Total
29682 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-2096 | 1 Zlib | 1 Zlib | 2025-04-03 | 7.5 HIGH | N/A |
| zlib 1.2 and later versions allows remote attackers to cause a denial of service (crash) via a crafted compressed stream with an incomplete code description of a length greater than 1, which leads to a buffer overflow, as demonstrated using a crafted PNG file. | |||||
| CVE-2001-0413 | 1 Bintec | 3 X1000, X1200, X4000 | 2025-04-03 | 5.0 MEDIUM | N/A |
| BinTec X4000 Access router, and possibly other versions, allows remote attackers to cause a denial of service via a SYN port scan, which causes the router to hang. | |||||
| CVE-2005-4371 | 1 Acidcat | 1 Acidcat | 2025-04-03 | 5.0 MEDIUM | N/A |
| Acidcat 2.1.13 and earlier stores the database under the web root with insufficient access control, which allows remote attackers to obtain sensitive information via a request to databases/acidcat.mdb. | |||||
| CVE-2001-1441 | 1 Ibm | 1 Visualage For Java | 2025-04-03 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in VisualAge for Java 3.5 Professional allows remote attackers to execute JavaScript on other clients via the URL, which injects the script in the resulting error message. | |||||
| CVE-2003-0235 | 1 Mirabilis | 1 Icq | 2025-04-03 | 7.5 HIGH | N/A |
| Format string vulnerability in POP3 client for Mirabilis ICQ Pro 2003a allows remote malicious servers to execute arbitrary code via format strings in the response to a UIDL command. | |||||
| CVE-2006-1229 | 1 Hosting Controller | 1 Hosting Controller | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in search.asp in Hosting Controller 6.1 (Hotfix 2.9) allows remote attackers to execute arbitrary SQL commands via the search parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2005-2888 | 1 Mybulletinboard | 1 Mybulletinboard | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in MyBulletinBoard (MyBB) Preview Release 2 allow remote attackers to execute arbitrary SQL commands via the (1) fid parameter to misc.php or (2) Content-Disposition field in the HTTP header to newreply.php. | |||||
| CVE-2004-0454 | 1 Rlpr | 1 Rlpr | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in the msg function for rlpr daemon (rlprd) 2.04 allows local users to execute arbitrary code. | |||||
| CVE-2006-0912 | 1 Oreka | 1 Oreka | 2025-04-03 | 5.0 MEDIUM | N/A |
| Oreka before 0.5 allows remote attackers to cause a denial of service (application crash) via a "certain RTP sequence." | |||||
| CVE-2003-0360 | 1 Debian | 1 Debian Linux | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple buffer overflows in gPS before 1.0.0 allow attackers to cause a denial of service and possibly execute arbitrary code. | |||||
| CVE-2005-2359 | 1 Freebsd | 1 Freebsd | 2025-04-03 | 5.0 MEDIUM | N/A |
| The AES-XCBC-MAC algorithm in IPsec in FreeBSD 5.3 and 5.4, when used for authentication without other encryption, uses a constant key instead of the one that was assigned by the system administrator, which can allow remote attackers to spoof packets to establish an IPsec session. | |||||
| CVE-2006-4898 | 1 Guanxicrm | 1 Guanxicrm Business Solution | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in include/phpxd/phpXD.php in guanxiCRM 0.9.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the appconf[rootpath] parameter. | |||||
| CVE-2002-0005 | 1 Aol | 1 Instant Messenger | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in AOL Instant Messenger (AIM) 4.7.2480, 4.8.2616, and other versions allows remote attackers to execute arbitrary code via a long argument in a game request (AddGame). | |||||
| CVE-2005-3519 | 1 Mysource | 1 Mysource | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple PHP file inclusion vulnerabilities in MySource 2.14.0 allow remote attackers to execute arbitrary PHP code and include arbitrary local files via the (1) INCLUDE_PATH and (2) SQUIZLIB_PATH parameters in new_upgrade_functions.php, (3) the INCLUDE_PATH parameter in init_mysource.php, and the PEAR_PATH parameter in (4) Socket.php, (5) Request.php, (6) Mail.php, (7) Date.php, (8) Span.php, (9) mimeDecode.php, and (10) mime.php. | |||||
| CVE-2002-0242 | 1 Microsoft | 1 Internet Explorer | 2025-04-03 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerability in Internet Explorer 6 earlier allows remote attackers to execute arbitrary script via an Extended HTML Form, whose output from the remote server is not properly cleansed. | |||||
| CVE-2006-2813 | 1 Ishopcart | 1 Ishopcart | 2025-04-03 | 7.8 HIGH | N/A |
| Directory traversal vulnerability in easy-scart.cgi in iShopCart allows remote attackers to read arbitrary files via a .. (dot dot) in the query string. | |||||
| CVE-2005-2145 | 1 Prevx | 1 Prevx Pro 2005 | 2025-04-03 | 4.6 MEDIUM | N/A |
| The kernel driver in Prevx Pro 2005 1.0 does not verify the source of certain messages, which allows local users to bypass protection by sending certain messages to the driver, as demonstrated by sending an "allow" message to bypass a warning message. | |||||
| CVE-2004-2309 | 1 Crob | 1 Crob Ftp Server | 2025-04-03 | 2.1 LOW | N/A |
| Directory traversal vulnerability in Crob FTP Server 3.5.1 allows local users to browse outside the FTP root via multiple ../ (dot dot slash) in the DIR command. | |||||
| CVE-2000-0475 | 1 Microsoft | 1 Windows 2000 | 2025-04-03 | 4.6 MEDIUM | N/A |
| Windows 2000 allows a local user process to access another user's desktop within the same windows station, aka the "Desktop Separation" vulnerability. | |||||
| CVE-2001-0289 | 1 Joseph Allen | 1 Joe | 2025-04-03 | 4.6 MEDIUM | N/A |
| Joe text editor 2.8 searches the current working directory (CWD) for the .joerc configuration file, which could allow local users to gain privileges of other users by placing a Trojan Horse .joerc file into a directory, then waiting for users to execute joe from that directory. | |||||