Total
29483 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-1194 | 1 Lucasarts | 1 Star Wars Battlefront | 2025-04-03 | 5.0 MEDIUM | N/A |
| Buffer overflow in Star Wars Battlefront 1.11 and earlier allows remote attackers to cause a denial of service (application crash) via a long nickname. | |||||
| CVE-2006-1287 | 1 Invision Power Services | 1 Invision Power Board | 2025-04-03 | 5.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Invision Power Board (IPB) 2.0.4 and 2.1.4 before 20060130 allows remote attackers to steal cookies and probably conduct other activities when the victim is using Internet Explorer. | |||||
| CVE-2003-0955 | 1 Openbsd | 1 Openbsd | 2025-04-03 | 4.6 MEDIUM | N/A |
| OpenBSD kernel 3.3 and 3.4 allows local users to cause a denial of service (kernel panic) and possibly execute arbitrary code in 3.4 via a program with an invalid header that is not properly handled by (1) ibcs2_exec.c in the iBCS2 emulation (compat_ibcs2) or (2) exec_elf.c, which leads to a stack-based buffer overflow. | |||||
| CVE-2006-3276 | 1 Realnetworks | 1 Helix Dna Server | 2025-04-03 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in RealNetworks Helix DNA Server 10.0 and 11.0 allows remote attackers to execute arbitrary code via (1) a long User-Agent HTTP header in the RTSP service and (2) unspecified vectors involving the "parsing of HTTP URL schemes". | |||||
| CVE-2005-0186 | 1 Cisco | 1 Ios | 2025-04-03 | 5.0 MEDIUM | N/A |
| Cisco IOS 12.1YD, 12.2T, 12.3 and 12.3T, when configured for the IOS Telephony Service (ITS), CallManager Express (CME) or Survivable Remote Site Telephony (SRST), allows remote attackers to cause a denial of service (device reboot) via a malformed packet to the SCCP port. | |||||
| CVE-2004-1658 | 1 Kerio | 1 Personal Firewall | 2025-04-03 | 4.6 MEDIUM | N/A |
| Kerio Personal Firewall 4.0 (KPF4) allows local users with administrative privileges to bypass the Application Security feature and execute arbitrary processes by directly writing to \device\physicalmemory to restore the running kernel's SDT ServiceTable. | |||||
| CVE-2003-1118 | 1 University Of California | 1 Seti At Home | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the SETI@home client 3.03 and other versions allows remote attackers to cause a denial of service (client crash) and execute arbitrary code via a spoofed server response containing a long string followed by a \n (newline) character. | |||||
| CVE-2002-0284 | 1 Nullsoft | 1 Winamp | 2025-04-03 | 2.6 LOW | N/A |
| Winamp 2.78 and 2.77, when opening a wma file that requires a license, sends the full path of the Temporary Internet Files directory to the web page that is processing the license, which could allow malicious web servers to obtain the pathname. | |||||
| CVE-2005-2256 | 1 Phppgadmin | 1 Phppgadmin | 2025-04-03 | 5.0 MEDIUM | N/A |
| Encoded directory traversal vulnerability in phpPgAdmin 3.1 to 3.5.3 allows remote attackers to access arbitrary files via "%2e%2e%2f" (encoded dot dot) sequences in the formLanguage parameter. | |||||
| CVE-2002-1457 | 1 Leszek Krupinski | 1 L-forum | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in search.php for L-Forum 2.40 allows remote attackers to execute arbitrary SQL statements via the search parameter. | |||||
| CVE-2002-1182 | 1 Microsoft | 1 Internet Information Services | 2025-04-03 | 5.0 MEDIUM | N/A |
| IIS 5.0 and 5.1 allows remote attackers to cause a denial of service (crash) via malformed WebDAV requests that cause a large amount of memory to be assigned. | |||||
| CVE-2002-0238 | 1 Netgear | 1 Rt314 | 2025-04-03 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerability in web administration interface for NetGear RT314 and RT311 Gateway Routers allows remote attackers to execute arbitrary script on another client via a URL that contains the script. | |||||
| CVE-2005-2616 | 1 Ezupload | 1 Ezupload | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple PHP file include vulnerabilities in ezUpload 2.2 allow remote attackers to execute arbitrary code via the path parameter to (1) initialize.php, (2) customize.php, (3) form.php, or (4) index.php. | |||||
| CVE-2005-0752 | 1 Mozilla | 1 Firefox | 2025-04-03 | 7.5 HIGH | N/A |
| The Plugin Finder Service (PFS) in Firefox before 1.0.3 allows remote attackers to execute arbitrary code via a javascript: URL in the PLUGINSPAGE attribute of an EMBED tag. | |||||
| CVE-2005-2412 | 1 Php Firstpost | 1 Php Firstpost | 2025-04-03 | 5.0 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in block.php in PHP FirstPost allows remote attackers to execute arbitrary PHP code via the Include parameter. | |||||
| CVE-2003-1107 | 1 Microsoft | 1 Windows Media Player | 2025-04-03 | 5.1 MEDIUM | N/A |
| The DHTML capability in Microsoft Windows Media Player (WMP) 6.4, 7.0, 7.1, and 9 may run certain URL commands from a security zone that is less trusted than the current zone, which allows attackers to bypass intended access restrictions. | |||||
| CVE-2002-1654 | 2 Iplanet, Netscape | 2 Iplanet Web Server, Enterprise Server | 2025-04-03 | 7.5 HIGH | N/A |
| iPlanet Web Server Enterprise Edition and Netscape Enterprise Server 4.0 and 4.1 allows remote attackers to conduct HTTP Basic Authentication via the wp-force-auth Web Publisher command, which provides a distinct attack vector and may make it easier to conduct brute force password guessing without detection. | |||||
| CVE-2002-0664 | 1 Granite Software | 1 Zmerge | 2025-04-03 | 7.5 HIGH | N/A |
| The default Access Control Lists (ACLs) of the administration database for ZMerge 4.x and 5.x provides arbitrary users (including anonymous users) with Manager level access, which allows the users to read or modify import/export scripts. | |||||
| CVE-2001-0495 | 1 Datawizard | 1 Webxq | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal in DataWizard WebXQ server 1.204 allows remote attackers to view files outside of the web root via a .. (dot dot) attack. | |||||
| CVE-2000-1027 | 1 Cisco | 1 Pix Firewall Software | 2025-04-03 | 5.0 MEDIUM | N/A |
| Cisco Secure PIX Firewall 5.2(2) allows remote attackers to determine the real IP address of a target FTP server by flooding the server with PASV requests, which includes the real IP address in the response when passive mode is established. | |||||