Total
29559 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-1321 | 1 Mit | 1 Kerberos | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in ssh 1.2.26 client with Kerberos V enabled could allow remote attackers to cause a denial of service or execute arbitrary commands via a long DNS hostname that is not properly handled during TGT ticket passing. | |||||
| CVE-2005-0484 | 1 Gproftpd | 1 Gproftpd | 2025-04-03 | 7.5 HIGH | N/A |
| Format string vulnerability in gprostats for GProFTPD before 8.1.9 may allow remote attackers to execute arbitrary code via an FTP transfer with a crafted filename that causes format string specifiers to be inserted into the ProFTPD transfer log. | |||||
| CVE-2002-0797 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in the MIB parsing component of mibiisa for Solaris 5.6 through 8 allows remote attackers to gain root privileges. | |||||
| CVE-2002-0614 | 1 Php-survey | 1 Php-survey | 2025-04-03 | 5.0 MEDIUM | N/A |
| PHP-Survey 20000615 and earlier stores the global.inc file under the web root, which allows remote attackers to obtain sensitive information, including database credentials, if .inc files are not preprocessed by the server. | |||||
| CVE-2004-2342 | 1 Burton Sang | 1 Chatterbox | 2025-04-03 | 5.0 MEDIUM | N/A |
| ChatterBox 2.0 allows remote attackers to cause a denial of service (server crash) via a malformed request to the server, as demonstrated using "aaaaaa". | |||||
| CVE-2003-0220 | 1 Kerio | 1 Personal Firewall 2 | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the administrator authentication process for Kerio Personal Firewall (KPF) 2.1.4 and earlier allows remote attackers to execute arbitrary code via a handshake packet. | |||||
| CVE-2002-1838 | 1 Steve Sachs | 1 Charities.cron | 2025-04-03 | 5.0 MEDIUM | N/A |
| Charities.cron 1.0.2 through 1.6.0 allows local users to write to arbitrary files via a symlink attack on temporary files. | |||||
| CVE-2004-1037 | 2 Gentoo, Twiki | 2 Linux, Twiki | 2025-04-03 | 10.0 HIGH | N/A |
| The search function in TWiki 20030201 allows remote attackers to execute arbitrary commands via shell metacharacters in a search string. | |||||
| CVE-2004-1695 | 1 Emulive | 1 Server4 | 2025-04-03 | 10.0 HIGH | N/A |
| EmuLive Server4 Commerce Edition Build 7560 allows remote attackers to bypass authentication for the remote administration feature via a URL that contains an extra leading / (slash). | |||||
| CVE-2001-0185 | 1 Netopia | 1 R9100 Router | 2025-04-03 | 5.0 MEDIUM | N/A |
| Netopia R9100 router version 4.6 allows authenticated users to cause a denial of service by using the router's telnet program to connect to the router's IP address, which causes a crash. | |||||
| CVE-2006-3186 | 1 Cms Faethon | 1 Cms Faethon | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in CMS Faethon 1.3.2 allow remote attackers to inject arbitrary web script or HTML via the mainpath parameter to (1) data/footer.php and (2) admin/header.php. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | |||||
| CVE-2005-1054 | 1 Moderngigabyte | 1 Modernbill | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in news.php in ModernBill 4.3.0 and earlier allows remote attackers to execute arbitrary PHP code by modifying the DIR parameter to reference a URL on a remote web server that contains the code. | |||||
| CVE-1999-0556 | 2025-04-03 | 10.0 HIGH | N/A | ||
| Two or more Unix accounts have the same UID. | |||||
| CVE-2003-1092 | 1 Christos Zoulas | 1 File 1 | 2025-04-03 | 7.5 HIGH | N/A |
| Unknown vulnerability in the "Automatic File Content Type Recognition (AFCTR) Tool version of the file package before 3.41, related to "a memory allocation problem," has unknown impact. | |||||
| CVE-2006-4089 | 1 Andy Lo-a-foe | 1 Alsaplayer | 2025-04-03 | 5.0 MEDIUM | N/A |
| Multiple buffer overflows in Andy Lo-A-Foe AlsaPlayer 0.99.76 and earlier allow remote attackers to cause a denial of service (application crash), or have other unknown impact, via (1) a long Location field sent by a web server, which triggers an overflow in the reconnect function in reader/http/http.c; (2) a long URL sent by a web server when AlsaPlayer is seeking a media file for the playlist, which triggers overflows in new_list_item and CbUpdated in interface/gtk/PlaylistWindow.cpp; and (3) a long response sent by a CDDB server, which triggers an overflow in cddb_lookup in input/ccda/cdda_engine.c. | |||||
| CVE-2005-0021 | 1 University Of Cambridge | 1 Exim | 2025-04-03 | 7.2 HIGH | N/A |
| Multiple buffer overflows in Exim before 4.43 may allow attackers to execute arbitrary code via (1) an IPv6 address with more than 8 components, as demonstrated using the -be command line option, which triggers an overflow in the host_aton function, or (2) the -bh command line option or dnsdb PTR lookup, which triggers an overflow in the dns_build_reverse function. | |||||
| CVE-2006-2826 | 1 Phplib Team | 1 Phplib | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in sessions.inc in PHP Base Library (PHPLib) before 7.4a allows remote attackers to execute arbitrary SQL commands via the id variable, which is set by a client through a query string or a cookie. | |||||
| CVE-2001-0693 | 1 Webtrends | 2 Webtrends Enterprise Reporting Server, Webtrends Enterprise Reporting Server Nt | 2025-04-03 | 5.0 MEDIUM | N/A |
| WebTrends HTTP Server 3.1c and 3.5 allows a remote attacker to view script source code via a filename followed by an encoded space (%20). | |||||
| CVE-2005-2532 | 1 Openvpn | 1 Openvpn | 2025-04-03 | 5.0 MEDIUM | N/A |
| OpenVPN before 2.0.1 does not properly flush the OpenSSL error queue when a packet can not be decrypted by the server, which allows remote authenticated attackers to cause a denial of service (client disconnection) via a large number of packets that can not be decrypted. | |||||
| CVE-2005-2598 | 1 Dokeos | 1 Dokeos | 2025-04-03 | 5.0 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in Dokeos 1.6 and earlier, and possibly Claroline, allow remote attackers to (1) delete arbitrary files or directories via the delete parameter to claroline/scorm/scormdocument.php, (2) move arbitrary files via the move_to and move_file parameters to claroline/document/document.php, or determine the existence of arbitrary files via the file parameter to (3) claroline/scorm/showinframes.php or (4) claroline/scorm/contents.php. | |||||