Total
29560 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-0834 | 1 Belkin | 1 Belkin 54g Wireless Router | 2025-04-03 | 5.0 MEDIUM | N/A |
| Belkin 54G (F5D7130) wireless router enables SNMP by default in a manner that allows remote attackers to obtain sensitive information. | |||||
| CVE-2004-1311 | 1 Mplayer | 1 Mplayer | 2025-04-03 | 10.0 HIGH | N/A |
| Integer overflow in the real_setup_and_get_header function in real.c for Unix MPlayer 1.0pre5 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a Real RTSP streaming media file with a -1 content-length field, which leads to a heap-based buffer overflow. | |||||
| CVE-2006-3726 | 1 Intervations | 1 Filecopa | 2025-04-03 | 6.5 MEDIUM | N/A |
| Buffer overflow in FileCOPA FTP Server before 1.01 released on 18th July 2006, allows remote authenticated attackers to execute arbitrary code via a long argument to the LIST command. | |||||
| CVE-2002-0312 | 1 Essen | 1 Essentia Web Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Essentia Web Server 2.1 allows remote attackers to read arbitrary files via a .. (dot dot) in a URL. | |||||
| CVE-2005-1675 | 1 Groove | 2 Groove Workspace, Virtual Office | 2025-04-03 | 4.6 MEDIUM | N/A |
| Groove Virtual Office before 3.1 build 2338, before 3.1a build 2364, and Groove Workspace before 2.5n build 1871 installs the client installation directories with insecure EVERYBODY permissions, which allows local users to gain sensitive information. | |||||
| CVE-2004-1151 | 2 Linux, Ubuntu | 2 Linux Kernel, Ubuntu Linux | 2025-04-03 | 7.2 HIGH | N/A |
| Multiple buffer overflows in the (1) sys32_ni_syscall and (2) sys32_vm86_warning functions in sys_ia32.c for Linux 2.6.x may allow local attackers to modify kernel memory and gain privileges. | |||||
| CVE-2004-1888 | 1 Aborior | 1 Encore Web Forum | 2025-04-03 | 7.5 HIGH | N/A |
| display.cgi in Aborior Encore WebForum allows remote to execute arbitrary commands via shell metacharacters in the file variable. | |||||
| CVE-2005-3790 | 1 Phpwcms | 1 Phpwcms | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in act_newsletter.php in phpwcms 1.2.5 allow remote attackers to inject arbitrary web script or HTML via the (1) i and (2) text parameters. | |||||
| CVE-2006-1774 | 1 Hp | 2 Compaqhttpserver, System Management Homepage | 2025-04-03 | 7.5 HIGH | N/A |
| HP System Management Homepage (SMH) 2.1.3.132, when running on CompaqHTTPServer/9.9 on Windows, Linux, or Tru64 UNIX, and when "Trust by Certificates" is not enabled, allows remote attackers to bypass authentication via a crafted URL. | |||||
| CVE-2004-0647 | 1 Shorewall | 1 Shorewall | 2025-04-03 | 4.6 MEDIUM | N/A |
| shorewall 1.4.10c and earlier, and 2.0.x before 2.0.3a, allows local users to overwrite arbitrary files via a symlink attack on the chains-$$ temporary file. | |||||
| CVE-1999-0163 | 1 Eric Allman | 1 Sendmail | 2025-04-03 | 7.2 HIGH | N/A |
| In older versions of Sendmail, an attacker could use a pipe character to execute root commands. | |||||
| CVE-2004-2518 | 1 Geeos Team | 1 Gattaca Server 2003 | 2025-04-03 | 5.0 MEDIUM | N/A |
| Gattaca Server 2003 1.1.10.0 allows remote attackers to obtain sensitive information via (1) a trailing null byte ("%00") to a URL or (2) an invalid LANGUAGE parameter to web.tmpl, which reveals the full installation path in an error message. | |||||
| CVE-2002-2133 | 1 Telindus | 1 1120 Adsl Router | 2025-04-03 | 10.0 HIGH | N/A |
| Telindus 1100 ASDL router running firmware 6.0.x uses weak encryption for UDP session traffic, which allows remote attackers to gain unauthorized access by sniffing and decrypting the administrative password. | |||||
| CVE-2006-0792 | 1 V-webmail | 1 V-webmail | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in preferences.personal.php in V-webmail 1.6.2 allows remote attackers to inject arbitrary web script or HTML via the newid parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2002-1855 | 1 Macromedia | 1 Jrun | 2025-04-03 | 5.0 MEDIUM | N/A |
| Macromedia JRun 3.0 through 4.0, when running on Windows, allows remote attackers to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF directory with a trailing dot ("WEB-INF."). | |||||
| CVE-2004-1400 | 1 Active Server Corner | 1 Asp Calendar | 2025-04-03 | 7.5 HIGH | N/A |
| The control panel in ASP Calendar does not require authentication to access, which allows remote attackers to gain unauthorized access via a direct request to main.asp. | |||||
| CVE-2006-2974 | 1 Emailarchitect | 1 Email Server | 2025-04-03 | 2.6 LOW | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in EmailArchitect Email Server 6.1.0.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) errCode and (2) uid parameter in (a) default.asp and (3) dname parameter in (b) /admin/dns.asp and (c) /additional/regdomain_done.asp. | |||||
| CVE-1999-0343 | 1 Palace | 1 Palace Client | 2025-04-03 | 5.1 MEDIUM | N/A |
| A malicious Palace server can force a client to execute arbitrary programs. | |||||
| CVE-2005-1659 | 1 Myserver | 1 Myserver | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in filemanager.cpp in MyServer 0.8 allows remote attackers to inject arbitrary Javascript via a URL with a "..." (triple dot) followed by an onmouseover event. | |||||
| CVE-2006-3667 | 1 Sybase | 1 Financial Fusion Consumer Banking Solution | 2025-04-03 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Sybase/Financial Fusion Consumer Banking Suite versions before 20060706 has unknown impact and remote attack vectors. | |||||