Total
29682 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-0396 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | 5.1 MEDIUM | N/A |
| Buffer overflow in Mail in Apple Mac OS X 10.4 up to 10.4.5, when patched with Security Update 2006-001, allows remote attackers to execute arbitrary code via a long Real Name value in an e-mail attachment sent in AppleDouble format, which triggers the overflow when the user double-clicks on an attachment. | |||||
| CVE-2005-0243 | 1 Yahoo | 1 Messenger | 2025-04-03 | 5.0 MEDIUM | N/A |
| Yahoo! Messenger 6.0.0.1750, and possibly other versions before 6.0.0.1921, does not properly display long filenames in file dialog boxes, which could allow remote attackers to trick users into downloading and executing programs via file names containing a large number of spaces and multiple file extensions. | |||||
| CVE-1999-1167 | 1 Third Voice | 1 Third Voice Web | 2025-04-03 | 6.4 MEDIUM | N/A |
| Cross-site scripting vulnerability in Third Voice Web annotation utility allows remote users to read sensitive data and generate fake web pages for other Third Voice users by injecting malicious Javascript into an annotation. | |||||
| CVE-2005-4421 | 1 Dev-editor | 1 Dev-editor | 2025-04-03 | 7.5 HIGH | N/A |
| Dev-Editor 3.0 allows remote attackers to access any directory outside the web root whose name is a substring of the web root directory name. | |||||
| CVE-2006-4007 | 1 Knusperleicht | 1 Knusperleicht Guestbook | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in index.php in Knusperleicht Guestbook 3.5 allows remote attackers to execute arbitrary PHP code via a URL in the GB_PATH parameter. | |||||
| CVE-2003-0061 | 1 Hp | 1 Hp-ux | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in passwd for HP UX B.10.20 allows local users to execute arbitrary commands with root privileges via a long LANG environment variable. | |||||
| CVE-2003-1252 | 1 Kelli Shaver | 1 S8forum | 2025-04-03 | 7.5 HIGH | N/A |
| register.php in S8Forum 3.0 allows remote attackers to execute arbitrary PHP commands by creating a user whose name ends in a .php extension and entering the desired commands into the E-mail field, which creates a web-accessible .php file that can be called by the attacker, as demonstrated using a "system($cmd)" E-mail address with a "any_name.php" username. | |||||
| CVE-2003-0632 | 1 Oracle | 2 Applications, E-business Suite | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the Oracle Applications Web Report Review (FNDWRR) CGI program (FNDWRR.exe) of Oracle E-Business Suite 11.0 and 11.5.1 through 11.5.8 may allow remote attackers to execute arbitrary code via a long URL. | |||||
| CVE-2004-2259 | 1 Beasts | 1 Vsftpd | 2025-04-03 | 5.0 MEDIUM | N/A |
| vsftpd before 1.2.2, when under heavy load, allows attackers to cause a denial of service (crash) via a SIGCHLD signal during a malloc or free call, which is not re-entrant. | |||||
| CVE-1999-0635 | 2025-04-03 | N/A | N/A | ||
| The echo service is running. | |||||
| CVE-2005-1871 | 1 Drupal | 1 Drupal | 2025-04-03 | 7.5 HIGH | N/A |
| Unknown vulnerability in the privilege system in Drupal 4.4.0 through 4.6.0, when public registration is enabled, allows remote attackers to gain privileges, due to an "input check" that "is not implemented properly." | |||||
| CVE-2006-4222 | 1 Ibm | 1 Websphere Application Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Multiple unspecified vulnerabilities in IBM WebSphere Application Server before 6.0.2.13 have unspecified vectors and impact, including (1) an "authority problem" in ThreadIdentitySupport as identified by PK25199, and "Potential security exposure" issues as identified by (2) PK22747, (3) PK24334, (4) PK25740, and (5) PK26123. | |||||
| CVE-2001-0323 | 2025-04-03 | 6.4 MEDIUM | N/A | ||
| The ICMP path MTU (PMTU) discovery feature in various UNIX systems allows remote attackers to cause a denial of service by spoofing "ICMP Fragmentation needed but Don't Fragment (DF) set" packets between two target hosts, which could cause one host to lower its MTU when transmitting to the other host. | |||||
| CVE-2002-1891 | 1 Ayman Akt | 1 Ircit | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in IRCIT 0.3.1 IRC client allows remote attackers to execute arbitrary code via a long invite request. | |||||
| CVE-2005-0461 | 1 Leonard Richardson | 1 Newsbruiser | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in NewsBruiser 2.x before 2.6.1 allows remote attackers to "take actions on comments." | |||||
| CVE-2004-1605 | 2 Best Software, Saleslogix Corporation | 2 Saleslogix, Saleslogix | 2025-04-03 | 7.5 HIGH | N/A |
| SalesLogix 6.1 allows remote attackers to bypass authentication by modifying the slxweb cookie to set user=Admin, teams=ADMIN!, and usertype=Administrator. | |||||
| CVE-2002-1762 | 1 Microsoft | 1 Baseline Security Analyzer | 2025-04-03 | 5.0 MEDIUM | N/A |
| Microsoft Baseline Security Analyzer (MBSA) 1.0 stores security scans in a known location C:\Documents and Settings\username\SecurityScans in plaintext, which could allow remote attackers to obtain sensitive information about the system via malicious active content such as ActiveX controls or Java. | |||||
| CVE-2006-1570 | 1 Esqlanelapse | 1 Esqlanelapse | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Esqlanelapse 2.0 and 2.2 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors. | |||||
| CVE-2005-0667 | 5 Altlinux, Gentoo, Redhat and 2 more | 7 Alt Linux, Linux, Enterprise Linux and 4 more | 2025-04-03 | 5.1 MEDIUM | N/A |
| Buffer overflow in Sylpheed before 1.0.3 and other versions before 1.9.5 allows remote attackers to execute arbitrary code via an e-mail message with certain headers containing non-ASCII characters that are not properly handled when the user replies to the message. | |||||
| CVE-2006-4132 | 1 Arcsoft | 1 Mms Composer | 2025-04-03 | 5.0 MEDIUM | N/A |
| ArcSoft MMS Composer 1.5.5.6 and possibly earlier, and 2.0.0.13 and possibly earlier, allow remote attackers to cause a denial of service (resource exhaustion and application crash) via WAPPush messages to UDP port UDP 2948. | |||||