Total
29798 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-0979 | 1 Netmanage | 1 Rumba | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple buffer overflows in RUMBA 7.3 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via crafted values in a profile file, as demonstrated using a long SysName field. | |||||
| CVE-2003-0676 | 1 Sun | 2 Iplanet Directory Server, One Directory Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in ViewLog for iPlanet Administration Server 5.1 (aka Sun ONE) allows remote attackers to read arbitrary files via "..%2f" (partially encoded dot dot) sequences. | |||||
| CVE-2006-0420 | 1 Bea | 1 Weblogic Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| BEA WebLogic Server and WebLogic Express 8.1 through SP4 and 7.0 through SP6 does not properly handle when servlets use relative forwarding, which allows remote attackers to cause a denial of service (slowdown) via unknown attack vectors that cause "looping stack overflow errors." | |||||
| CVE-2001-0752 | 1 Cisco | 1 Cbos | 2025-04-03 | 5.0 MEDIUM | N/A |
| Cisco CBOS 2.3.8 and earlier allows remote attackers to cause a denial of service via an ICMP ECHO REQUEST (ping) with the IP Record Route option set. | |||||
| CVE-2006-1942 | 3 K-meleon Project, Mozilla, Netscape | 3 K-meleon, Firefox, Navigator | 2025-04-03 | 5.1 MEDIUM | N/A |
| Mozilla Firefox 1.5.0.2 and possibly other versions before 1.5.0.4, Netscape 8.1, 8.0.4, and 7.2, and K-Meleon 0.9.13 allows user-assisted remote attackers to open local files via a web page with an IMG element containing a SRC attribute with a non-image file:// URL, then tricking the user into selecting View Image for the broken image, as demonstrated using a .wma file to launch Windows Media Player, or by referencing an "alternate web page." | |||||
| CVE-2004-2032 | 1 Netgear | 1 Rp114 | 2025-04-03 | 7.5 HIGH | N/A |
| Netgear RP114 allows remote attackers to bypass the keyword based URL filtering by requesting a long URL, as demonstrated using a large number of %20 (hex-encoded space) sequences. | |||||
| CVE-2000-0570 | 1 Centrinity | 1 Firstclass Intranet Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| FirstClass Internet Services server 5.770, and other versions before 6.1, allows remote attackers to cause a denial of service by sending an email with a long To: mail header. | |||||
| CVE-2006-2271 | 1 Lksctp | 1 Lksctp | 2025-04-03 | 7.8 HIGH | N/A |
| The ECNE chunk handling in Linux SCTP (lksctp) before 2.6.17 allows remote attackers to cause a denial of service (kernel panic) via an unexpected chunk when the session is in CLOSED state. | |||||
| CVE-2006-4277 | 1 Tutti Nova | 1 Tutti Nova | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Tutti Nova 1.6 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the TNLIB_DIR parameter to (1) include/novalib/class.novaAdmin.mysql.php and (2) novalib/class.novaRead.mysql.php. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | |||||
| CVE-2001-0863 | 1 Cisco | 1 12000 Router | 2025-04-03 | 5.0 MEDIUM | N/A |
| Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not handle the "fragment" keyword in a compiled ACL (Turbo ACL) for packets that are sent to the router, which allows remote attackers to cause a denial of service via a flood of fragments. | |||||
| CVE-2005-4792 | 1 Phpwebsite | 1 Phpwebsite | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Appalachian State University phpWebSite 0.10.1 and earlier allows remote attackers to execute arbitrary SQL commands via the module parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2005-1063 | 1 Kerio | 3 Kerio Mailserver, Personal Firewall, Winroute Firewall | 2025-04-03 | 5.0 MEDIUM | N/A |
| The administration protocol for Kerio WinRoute Firewall 6.x up to 6.0.10, Personal Firewall 4.x up to 4.1.2, and MailServer up to 6.0.8 allows remote attackers to cause a denial of service (CPU consumption) via certain attacks that force the product to "compute unexpected conditions" and "perform cryptographic operations." | |||||
| CVE-2006-3388 | 1 Phpmyadmin | 1 Phpmyadmin | 2025-04-03 | 5.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in phpMyAdmin before 2.8.2 allows remote attackers to inject arbitrary web script or HTML via the table parameter. | |||||
| CVE-2004-0090 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | 10.0 HIGH | N/A |
| Unknown vulnerability in Windows File Sharing for Mac OS X 10.1.5 through 10.3.2 does not "shutdown properly," which has unknown impact and attack vectors. | |||||
| CVE-2005-1520 | 1 Gnu | 1 Mailutils | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the header_get_field_name function in header.c for GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows remote attackers to execute arbitrary code via a crafted e-mail. | |||||
| CVE-2001-0370 | 1 Michael A. Gumienny | 1 Fcheck | 2025-04-03 | 4.6 MEDIUM | N/A |
| fcheck prior to 2.57.59 calls the file signature checking program insecurely, which can allow a local user to run arbitrary commands via a file name that contains shell metacharacters. | |||||
| CVE-2004-2223 | 1 Fsphpgallery | 1 Fsphpgallery | 2025-04-03 | 5.0 MEDIUM | N/A |
| FsPHPGallery before 1.2 allows remote attackers to cause a denial of service via an image with a large size attribute, which causes a crash when the server attempts to resize the image. | |||||
| CVE-2004-2660 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 4.9 MEDIUM | N/A |
| Memory leak in direct-io.c in Linux kernel 2.6.x before 2.6.10 allows local users to cause a denial of service (memory consumption) via certain O_DIRECT (direct IO) write requests. | |||||
| CVE-2006-3394 | 1 Bxcp | 1 Bxcp | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the files mod in index.php in BXCP 0.3.0.4 allows remote attackers to execute arbitrary SQL commands via the where parameter in a view action. | |||||
| CVE-2006-1390 | 1 Gentoo | 1 Linux | 2025-04-03 | 4.6 MEDIUM | N/A |
| The configuration of NetHack 3.4.3-r1 and earlier, Falcon's Eye 1.9.4a and earlier, and Slash'EM 0.0.760 and earlier on Gentoo Linux allows local users in the games group to modify saved games files to execute arbitrary code via buffer overflows and overwrite arbitrary files via symlink attacks. | |||||