Total
29682 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-2083 | 1 Andrew Tridgell | 1 Rsync | 2025-04-03 | 7.5 HIGH | N/A |
| Integer overflow in the receive_xattr function in the extended attributes patch (xattr.c) for rsync before 2.6.8 might allow attackers to execute arbitrary code via crafted extended attributes that trigger a buffer overflow. | |||||
| CVE-2004-1522 | 1 3do | 1 Army Men Real Time Strategy Game | 2025-04-03 | 5.0 MEDIUM | N/A |
| Format string vulnerability in Army Men RTS 1.0 allows remote attackers to cause a denial of service (application crash) via a nickname that contains format strings. | |||||
| CVE-2000-0102 | 1 Salescart | 1 Salescart | 2025-04-03 | 7.5 HIGH | N/A |
| The SalesCart shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. | |||||
| CVE-2005-4634 | 1 Activecampaign | 1 Supporttrio | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in ActiveCampaign SupportTrio 1.4 allows remote attackers to execute arbitrary SQL commands via the page parameter. NOTE: the provenance of this information is unknown because the source URL is not available; the details are obtained solely from third party information. | |||||
| CVE-2006-0699 | 1 David Barrett | 1 Qwikiwiki | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in search.php in QWikiWiki 1.5, and possibly 1.5.1 and other versions, allows remote attackers to inject arbitrary web script or HTML via the query parameter. | |||||
| CVE-2004-0110 | 2 Sgi, Xmlsoft | 3 Propack, Libxml, Libxml2 | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the (1) nanohttp or (2) nanoftp modules in XMLSoft Libxml 2 (Libxml2) 2.6.0 through 2.6.5 allow remote attackers to execute arbitrary code via a long URL. | |||||
| CVE-2005-1949 | 1 E107 | 1 E107 | 2025-04-03 | 7.5 HIGH | N/A |
| The eping_validaddr function in functions.php for the ePing plugin for e107 portal allows remote attackers to execute arbitrary commands via shell metacharacters after a valid argument to the eping_host parameter. | |||||
| CVE-1999-0895 | 1 Checkpoint | 1 Firewall-1 | 2025-04-03 | 7.5 HIGH | N/A |
| Firewall-1 does not properly restrict access to LDAP attributes. | |||||
| CVE-2004-1888 | 1 Aborior | 1 Encore Web Forum | 2025-04-03 | 7.5 HIGH | N/A |
| display.cgi in Aborior Encore WebForum allows remote to execute arbitrary commands via shell metacharacters in the file variable. | |||||
| CVE-2004-1565 | 1 W-agora | 1 W-agora | 2025-04-03 | 5.0 MEDIUM | N/A |
| list.php in w-Agora 4.1.6a allows remote attackers to reveal the full path via a crafted HTTP request, possibly involving a malformed id parameter. | |||||
| CVE-2006-2038 | 1 Amplecom | 1 Ampleshop | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in ampleShop 2.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) RecordID parameter in (a) Customeraddresses_RecordAction.cfm and (b) youraccount.cfm; (2) solus parameter in (c) detail.cfm; and (3) cat parameter in (d) category.cfm. | |||||
| CVE-2001-1443 | 1 Kth | 1 Kth Kerberos | 2025-04-03 | 5.0 MEDIUM | N/A |
| KTH Kerberos IV and Kerberos V (Heimdal) for Telnet clients do not encrypt connections if the server does not support the requested encryption, which allows remote attackers to read communications via a man-in-the-middle attack. | |||||
| CVE-2004-1347 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 5.0 MEDIUM | N/A |
| X Display Manager (XDM) on Solaris 8 allows remote attackers to cause a denial of service (XDM crash) via an invalid X Display Manager Control Protocol (XDMCP) request. | |||||
| CVE-2005-1303 | 1 Citat.pl | 1 Citat.pl | 2025-04-03 | 7.5 HIGH | N/A |
| The citat.pl script allows remote attackers to read arbitrary files via a full pathname in the argument. | |||||
| CVE-2002-2026 | 1 Browseftp | 1 Browseftp Client | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in BrowseFTP 1.62 client allows remote FTP servers to execute arbitrary code via a long FTP "220" message reply. | |||||
| CVE-2005-1084 | 1 Aewebworks | 1 Aedating | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in sdating.php in aeDating 3.2 allows remote attackers to execute arbitrary SQL commands files via the event parameter. | |||||
| CVE-2005-2441 | 1 Vbzoom | 1 Vbzoom | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in VBzoom allow remote attackers to inject arbitrary web script and HTML via the (1) UserName parameter to profile.php or (2) UserID parameter to login.php. | |||||
| CVE-2004-0996 | 4 Cscope, Debian, Gentoo and 1 more | 4 Cscope, Debian Linux, Linux and 1 more | 2025-04-03 | 2.1 LOW | N/A |
| main.c in cscope 15-4 and 15-5 creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack. | |||||
| CVE-2000-0896 | 1 Watchguard | 1 Soho Firewall | 2025-04-03 | 5.0 MEDIUM | N/A |
| WatchGuard SOHO firewall allows remote attackers to cause a denial of service via a flood of fragmented IP packets, which causes the firewall to drop connections and stop forwarding packets. | |||||
| CVE-2005-0293 | 1 Minis | 1 Minis | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in minis.php in Minis 0.2.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the month parameter. | |||||