Total
29682 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-2980 | 1 Phpoutsourcing | 1 Noahs Classifieds | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in phpoutsourcing Noah's classifieds 1.3 allows remote attackers to inject arbitrary web script or HTML via the rollid parameter. | |||||
| CVE-2002-0115 | 1 Martin Roesch | 1 Snort | 2025-04-03 | 5.0 MEDIUM | N/A |
| Snort 1.8.3 does not properly define the minimum ICMP header size, which allows remote attackers to cause a denial of service (crash and core dump) via a malformed ICMP packet. | |||||
| CVE-2006-0456 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 2.1 LOW | N/A |
| The strnlen_user function in Linux kernel before 2.6.16 on IBM S/390 can return an incorrect value, which allows local users to cause a denial of service via unknown vectors. | |||||
| CVE-2002-1123 | 1 Microsoft | 2 Data Engine, Sql Server | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the authentication function for Microsoft SQL Server 2000 and Microsoft Desktop Engine (MSDE) 2000 allows remote attackers to execute arbitrary code via a long request to TCP port 1433, aka the "Hello" overflow. | |||||
| CVE-2005-4775 | 1 Michael Scholz | 1 Contineo | 2025-04-03 | 5.0 MEDIUM | N/A |
| Michael Scholz and Sebastian Stein Contineo 2.0, when the admin account lacks an e-mail address attribute, displays the password hash in a warning upon page reload, which might allow remote attackers to view the hash. | |||||
| CVE-2006-1225 | 1 Drupal | 1 Drupal | 2025-04-03 | 5.0 MEDIUM | N/A |
| CRLF injection vulnerability in Drupal 4.5.x before 4.5.8 and 4.6.x before 4.5.8 allows remote attackers to inject headers of outgoing e-mail messages and use Drupal as a spam proxy. | |||||
| CVE-2006-0921 | 1 Fckeditor | 1 Fckeditor | 2025-04-03 | 6.4 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in connector.php in FCKeditor 2.0 FC, as used in products such as RunCMS, allow remote attackers to list and create arbitrary directories via a .. (dot dot) in the CurrentFolder parameter to (1) GetFoldersAndFiles and (2) CreateFolder. | |||||
| CVE-2004-1121 | 1 Apple | 1 Safari | 2025-04-03 | 5.0 MEDIUM | N/A |
| Apple Safari 1.0 through 1.2.3 allows remote attackers to spoof the URL displayed in the status bar via TABLE tags. | |||||
| CVE-2000-1180 | 1 Oracle | 1 Oracle8i | 2025-04-03 | 4.6 MEDIUM | N/A |
| Buffer overflow in cmctl program in Oracle 8.1.5 Connection Manager Control allows local users to gain privileges via a long command line argument. | |||||
| CVE-2006-1618 | 1 Doomsday | 1 Doomsday | 2025-04-03 | 7.5 HIGH | N/A |
| Format string vulnerability in the (1) Con_message and (2) conPrintf functions in con_main.c in Doomsday engine 1.8.6 allows remote attackers to execute arbitrary code via format string specifiers in an argument to the JOIN command, and possibly other command arguments. | |||||
| CVE-2006-4260 | 1 Jake Olefsky | 1 Fotopholder | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in Fotopholder 1.8 allows remote attackers to read arbitrary directories or files via a .. (dot dot) in the path parameter. | |||||
| CVE-2006-2252 | 1 Openfaq | 1 Openfaq | 2025-04-03 | 6.4 MEDIUM | N/A |
| Cross-site scripting vulnerability in submit.php in OpenFAQ 0.4.0 allows remote attackers to inject arbitrary web script or HTML via the q parameter. | |||||
| CVE-2004-1009 | 6 Debian, Gentoo, Midnight Commander and 3 more | 8 Debian Linux, Linux, Midnight Commander and 5 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service (infinite loop) via unknown attack vectors. | |||||
| CVE-2005-3246 | 1 Ethereal Group | 1 Ethereal | 2025-04-03 | 5.0 MEDIUM | N/A |
| Ethereal 0.10.12 and earlier allows remote attackers to cause a denial of service (null dereference) via unknown vectors in the (1) SCSI, (2) sFlow, or (3) RTnet dissectors. | |||||
| CVE-2006-4142 | 1 Vwar | 1 Virtual War | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in extra/online.php in Virtual War (VWar) 1.5.0 R14 and earlier allows remote attackers to execute arbitrary SQL commands via the n parameter. | |||||
| CVE-2006-4770 | 1 Miniportal | 1 Miniportal | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in menu.php in MiniPort@l 2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the skiny parameter. | |||||
| CVE-2003-0324 | 1 Epic | 1 Epic4 | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflows in EPIC IRC Client (EPIC4) 1.0.1 allows remote malicious IRC servers to cause a denial of service (crash) and possibly execute arbitrary code via long replies that are not properly handled by the (1) userhost_cmd_returned function, or (2) Statusbar capability. | |||||
| CVE-2005-2287 | 1 Softiacom | 1 Wmailserver | 2025-04-03 | 5.0 MEDIUM | N/A |
| SoftiaCom wMailServer 1.0 and 2.0 allows remote attackers to cause a denial of service (application crash) via a large TCP packet with a leading space, possibly triggering a buffer overflow. | |||||
| CVE-2005-2564 | 1 Gravity Board X Development Team | 1 Gravity Board X | 2025-04-03 | 7.5 HIGH | N/A |
| Direct static code injection vulnerability in editcss.php in Gravity Board X (GBX) 1.1 allows remote attackers to execute arbitrary PHP code, HTML, and script via the csscontent parameter, which is directly inserted into the gbxfinal.css file. | |||||
| CVE-2005-1113 | 1 Phpbb Group | 1 Phpbb Plus | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in PhpBB Plus 1.52 and earlier allow remote attackers to inject arbitrary web script or HTML via the bsid parameter to (1) groupcp.php, (2) index.php, (3) portal.php, (4) viewforum.php, or (5) viewtopic.php, (6) the c parameter to index.php, or (7) the article parameter to portal.php. | |||||