Total
29483 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-1878 | 1 Giptables | 1 Giptables Firewall | 2025-04-03 | 1.2 LOW | N/A |
| GIPTables Firewall 1.1 and earlier allows local users to overwrite arbitrary files via a symlink attack on the temp.ip.addresses temporary file. | |||||
| CVE-2001-0963 | 1 Pi-soft | 1 Spoonftp | 2025-04-03 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in SpoonFTP 1.1 allows local and sometimes remote attackers to access files outside of the FTP root via a ... (modified dot dot) in the CD (CWD) command. | |||||
| CVE-2000-0761 | 1 Ibm | 1 Os2 Ftp Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| OS2/Warp 4.5 FTP server allows remote attackers to cause a denial of service via a long username. | |||||
| CVE-2005-4430 | 1 Logicnow | 1 Logicbill | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in LogicBill 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) __mode and (2) __id parameters to helpdesk.php. | |||||
| CVE-2002-1586 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 2.1 LOW | N/A |
| Solaris 2.5.1 through 9 allows local users to cause a denial of service (kernel panic) by setting the sd_struiowrq variable in the struioget function to null, which triggers a null dereference. | |||||
| CVE-2006-0691 | 1 Scheduling Management.com | 1 Time Tracking Software | 2025-04-03 | 5.0 MEDIUM | N/A |
| edituser.php in TTS Time Tracking Software 3.0 does not verify that the name and password are correct, which allows remote attackers to overwrite arbitrary data belonging to any account. | |||||
| CVE-2005-1142 | 1 Gocr | 1 Optical Character Recognition Utility | 2025-04-03 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in the readpgm function in pnm.c for GOCR 0.40, when it is not using netpbm, allows remote attackers to execute arbitrary code via a P3 format PNM file with more data than implied by its width and height values. | |||||
| CVE-2006-4374 | 1 Irfanview | 1 Irfanview | 2025-04-03 | 2.6 LOW | N/A |
| IrfanView 3.98 (with plugins) allows user-assisted attackers to cause a denial of service (application crash) via a crafted ANI image file, possibly due to a buffer overflow. | |||||
| CVE-2004-0429 | 1 Apple | 1 Mac Os X | 2025-04-03 | 10.0 HIGH | N/A |
| Unknown vulnerability related to "the handling of large requests" in RAdmin for Apple Mac OS X 10.3.3 and Mac OS X 10.2.8 may allow attackers to have unknown impact via unknown attack vectors. | |||||
| CVE-2005-1596 | 1 Fusion | 1 Sbx | 2025-04-03 | 10.0 HIGH | N/A |
| index.php in Fusion SBX 1.2 and earlier does not properly use the extract function, which allows remote attackers to bypass authentication by setting the is_logged parameter or execute arbitrary code via the maxname2 parameter. | |||||
| CVE-2005-0016 | 1 Gatos | 1 Gatos | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in the exported_display function in xatitv in gatos before 0.0.5 allows local users to execute arbitrary code. | |||||
| CVE-2002-1687 | 1 Ibm | 1 Aix | 2025-04-03 | 2.1 LOW | N/A |
| Buffer overflow in the diagnostics library in AIX allows local users to "cause data and instructions to be overwritten" via a long DIAGNOSTICS environment variable. | |||||
| CVE-2004-1637 | 1 Hawking Technology | 1 Har11a Dsl Router | 2025-04-03 | 7.5 HIGH | N/A |
| The Hawking Technologies HAR11A modem/router allows remote attackers to obtain sensitive information by connecting to port 254, which displays a management interface and information on established connections. | |||||
| CVE-1999-0166 | 1 Sun | 1 Nfs | 2025-04-03 | 5.0 MEDIUM | N/A |
| NFS allows users to use a "cd .." command to access other directories besides the exported file system. | |||||
| CVE-2002-0343 | 1 Hotline Communications | 1 Hotline Connect | 2025-04-03 | 4.6 MEDIUM | N/A |
| Hotline Client 1.8.5 stores sensitive user information, including passwords, in plaintext in the bookmarks file, which could allow local users with access to the bookmarks file to gain privileges by extracting the passwords. | |||||
| CVE-2005-3090 | 1 Mantis | 1 Mantis | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in bug_actiongroup_page.php in Mantis 0.19.0a1 through 1.0.0a3 allows remote attackers to inject arbitrary web script or HTML via the summary of the bug, which is not quoted when view_all_bug_page.php is used to delete the bug, as identified by bug#0006002, a different vulnerability than CVE-2005-2557. | |||||
| CVE-1999-0504 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2025-04-03 | 7.5 HIGH | N/A |
| A Windows NT local user or administrator account has a default, null, blank, or missing password. | |||||
| CVE-2004-2169 | 1 A-a-s Application Access Server | 1 A-a-s Application Access Server | 2025-04-03 | 2.1 LOW | N/A |
| Application Access Server (A-A-S) 1.0.37 and earlier allows remote authenticated users to cause a denial of service (application crash) via a long file request. | |||||
| CVE-2005-0937 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 1.2 LOW | N/A |
| Some futex functions in futex.c for Linux kernel 2.6.x perform get_user calls while holding the mmap_sem semaphore, which could allow local users to cause a deadlock condition in do_page_fault by triggering get_user faults while another thread is executing mmap or other functions. | |||||
| CVE-2005-0423 | 1 Aspjar | 1 Aspjar Guestbook | 2025-04-03 | 5.0 MEDIUM | N/A |
| SQL injection vulnerability in login.asp in ASPjar Guestbook allows remote attackers to execute arbitrary SQL commands via the password field. | |||||