Total
11158 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-2371 | 1 Linksys | 1 Wet11 | 2025-04-03 | 7.8 HIGH | N/A |
| Linksys WET11 firmware 1.31 and 1.32 allows remote attackers to cause a denial of service (crash) via a packet containing the device's hardware address as the source MAC address in the DLC header. | |||||
| CVE-2004-1386 | 1 Tiki | 1 Tikiwiki Cms\/groupware | 2025-04-03 | 7.5 HIGH | N/A |
| TikiWiki before 1.8.4.1 does not properly verify uploaded images, which could allow remote attackers to upload and execute arbitrary PHP scripts, a different vulnerability than CVE-2005-0200. | |||||
| CVE-2005-1398 | 1 Phpcart | 1 Phpcart | 2025-04-03 | 5.0 MEDIUM | N/A |
| phpcart.php in PHPCart 3.2 allows remote attackers to change product price information by modifying the (1) price or (2) postage parameters. NOTE: it was later reported that 3.4 through 4.6.4 are also affected. | |||||
| CVE-2002-1979 | 1 Watchguard | 3 Legacy Rssa, Soho, Vclass | 2025-04-03 | 7.5 HIGH | N/A |
| WatchGuard SOHO products running firmware 5.1.6 and earlier, and Vclass/RSSA using 3.2 SP1 and earlier, allows remote attackers to bypass firewall rules by sending a PASV command string as the argument of another command to an FTP server, which generates a response that contains the string, causing IPFilter to treat the response as if it were a legitimate PASV command from the server. | |||||
| CVE-2006-3014 | 1 Microsoft | 1 Excel | 2025-04-03 | 5.1 MEDIUM | N/A |
| Microsoft Excel allows user-assisted attackers to execute arbitrary javascript and redirect users to arbitrary sites via an Excel spreadsheet with an embedded Shockwave Flash Player ActiveX Object, which is automatically executed when the user opens the spreadsheet. | |||||
| CVE-2006-3423 | 1 Webex Communications | 2 Downloader Activexcontrol, Downloader Java | 2025-04-03 | 9.3 HIGH | N/A |
| WebEx Downloader ActiveX Control and WebEx Downloader Java before 2.1.0.0 do not validate downloaded components, which allows remote attackers to execute arbitrary code via a website that activates the GpcUrlRoot and GpcIniFileName ActiveX controls to cause the client to download a DLL file. | |||||
| CVE-2003-1416 | 1 Bisonftp | 1 Bisonftp Server 4 | 2025-04-03 | 4.3 MEDIUM | N/A |
| BisonFTP Server 4 release 2 allows remote attackers to cause a denial of service (CPU consumption) via a long (1) ls or (2) cwd command. | |||||
| CVE-2005-1795 | 1 Clam Anti-virus | 1 Clamav | 2025-04-03 | 7.5 HIGH | N/A |
| The filecopy function in misc.c in Clam AntiVirus (ClamAV) before 0.85, on Mac OS, allows remote attackers to execute arbitrary code via a virus in a filename that contains shell metacharacters, which are not properly handled when HFS permissions prevent the file from being deleted and ditto is invoked. | |||||
| CVE-2006-0047 | 1 Freeciv | 1 Freeciv | 2025-04-03 | 5.0 MEDIUM | N/A |
| packets.c in Freeciv 2.0 before 2.0.8 allows remote attackers to cause a denial of service (server crash) via crafted packets with negative compressed size values. | |||||
| CVE-2001-0509 | 1 Microsoft | 4 Exchange Server, Sql Server, Windows 2000 and 1 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| Vulnerabilities in RPC servers in (1) Microsoft Exchange Server 2000 and earlier, (2) Microsoft SQL Server 2000 and earlier, (3) Windows NT 4.0, and (4) Windows 2000 allow remote attackers to cause a denial of service via malformed inputs. | |||||
| CVE-2006-4468 | 1 Joomla | 1 Joomla\! | 2025-04-03 | 6.8 MEDIUM | N/A |
| Multiple unspecified vulnerabilities in Joomla! before 1.0.11, related to unvalidated input, allow attackers to have an unknown impact via unspecified vectors involving the (1) mosMail, (2) JosIsValidEmail, and (3) josSpoofValue functions; (4) the lack of inclusion of globals.php in administrator/index.php; (5) the Admin User Manager; and (6) the poll module. | |||||
| CVE-2005-0449 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 7.1 HIGH | N/A |
| The netfilter/iptables module in Linux before 2.6.8.1 allows remote attackers to cause a denial of service (kernel crash) or bypass firewall rules via crafted packets, which are not properly handled by the skb_checksum_help function. | |||||
| CVE-2006-4936 | 1 Moodle | 1 Moodle | 2025-04-03 | 10.0 HIGH | N/A |
| Moodle before 1.6.2 does not properly validate the module instance id when creating a course module object, which has unspecified impact and remote attack vectors. | |||||
| CVE-1999-0265 | 2 Microware, Novell | 2 Os-9, Netware | 2025-04-03 | 5.0 MEDIUM | N/A |
| ICMP redirect messages may crash or lock up a host. | |||||
| CVE-2005-2806 | 1 Trevor Hogan | 1 Bnbt | 2025-04-03 | 5.0 MEDIUM | N/A |
| client.cpp in BNBT EasyTracker 7.7r3.2004.10.27 and earlier allows remote attackers to cause a denial of service (application hang) via an HTTP header containing only a ":" (colon), possibly leading to an integer signedness error due to a missing field name or value. | |||||
| CVE-1999-0001 | 3 Bsdi, Freebsd, Openbsd | 3 Bsd Os, Freebsd, Openbsd | 2025-04-03 | 5.0 MEDIUM | N/A |
| ip_input.c in BSD-derived TCP/IP implementations allows remote attackers to cause a denial of service (crash or hang) via crafted packets. | |||||
| CVE-2006-4340 | 1 Mozilla | 4 Firefox, Network Security Services, Seamonkey and 1 more | 2025-04-03 | 4.0 MEDIUM | N/A |
| Mozilla Network Security Service (NSS) library before 3.11.3, as used in Mozilla Firefox before 1.5.0.7, Thunderbird before 1.5.0.7, and SeaMonkey before 1.0.5, when using an RSA key with exponent 3, does not properly handle extra data in a signature, which allows remote attackers to forge signatures for SSL/TLS and email certificates, a similar vulnerability to CVE-2006-4339. NOTE: on 20061107, Mozilla released an advisory stating that these versions were not completely patched by MFSA2006-60. The newer fixes for 1.5.0.7 are covered by CVE-2006-5462. | |||||
| CVE-2002-2237 | 1 Tftp | 1 Tftp Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| tftp32 TFTP server 2.21 and earlier allows remote attackers to cause a denial of service via a GET request with a DOS device name such as com1 or aux. | |||||
| CVE-2005-2177 | 1 Net-snmp | 1 Net-snmp | 2025-04-03 | 5.0 MEDIUM | N/A |
| Net-SNMP 5.0.x before 5.0.10.2, 5.2.x before 5.2.1.2, and 5.1.3, when net-snmp is using stream sockets such as TCP, allows remote attackers to cause a denial of service (daemon hang and CPU consumption) via a TCP packet of length 1, which triggers an infinite loop. | |||||
| CVE-2005-0200 | 1 Tiki | 1 Tikiwiki Cms\/groupware | 2025-04-03 | 7.5 HIGH | N/A |
| TikiWiki before 1.8.5 does not properly validate files that have been uploaded to the temp directory, which could allow remote attackers to upload and execute arbitrary PHP scripts, a different vulnerability than CVE-2004-1386. | |||||