Total
29682 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-0879 | 2 Bsdi, Caldera | 2 Bsd Os, Openlinux | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in WU-FTPD and related FTP servers allows remote attackers to gain root privileges via macro variables in a message file. | |||||
| CVE-2005-4054 | 1 Pluggedout | 1 Pluggedout Blog | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in PluggedOut Blog 1.9.5 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) categoryid, (2) entryid, (3) year, (4) month, and (5) day parameter. | |||||
| CVE-2006-0250 | 1 Carnegie Mellon University | 1 Snmptrapd | 2025-04-03 | 6.4 MEDIUM | N/A |
| Format string vulnerability in the snmp_input function in snmptrapd in CMU SNMP utilities (cmu-snmp) allows remote attackers to execute arbitrary code by sending crafted SNMP messages to UDP port 162. | |||||
| CVE-2005-4784 | 1 Austin Group | 1 Posix | 2025-04-03 | 5.6 MEDIUM | N/A |
| Multiple buffer overflows in the POSIX readdir_r function, as used in multiple packages, allow local users to cause a denial of service and possibly execute arbitrary code via (1) a symlink attack that exploits a race condition between opendir and pathcon calls and changes the filesystem to one with a larger maximum directory-entry name length, or (2) possibly via programmer-introduced errors on operating systems with a small struct dirent, such as Solaris or BeOS, as demonstrated in packages including (a) gcj, (b) KDE, (c) libwww, (d) the Rudiments library, (e) teTeX, (f) xmail, (g) bfbtester, (h) ncftp, (i) netwib, (j) OpenOffice.org, (k) Pike, (l) reprepro, (m) Tcl, and (n) xgsmlib. | |||||
| CVE-2003-0739 | 1 Vmware | 1 Workstation | 2025-04-03 | 4.6 MEDIUM | N/A |
| VMware Workstation 4.0.1 for Linux, build 5289 and earlier, allows local users to delete arbitrary files via a symlink attack. | |||||
| CVE-2005-2168 | 1 Frozenplague.net | 1 Plague News System | 2025-04-03 | 5.0 MEDIUM | N/A |
| delete.php in Plague News System 0.6 and earlier allows remote unauthenticated attackers to delete news, comments, and shoutbox posts by modifying the id parameter. | |||||
| CVE-2001-1497 | 1 Microsoft | 2 Ie, Internet Explorer | 2025-04-03 | 2.1 LOW | N/A |
| Microsoft Internet Explorer 4.0 through 6.0 could allow local users to differentiate between alphanumeric and non-alphanumeric characters used in a password by pressing certain control keys that jump between non-alphanumeric characters, which makes it easier to conduct a brute-force password guessing attack. | |||||
| CVE-2004-0927 | 2 Apple, Easy Software Products | 3 Mac Os X, Mac Os X Server, Cups | 2025-04-03 | 5.0 MEDIUM | N/A |
| ServerAdmin in Mac OS X 10.2.8 through 10.3.5 uses the same example self-signed certificate on each system, which allows remote attackers to decrypt sessions. | |||||
| CVE-2005-4662 | 1 Ocomon | 1 Ocomon | 2025-04-03 | 5.0 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in OcoMon 1.20, and possibly earlier versions, allow remote attackers to execute arbitrary SQL commands via unknown attack vectors in an unspecified input form, a different vulnerability than CVE-2005-4664. | |||||
| CVE-1999-1088 | 1 Hp | 1 Hp-ux | 2025-04-03 | 7.2 HIGH | N/A |
| Vulnerability in chsh command in HP-UX 9.X through 10.20 allows local users to gain privileges. | |||||
| CVE-2000-0940 | 1 Metertek | 1 Pagelog.cgi | 2025-04-03 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in Metertek pagelog.cgi allows remote attackers to read arbitrary files via a .. (dot dot) attack on the "name" or "display" parameter. | |||||
| CVE-2006-4478 | 1 Visualshapers | 1 Ezcontents | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in headeruserdata.php in Visual Shapers ezContents 2.0.3 allows remote attackers to execute arbitrary SQL commands via the groupname parameter. | |||||
| CVE-2006-0906 | 1 Top Line | 1 D3jeeb Pro | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in D3Jeeb Pro 3 allows remote attackers to execute arbitrary SQL commands via the catid parameter in (1) fastlinks.php and (2) catogary.php. | |||||
| CVE-2005-4226 | 1 Phpwebthings | 1 Phpwebthings | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple "potential" SQL injection vulnerabilities in phpWebThings 1.4 Patched might allow remote attackers to execute arbitrary SQL commands via (1) the ref parameter in download.php, (2) the direction, msg, sforum, reason, subname, and toform parameters in forum.php, (3) the msg and forum parameters in forum_edit.php, (4) the msg and forum parameters in forum_write.php, (5) the tekst parameter in guestbook.php, (6) the menuoption parameter in index.php, and the (7) sel_avatar parameter in myaccount.php. NOTE: the forum.php/forum vector is already identified by CVE-2005-3585. | |||||
| CVE-2005-2551 | 1 Novell | 1 Edirectory | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in dhost.exe in iMonitor for Novell eDirectory 8.7.3 on Windows allows attackers to cause a denial of service (crash) and obtain access to files via unknown vectors. | |||||
| CVE-2006-0739 | 1 Estara | 1 Softphone | 2025-04-03 | 5.0 MEDIUM | N/A |
| eStara SIP softphone allows remote attackers to cause a denial of service (crash) via an INVITE request with a Content-Length field that has more than 9 digits. | |||||
| CVE-2004-0698 | 1 4d | 1 Webstar | 2025-04-03 | 3.6 LOW | N/A |
| 4D WebSTAR 5.3.2 and earlier allows local users to read and modify arbitrary files via a symlink attack. | |||||
| CVE-2005-0234 | 1 Apple | 1 Safari | 2025-04-03 | 5.0 MEDIUM | N/A |
| The International Domain Name (IDN) support in Safari 1.2.5 allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks. | |||||
| CVE-2004-1779 | 1 Thwboard | 1 Thwboard Beta | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in board.php for ThWboard before beta 2.84 allows remote attackers to inject arbitrary web script or HTML via the lastvisited parameter. | |||||
| CVE-2006-4860 | 1 Limbo Cms | 1 Limbo Cms | 2025-04-03 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in (1) index.php, (2) minixml.inc.php, (3) doc.inc.php, (4) element.inc.php, (5) node.inc.php, (6) treecomp.inc.php, (7) forum.html.php, (8) forum.php, (9) antihack.php, (10) content.php, (11) initglobals.php, and (12) imanager.php in Limbo (aka Lite Mambo) CMS 1.0.4.2 before 20060311 have unknown impact and attack vectors. | |||||