Total
29559 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-0796 | 1 Freebsd | 1 Freebsd | 2025-04-03 | 7.5 HIGH | N/A |
| FreeBSD T/TCP Extensions for Transactions can be subjected to spoofing attacks. | |||||
| CVE-2003-0014 | 1 Bmv | 1 Bmv | 2025-04-03 | 4.6 MEDIUM | N/A |
| gsinterf.c in bmv 1.2 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files. | |||||
| CVE-2005-1655 | 1 Aol | 1 Instant Messenger | 2025-04-03 | 5.0 MEDIUM | N/A |
| AOL Instant Messenger 5.5.x and earlier allows remote attackers to cause a denial of service (client crash) via an invalid smiley icon location in the sml parameter of a font tag. | |||||
| CVE-2004-0059 | 1 Lionmax Software | 1 Www File Share Pro | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in upload capability of WWW File Share Pro 2.42 and earlier allows remote attackers to overwrite arbitrary files via .. (dot dot) sequences in the filename parameter of a Content-Disposition: header. | |||||
| CVE-1999-1584 | 1 Sun | 2 Openwindows, Sunos | 2025-04-03 | 10.0 HIGH | N/A |
| Unknown vulnerability in (1) loadmodule, and (2) modload if modload is installed with setuid/setgid privileges, in SunOS 4.1.1 through 4.1.3c, and Open Windows 3.0, allows local users to gain root privileges via environment variables, a different vulnerability than CVE-1999-1586. | |||||
| CVE-2000-1119 | 1 Ibm | 1 Aix | 2025-04-03 | 4.6 MEDIUM | N/A |
| Buffer overflow in setsenv command in IBM AIX 4.3.x and earlier allows local users to execute arbitrary commands via a long "x=" argument. | |||||
| CVE-2001-0611 | 1 Rimarts Inc. | 1 Becky Internet Mail | 2025-04-03 | 7.5 HIGH | N/A |
| Becky! 2.00.05 and earlier can allow a remote attacker to gain additional privileges via a buffer overflow attack on long messages without newline characters. | |||||
| CVE-2005-4666 | 1 Phlymail | 1 Phlymail | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in PHlyMail before 3.3 Beta1 allows remote attackers to inject arbitrary Javascript via unknown attack vectors. | |||||
| CVE-2004-0569 | 1 Microsoft | 1 Windows Nt | 2025-04-03 | 7.5 HIGH | N/A |
| The RPC Runtime Library for Microsoft Windows NT 4.0 allows remote attackers to read active memory or cause a denial of service (system crash) via a malicious message, possibly related to improper length values. | |||||
| CVE-2004-2578 | 1 Phpgroupware | 1 Phpgroupware | 2025-04-03 | 5.0 MEDIUM | N/A |
| phpGroupWare before 0.9.16.002 transmits the (1) header admin and (2) setup passwords in plaintext via cookies, which allows remote attackers to sniff passwords. | |||||
| CVE-2005-3377 | 1 Mcafee | 1 Internet Security Suite | 2025-04-03 | 5.1 MEDIUM | N/A |
| Multiple interpretation error in (1) McAfee Internet Security Suite 7.1.5 version 9.1.08 with the 4.4.00 engine and (2) McAfee Corporate 8.0.0 patch 10 with the 4400 engine allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a dangerous file type by applications on the end system, as demonstrated by a "triple headed" program that contains EXE, EML, and HTML content, aka the "magic byte bug." | |||||
| CVE-2002-1562 | 1 Acme Labs | 1 Thttpd | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in thttpd, when using virtual hosting, allows remote attackers to read arbitrary files via .. (dot dot) sequences in the Host: header. | |||||
| CVE-2000-0361 | 1 Suse | 1 Suse Linux | 2025-04-03 | 2.1 LOW | N/A |
| The PPP wvdial.lxdialog script in wvdial 1.4 and earlier creates a .config file with world readable permissions, which allows a local attacker in the dialout group to access login and password information. | |||||
| CVE-2006-4104 | 1 Mojoscripts | 1 Mojogallery | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in admin.cgi in mojoscripts.com mojoGallery allows remote attackers to inject arbitrary web script or HTML via "password input." | |||||
| CVE-2002-1969 | 1 The Magic Notebook | 1 The Magic Notebook | 2025-04-03 | 5.0 MEDIUM | N/A |
| Magic Notebook 1.0b and 1.1b allows remote attackers to cause a denial of service (crash) via an invalid username during login. | |||||
| CVE-2004-1854 | 1 Picophone | 1 Internet Telephone | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the logging function in Picophone 1.63 and earlier allows remote attackers to execute arbitrary code via a large packet. | |||||
| CVE-2005-3852 | 1 Onlinetechtools.com | 1 Owos Lite | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in search.asp in Online Work Order Suite (OWOS) Lite Edition for ASP 3.0 allows remote attackers to execute arbitrary SQL commands via the keyword parameter. | |||||
| CVE-2005-4431 | 1 Wowbb | 1 Wowbb | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in WowBB 1.65 allows remote attackers to execute arbitrary SQL commands via the q parameter to search.php. NOTE: the view_user.php/sort_by vector is already covered by CVE-2005-1554 and CVE-2004-2181. | |||||
| CVE-2004-1090 | 6 Debian, Gentoo, Midnight Commander and 3 more | 8 Debian Linux, Linux, Midnight Commander and 5 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "a corrupt section header." | |||||
| CVE-1999-0304 | 4 Bsdi, Freebsd, Netbsd and 1 more | 4 Bsd Os, Freebsd, Netbsd and 1 more | 2025-04-03 | 7.2 HIGH | N/A |
| mmap function in BSD allows local attackers in the kmem group to modify memory through devices. | |||||