Total
29802 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-3594 | 1 Cisco | 1 Unified Callmanager | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in Cisco Unified CallManager (CUCM) 5.0(1) through 5.0(3a) allows remote attackers to execute arbitrary code via a long hostname in a SIP request, aka bug CSCsd96542. | |||||
| CVE-2006-1419 | 1 Nuked-klan | 1 Nuked-klan | 2025-04-03 | 5.0 MEDIUM | N/A |
| SQL injection vulnerability in the Calendar module in nuked-klan 1.7.5 and earlier allows remote attackers to execute arbitrary SQL commands via the m parameter to index.php. | |||||
| CVE-2005-1670 | 1 Extremenetworks | 3 Blackdiamond 10808, Blackdiamond 8800, Extremeware Xos | 2025-04-03 | 4.6 MEDIUM | N/A |
| Unknown vulnerability in Extreme BlackDiamond 10808 and 8800 switches running ExtremeWare XOS 11.1 before 11.1.3.3, 11.0 before 11.0.2.4, and 10.x allows remote authenticated users to execute arbitrary commands. | |||||
| CVE-2002-1214 | 1 Microsoft | 3 Windows 2000, Windows 2000 Terminal Services, Windows Xp | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in Microsoft PPTP Service on Windows XP and Windows 2000 allows remote attackers to cause a denial of service (hang) and possibly execute arbitrary code via a certain PPTP packet with malformed control data. | |||||
| CVE-2001-0489 | 1 Gftp | 1 Gftp | 2025-04-03 | 7.5 HIGH | N/A |
| Format string vulnerability in gftp prior to 2.0.8 allows remote malicious FTP servers to execute arbitrary commands. | |||||
| CVE-2005-2849 | 1 Barracuda Networks | 1 Barracuda Spam Firewall | 2025-04-03 | 6.4 MEDIUM | N/A |
| Argument injection vulnerability in Barracuda Spam Firewall running firmware 3.1.16 and 3.1.17 allows remote attackers to (1) read portions of source code via the -f option to Dig (dig_device.cgi), (2) determine file existence via the -r argument to Tcpdump (tcpdump_device.cgi) or (3) modify files in the cgi-bin directory via the -w argument to Tcpdump. | |||||
| CVE-2004-0676 | 1 Fastream | 1 Netfile Ftp Web Server | 2025-04-03 | 10.0 HIGH | N/A |
| Directory traversal vulnerability in Fastream NETFile FTP/Web Server 6.7.2.1085 and earlier allows remote attackers to create or delete arbitrary files via .. (dot dot) and // (double slash) sequences in the filename parameter. | |||||
| CVE-1999-0478 | 1 Sendmail | 1 Sendmail | 2025-04-03 | 5.0 MEDIUM | N/A |
| Denial of service in HP-UX sendmail 8.8.6 related to accepting connections. | |||||
| CVE-2005-3723 | 1 Hitachi | 1 Ip5000 Voip Wifi Phone | 2025-04-03 | 7.5 HIGH | N/A |
| Hitachi IP5000 VOIP WIFI Phone 1.5.6 does not allow the user to disable access to (1) SNMP or (2) TCP port 3390, which allows remote attackers to modify configuration using CVE-2005-3722, or access the Unidata Shell to obtain sensitive information or cause a denial of service. | |||||
| CVE-2006-2559 | 1 Linksys | 2 Wrt54g, Wrt54g V5 | 2025-04-03 | 7.5 HIGH | N/A |
| Linksys WRT54G Wireless-G Broadband Router allows remote attackers to bypass access restrictions and conduct unauthorized operations via a UPnP request with a modified InternalClient parameter, which is not validated, as demonstrated by using AddPortMapping to forward arbitrary traffic. | |||||
| CVE-2005-4611 | 1 Phpfreebies.com | 1 Free Clickbank | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in search.php in Free ClickBank 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the keywords parameter. | |||||
| CVE-2005-0585 | 1 Mozilla | 2 Firefox, Mozilla | 2025-04-03 | 2.6 LOW | N/A |
| Firefox before 1.0.1 and Mozilla before 1.7.6 truncates long sub-domains or paths for display, which may allow remote malicious web sites to spoof legitimate sites and facilitate phishing attacks. | |||||
| CVE-2006-1430 | 1 Controlzx | 1 Hms | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in CONTROLzx HMS (formerly DRZES) 3.3.4 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) dedicatedPlanID parameter to dedicated_order.php, (2) sharedPlanID parameter to shared_order.php, (3) plan_id parameter to customers/server_management.php, and (4) email field to customers/forgotpass.php. | |||||
| CVE-2004-2495 | 1 Code-crafters | 1 Ability Mail Server | 2025-04-03 | 7.8 HIGH | N/A |
| The (1) Webmail, (2) admin, and (3) SMTP services in Ability Mail Server 1.18 allow remote attackers to cause a denial of service (CPU consumption) via a large number of simultaneous connections to the service. | |||||
| CVE-2006-4866 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | 4.6 MEDIUM | N/A |
| Buffer overflow in kextload in Apple OS X, as used by TDIXSupport in Roxio Toast Titanium and possibly other products, allows local users to execute arbitrary code via a long extension argument. | |||||
| CVE-2006-0206 | 1 Light Weight Calendar | 1 Light Weight Calendar | 2025-04-03 | 7.5 HIGH | N/A |
| Eval injection vulnerability in Light Weight Calendar (LWC) 1.0 (20040909) and earlier allows remote attackers to execute arbitrary PHP code via the date parameter in cal.php, which is included by index.php. | |||||
| CVE-1999-0581 | 1 Microsoft | 1 Windows Nt | 2025-04-03 | 10.0 HIGH | N/A |
| The HKEY_CLASSES_ROOT key in a Windows NT system has inappropriate, system-critical permissions. | |||||
| CVE-2002-0707 | 1 Surfcontrol | 2 Superscout Web Filter, Web Filter | 2025-04-03 | 5.0 MEDIUM | N/A |
| The Web Reports Server for SurfControl SuperScout WebFilter allows remote attackers to cause a denial of service (CPU consumption) via large GET requests, possibly due to a buffer overflow. | |||||
| CVE-2006-3824 | 1 Sun | 1 Solaris | 2025-04-03 | 4.9 MEDIUM | N/A |
| systeminfo.c for Sun Solaris allows local users to read kernel memory via a 0 variable count argument to the sysinfo system call, which causes a -1 argument to be used by the copyout function. NOTE: this issue has been referred to as an integer overflow, but it is probably more like a signedness error or integer underflow. | |||||
| CVE-2004-0891 | 4 Gentoo, Rob Flynn, Slackware and 1 more | 4 Linux, Gaim, Slackware Linux and 1 more | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in the MSN protocol handler for gaim 0.79 to 1.0.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an "unexpected sequence of MSNSLP messages" that results in an unbounded copy operation that writes to the wrong buffer. | |||||