Total
29559 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-1592 | 2 Sendmail, Sun | 2 Sendmail, Sunos | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple unspecified vulnerabilities in sendmail 5, as installed on Sun SunOS 4.1.3_U1 and 4.1.4, have unspecified attack vectors and impact. NOTE: this might overlap CVE-1999-0129. | |||||
| CVE-2000-1088 | 1 Microsoft | 2 Data Engine, Sql Server | 2025-04-03 | 4.6 MEDIUM | N/A |
| The xp_SetSQLSecurity function in Microsoft SQL Server 2000 and SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows an attacker to cause a denial of service or execute arbitrary commands, aka the "Extended Stored Procedure Parameter Parsing" vulnerability. | |||||
| CVE-2006-0046 | 1 Cameron Simpson | 1 Adzapper | 2025-04-03 | 7.8 HIGH | N/A |
| squid_redirect script in adzapper before 2006-01-29 allows remote attackers to cause a denial of service (CPU consumption) via a URL with a large number of trailing / (forward slashes), which might produce inefficient regular expressions. | |||||
| CVE-2004-2146 | 1 Pd9 Software | 1 Megabbs | 2025-04-03 | 5.0 MEDIUM | N/A |
| CRLF injection vulnerability in PD9 Software MegaBBS 2 and 2.1 allows attackers to conduct HTTP response splitting attacks via the fid parameter in a writenew action to thread-post.asp. | |||||
| CVE-2005-3324 | 1 Appindex | 1 Mwchat | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in chat.php in MWChat 6.8 allows remote attackers to execute arbitrary SQL commands via the username parameter. | |||||
| CVE-2006-2036 | 1 Iopus | 1 Secure Email Attachments | 2025-04-03 | 2.1 LOW | N/A |
| iOpus Secure Email Attachments (SEA), probably 1.0, does not properly handle passwords that consist of repetitions of a substring, which allows attackers to decrypt files by entering only the substring. | |||||
| CVE-1999-0362 | 1 Ipswitch | 1 Ws Ftp Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| WS_FTP server remote denial of service through cwd command. | |||||
| CVE-2004-0412 | 1 Gnu | 1 Mailman | 2025-04-03 | 5.0 MEDIUM | N/A |
| Mailman before 2.1.5 allows remote attackers to obtain user passwords via a crafted email request to the Mailman server. | |||||
| CVE-2000-0472 | 1 Isc | 1 Inn | 2025-04-03 | 3.6 LOW | N/A |
| Buffer overflow in innd 2.2.2 allows remote attackers to execute arbitrary commands via a cancel request containing a long message ID. | |||||
| CVE-2006-2273 | 1 Verisign | 1 I-nav | 2025-04-03 | 9.3 HIGH | N/A |
| The InstallProduct routine in the Verisign VUpdater.Install (aka i-Nav) ActiveX control does not verify Microsoft Cabinet (.CAB) files, which allows remote attackers to run an arbitrary executable file. | |||||
| CVE-2004-0393 | 1 Rlpr | 1 Rlpr | 2025-04-03 | 10.0 HIGH | N/A |
| Format string vulnerability in the msg function for rlpr daemon (rlprd) 2.0.4 allows remote attackers to execute arbitrary code via format string specifiers in a buffer that can not be resolved, which is provided to the syslog function. | |||||
| CVE-2005-0282 | 1 Mybulletinboard | 1 Mybulletinboard | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in member.php in MyBulletinBoard (MyBB) allows remote attackers to execute arbitrary SQL commands via the uid parameter. | |||||
| CVE-2002-0502 | 1 Citrix | 1 Nfuse | 2025-04-03 | 5.0 MEDIUM | N/A |
| Citrix NFuse 1.6 may allow remote attackers to list applications without authentication by accessing the applist.asp page. | |||||
| CVE-2005-4835 | 1 Madwifi | 1 Madwifi | 2025-04-03 | 7.1 HIGH | N/A |
| The ath_rate_sample function in the ath_rate/sample/sample.c sample code in MadWifi before 0.9.3 allows remote attackers to cause a denial of service (failed KASSERT and system crash) by moving a connected system to a location with low signal strength, and possibly other vectors related to a race condition between interface enabling and packet transmission. | |||||
| CVE-2001-0441 | 3 Debian, Mandrakesoft, Redhat | 4 Debian Linux, Mandrake Linux, Mandrake Linux Corporate Server and 1 more | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in (1) wrapping and (2) unwrapping functions of slrn news reader before 0.9.7.0 allows remote attackers to execute arbitrary commands via a long message header. | |||||
| CVE-2004-1898 | 1 Tildeslash | 1 Monit | 2025-04-03 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in the administration interface in Monit 1.4 through 4.2 allows remote attackers to execute arbitrary code via a long username. | |||||
| CVE-2005-2679 | 1 Sysinternals | 1 Process Explorer | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in Sysinternals Process Explorer 9.23, and other versions before 9.25, allows local users to execute arbitrary code via a long CompanyName field in the VersionInfo information in a running process. | |||||
| CVE-2005-2672 | 1 Lm Sensors | 1 Lm Sensors | 2025-04-03 | 2.1 LOW | N/A |
| pwmconfig in LM_sensors before 2.9.1 creates temporary files insecurely, which allows local users to overwrite arbitrary files via a symlink attack on the fancontrol temporary file. | |||||
| CVE-2005-3176 | 1 Microsoft | 1 Windows 2000 | 2025-04-03 | 7.5 HIGH | N/A |
| Microsoft Windows 2000 before Update Rollup 1 for SP4 does not record the IP address of a Windows Terminal Services client in a security log event if the client connects successfully, which could make it easier for attackers to escape detection. | |||||
| CVE-2005-4222 | 1 Lars Ellingsen | 1 Guestserver | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in guestbook.cgi in Lars Ellingsen Guestserver 4.13 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified message fields. | |||||