Total
29559 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-0519 | 2 Sgi, Squirrelmail | 2 Propack, Squirrelmail | 2025-04-03 | 6.8 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1.4.2 allow remote attackers to execute arbitrary script as other users and possibly steal authentication information via multiple attack vectors, including the mailbox parameter in compose.php. | |||||
| CVE-2004-1373 | 1 Nullsoft | 1 Shoutcast Server | 2025-04-03 | 7.5 HIGH | N/A |
| Format string vulnerability in SHOUTcast 1.9.4 allows remote attackers to cause a denial of service (application crash) and execute arbitrary code via format string specifiers in a content URL, as demonstrated in the filename portion of a .mp3 file. | |||||
| CVE-2006-4596 | 1 Mybace Light | 1 Mybace Light | 2025-04-03 | 5.1 MEDIUM | N/A |
| PHP remote file inclusion in MyBace Light Skrip, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via the (1) hauptverzeichniss parameter in includes/login_check.php and the (2) template_back parameter in admin/login/content/user_daten.php. | |||||
| CVE-2005-2551 | 1 Novell | 1 Edirectory | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in dhost.exe in iMonitor for Novell eDirectory 8.7.3 on Windows allows attackers to cause a denial of service (crash) and obtain access to files via unknown vectors. | |||||
| CVE-2005-0633 | 1 Cerulean Studios | 2 Trillian, Trillian Pro | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in Trillian 3.0 and Pro 3.0 allows remote attackers to execute arbitrary code via a crafted PNG image file. | |||||
| CVE-2006-1752 | 1 Michiel Van Baak | 1 Mvblog | 2025-04-03 | 2.6 LOW | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the backend in MvBlog before 1.6 allow remote attackers to inject arbitrary web script or HTML via the (1) name or (2) body fields in a comment. | |||||
| CVE-2005-1597 | 1 Invision Power Services | 2 Invision Board, Invision Power Board | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in (1) search.php and (2) topics.php for Invision Power Board (IPB) 2.0.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the highlite parameter. | |||||
| CVE-1999-0177 | 1 Oreilly | 1 Website | 2025-04-03 | 7.5 HIGH | N/A |
| The uploader program in the WebSite web server allows a remote attacker to execute arbitrary programs. | |||||
| CVE-2006-2347 | 1 Oasyssoft | 1 E-business Designer | 2025-04-03 | 5.0 MEDIUM | N/A |
| E-Business Designer (eBD) 3.1.4 and earlier allows remote attackers to obtain the full path of the web server via "'" characters, and possibly other invalid values, in (1) the id parameter to form_grupo.html, or requests to the (2) archivos/ and (3) files/ directories. NOTE: this issue might be resultant from SQL injection. | |||||
| CVE-2000-0931 | 1 David Harris | 1 Pegasus Mail | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in Pegasus Mail 3.11 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long email message containing binary data. | |||||
| CVE-2004-1955 | 1 Phprofession | 1 Phprofession | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in modules.php in phProfession 2.5 allows remote attackers to execute arbitrary SQL code via the offset parameter. | |||||
| CVE-2006-0638 | 1 Mybulletinboard | 1 Mybulletinboard | 2025-04-03 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in moderation.php in MyBB (aka MyBulletinBoard) 1.0.3 allows remote authenticated users, with certain privileges for moderating and merging posts, to execute arbitrary SQL commands via the posts parameter. | |||||
| CVE-2002-1572 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 10.0 HIGH | N/A |
| Signed integer overflow in the bttv_read function in the bttv driver (bttv-driver.c) in Linux kernel before 2.4.20 has unknown impact and attack vectors. | |||||
| CVE-2002-1968 | 1 Com21 | 1 Doxport 1100 | 2025-04-03 | 2.1 LOW | N/A |
| Com21 DOXport 1100 series cable modem running firmware 2.1.1.106, and possibly other versions before 2.1.1.108.003, downloads a DOCSIS configuration file from a TFTP server running on the internal network, which allows local users to modify configuration of the modem via a malicious TFTP server. | |||||
| CVE-2006-1115 | 1 Ncipher | 3 Chil, Mscapi Csp, Ncipher Software Cd | 2025-04-03 | 2.6 LOW | N/A |
| nCipher HSM before 2.22.6, when generating a Diffie-Hellman public/private key pair without any specified DiscreteLogGroup parameters, chooses random parameters that could allow an attacker to crack the private key in significantly less time than a brute force attack. | |||||
| CVE-2006-4041 | 1 Pike | 1 Pike | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Pike before 7.6.86, when using a Postgres database server, allows remote attackers to execute arbitrary SQL commands via unspecified attack vectors. | |||||
| CVE-2005-4441 | 1 Pvlan Protocol | 1 Pvlan Protocol | 2025-04-03 | 5.0 MEDIUM | N/A |
| The PVLAN protocol allows remote attackers to bypass network segmentation and spoof PVLAN traffic via a PVLAN message with a target MAC address that is set to a gateway router, which causes the packet to be sent to the router, where the source MAC is modified, aka "Modification of the MAC spoofing PVLAN jumping attack," as demonstrated by pvlan.c. | |||||
| CVE-2005-2881 | 1 Phpcommunitycalendar | 1 Phpcommunitycalendar | 2025-04-03 | 7.5 HIGH | N/A |
| phpCommunityCalendar 4.0.3 allows remote attackers to bypass authentication and gain unauthorized access via a direct request to the admin directory. | |||||
| CVE-2005-2287 | 1 Softiacom | 1 Wmailserver | 2025-04-03 | 5.0 MEDIUM | N/A |
| SoftiaCom wMailServer 1.0 and 2.0 allows remote attackers to cause a denial of service (application crash) via a large TCP packet with a leading space, possibly triggering a buffer overflow. | |||||
| CVE-2003-1136 | 1 Chi Kien Uong | 1 Chi Kien Uong Guestbook | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Chi Kien Uong Guestbook 1.51 allows remote attackers to inject arbitrary web script or HTML via (1) HTML in a posted message or (2) Javascript in an onmouseover attribute in an e-mail address or URL. | |||||