1999-1551 | 1 Ipswitch | 1 Imail | 2025-04-03 | 5.0 MEDIUM | N/A |
| Buffer overflow in Ipswitch IMail Service 5.0 allows an attacker to cause a denial of service (crash) and possibly execute arbitrary commands via a long URL. | |||||
| CVE-2003-0265 | 1 Sap | 1 Sap Db | 2025-04-03 | 6.2 MEDIUM | N/A |
| Race condition in SDBINST for SAP database 7.3.0.29 creates critical files with world-writable permissions before initializing the setuid bits, which allows local attackers to gain root privileges by modifying the files before the permissions are changed. | |||||
| CVE-2003-0406 | 1 Palmvnc | 1 Palmvnc | 2025-04-03 | 7.2 HIGH | N/A |
| PalmVNC 1.40 and earlier stores passwords in plaintext in the PalmVNCDB, which is backed up to PCs that the Palm is synchronized with, which could allow attackers to gain privileges. | |||||
| CVE-2002-0728 | 1 Greg Roelofs | 1 Libpng | 2025-04-03 | 5.0 MEDIUM | N/A |
| Buffer overflow in the progressive reader for libpng 1.2.x before 1.2.4, and 1.0.x before 1.0.14, allows attackers to cause a denial of service (crash) via a PNG data stream that has more IDAT data than indicated by the IHDR chunk. | |||||