Total
11506 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-0748 | 1 Acme Labs | 1 Acme Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Acme.Serve 1.7, as used in Cisco Secure ACS Unix and possibly other products, allows remote attackers to read arbitrary files by prepending several / (slash) characters to the URI. | |||||
| CVE-2005-1628 | 1 Web-app.org | 1 Webapp | 2025-04-03 | 7.5 HIGH | N/A |
| apage.cgi in WebAPP 0.9.9.2.1, and possibly earlier versions, allows remote attackers to execute arbitrary commands via shell metacharacters in the f parameter. | |||||
| CVE-2006-0914 | 1 Mozilla | 1 Bugzilla | 2025-04-03 | 5.5 MEDIUM | N/A |
| Bugzilla 2.16.10, 2.17 through 2.18.4, and 2.20 does not properly handle certain characters in the mostfreqthreshold parameter in duplicates.cgi, which allows remote attackers to trigger a SQL error. | |||||
| CVE-1999-0995 | 1 Microsoft | 1 Windows Nt | 2025-04-03 | 7.8 HIGH | N/A |
| Windows NT Local Security Authority (LSA) allows remote attackers to cause a denial of service via malformed arguments to the LsaLookupSids function which looks up the SID, aka "Malformed Security Identifier Request." | |||||
| CVE-2004-2596 | 1 Id Software | 1 Quake Ii Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Quake II server before R1Q2, as used in multiple products, allows remote attackers to cause a denial of service (exhaustion of connection slots) via a large number of connections from the same IP address. | |||||
| CVE-2006-4541 | 1 Iss | 1 Blackice Pc Protection | 2025-04-03 | 4.6 MEDIUM | N/A |
| RapDrv.sys in BlackICE PC Protection 3.6.cpn, cpj, cpiE, and possibly 3.6 and earlier, allows local users to cause a denial of service (crash) via a NULL third argument to the NtOpenSection API function. NOTE: it was later reported that 3.6.cqn is also affected. | |||||
| CVE-1999-0721 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2025-04-03 | 7.8 HIGH | N/A |
| Denial of service in Windows NT Local Security Authority (LSA) through a malformed LSA request. | |||||
| CVE-2006-1626 | 1 Microsoft | 2 Internet Explorer, Windows Xp | 2025-04-03 | 4.3 MEDIUM | N/A |
| Internet Explorer 6 for Windows XP SP2 and earlier allows remote attackers to spoof the address bar and possibly conduct phishing attacks by re-opening the window to a malicious Shockwave Flash application, then changing the window location back to a trusted URL while the Flash application is still loading. NOTE: this is a different vulnerability than CVE-2006-1192. | |||||
| CVE-2005-1787 | 1 Phpstat | 1 Phpstat | 2025-04-03 | 7.5 HIGH | N/A |
| setup.php in phpStat 1.5 allows remote attackers to bypass authentication and gain administrator privileges by setting the $check variable. | |||||
| CVE-2005-1330 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | 4.9 MEDIUM | N/A |
| AppKit in Mac OS X 10.3.9 allows attackers to cause a denial of service (Cocoa application crash) via a malformed TIFF image that causes the NXSeek to use an incorrect offset, leading to an unhandled exception. | |||||
| CVE-2005-3467 | 1 Solarwinds | 1 Serv-u File Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Serv-U FTP Server before 6.1.0.4 allows attackers to cause a denial of service (crash) via (1) malformed packets and possibly other unspecified issues with unknown impact and attack vectors including (2) use of "~" in a pathname, and (3) memory consumption of the daemon. NOTE: it is not clear whether items (2) and above are vulnerabilities. | |||||
| CVE-1999-1547 | 1 Oracle | 1 Web Listener | 2025-04-03 | 7.5 HIGH | N/A |
| Oracle Web Listener 2.1 allows remote attackers to bypass access restrictions by replacing a character in the URL with its HTTP-encoded (hex) equivalent. | |||||
| CVE-2006-2920 | 2 Sylpheed, Sylpheed-claws | 2 Sylpheed, Sylpheed-claws | 2025-04-03 | 2.6 LOW | N/A |
| Sylpheed-Claws before 2.2.2 and Sylpheed before 2.2.6 allow remote attackers to bypass the URI check functionality and makes it easier to conduct phishing attacks via a URI that begins with a space character. | |||||
| CVE-2003-0367 | 2 Debian, Gnu | 2 Debian Linux, Gzip | 2025-04-03 | 2.1 LOW | N/A |
| znew in the gzip package allows local users to overwrite arbitrary files via a symlink attack on temporary files. | |||||
| CVE-2006-4935 | 1 Moodle | 1 Moodle | 2025-04-03 | 10.0 HIGH | N/A |
| The Database module in Moodle before 1.6.2 does not properly handle uploaded files, which has unspecified impact and remote attack vectors. | |||||
| CVE-2006-1528 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 4.9 MEDIUM | N/A |
| Linux kernel before 2.6.13 allows local users to cause a denial of service (crash) via a dio transfer from the sg driver to memory mapped (mmap) IO space. | |||||
| CVE-2006-0884 | 1 Mozilla | 1 Thunderbird | 2025-04-03 | 9.3 HIGH | N/A |
| The WYSIWYG rendering engine ("rich mail" editor) in Mozilla Thunderbird 1.0.7 and earlier allows user-assisted attackers to bypass javascript security settings and obtain sensitive information or cause a crash via an e-mail containing a javascript URI in the SRC attribute of an IFRAME tag, which is executed when the user edits the e-mail. | |||||
| CVE-2003-1003 | 1 Cisco | 2 Pix Firewall, Pix Firewall Software | 2025-04-03 | 7.8 HIGH | N/A |
| Cisco PIX firewall 5.x.x, and 6.3.1 and earlier, allows remote attackers to cause a denial of service (crash and reload) via an SNMPv3 message when snmp-server is set. | |||||
| CVE-2002-2371 | 1 Linksys | 1 Wet11 | 2025-04-03 | 7.8 HIGH | N/A |
| Linksys WET11 firmware 1.31 and 1.32 allows remote attackers to cause a denial of service (crash) via a packet containing the device's hardware address as the source MAC address in the DLC header. | |||||
| CVE-2004-1386 | 1 Tiki | 1 Tikiwiki Cms\/groupware | 2025-04-03 | 7.5 HIGH | N/A |
| TikiWiki before 1.8.4.1 does not properly verify uploaded images, which could allow remote attackers to upload and execute arbitrary PHP scripts, a different vulnerability than CVE-2005-0200. | |||||