Total
29554 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-0882 | 1 Phpoutsourcing | 1 Noahs Classifieds | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in include.php in Noah's Classifieds 1.3 allows remote attackers to include arbitrary local files via the otherTemplate parameter to index.php. | |||||
| CVE-2006-2292 | 1 Inhouse Associates | 1 Ia-calendar | 2025-04-03 | 6.4 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in IA-Calendar allow remote attackers to execute arbitrary SQL commands via the (1) type parameter in (a) calendar_new.asp and (b) default.asp, and (2) ID parameter in (c) calendar_detail.asp. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | |||||
| CVE-2004-2394 | 1 Mandrakesoft | 3 Mandrake Linux, Mandrake Linux Corporate Server, Mandrake Multi Network Firewall | 2025-04-03 | 2.1 LOW | N/A |
| Off-by-one error in passwd 0.68 and earlier, when using the --stdin option, causes passwd to use the first 78 characters of a password instead of the first 79, which results in a small reduction of the search space required for brute force attacks. | |||||
| CVE-2001-0579 | 1 Sco | 1 Openserver | 2025-04-03 | 7.5 HIGH | N/A |
| lpadmin in SCO OpenServer 5.0.6 can allow a local attacker to gain additional privileges via a buffer overflow attack in the first argument to the command. | |||||
| CVE-2004-0130 | 1 Phpgedview | 1 Phpgedview | 2025-04-03 | 5.0 MEDIUM | N/A |
| login.php in phpGedView 2.65 and earlier allows remote attackers to obtain sensitive information via an HTTP request to login.php that does not contain the required username or password parameters, which causes the information to be leaked in an error message. | |||||
| CVE-2002-1050 | 1 Hylafax | 1 Hylafax | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in HylaFAX faxgetty before 4.1.3 allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long line of image data. | |||||
| CVE-2006-2419 | 1 Php | 1 Directory Listing Script | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Directory Listing Script allows remote attackers to inject arbitrary web script or HTML via the dir parameter. | |||||
| CVE-2001-1240 | 1 Engardelinux | 1 Secure Linux | 2025-04-03 | 10.0 HIGH | N/A |
| The default configuration of sudo in Engarde Secure Linux 1.0.1 allows any user in the admin group to run certain commands that could be leveraged to gain full root access. | |||||
| CVE-2002-1396 | 1 Php | 1 Php | 2025-04-03 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in the wordwrap function in PHP after 4.1.2 and before 4.3.0 may allow attackers to cause a denial of service or execute arbitrary code. | |||||
| CVE-2006-1595 | 1 Claroline | 1 Claroline | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in document/rqmkhtml.php in Claroline 1.7.4 and earlier allows remote attackers to read arbitrary files via ".." sequences in the file parameter in a rqEditHtml command. | |||||
| CVE-2005-4016 | 1 Widget Press | 1 Widget Property | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Widget Property 1.1.19 allows remote attackers to execute arbitrary SQL commands via the (1) property_id, (2) zip_code, (3) property_type_id, (4) price, and (5) city_id parameters to property.php. | |||||
| CVE-1999-0242 | 1 Slackware | 1 Slackware Linux | 2025-04-03 | 7.5 HIGH | N/A |
| Remote attackers can access mail files via POP3 in some Linux systems that are using shadow passwords. | |||||
| CVE-2000-0991 | 1 Hilgraeve | 1 Hyperterminal | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in Hilgraeve, Inc. HyperTerminal client on Windows 98, ME, and 2000 allows remote attackers to execute arbitrary commands via a long telnet URL, aka the "HyperTerminal Buffer Overflow" vulnerability. | |||||
| CVE-2004-0298 | 1 Aclogic | 1 Cesarftp | 2025-04-03 | 5.0 MEDIUM | N/A |
| CesarFTP 0.99e allows remote attackers to cause a denial of service (CPU consumption) via a long RETR parameter. | |||||
| CVE-2001-1207 | 1 Daydream | 1 Daydream Bbs | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflows in DayDream BBS 2.9 through 2.13 allow remote attackers to possibly execute arbitrary code via the control codes (1) ~#MC, (2) ~#TF, or (3) ~#RA. | |||||
| CVE-2002-1556 | 1 Cisco | 1 Optical Networking Systems Software | 2025-04-03 | 5.0 MEDIUM | N/A |
| Cisco ONS15454 and ONS15327 running ONS before 3.4 allows attackers to cause a denial of service (reset) via an HTTP request to the TCC, TCC+ or XTC, in which the request contains an invalid CORBA Interoperable Object Reference (IOR). | |||||
| CVE-2006-3427 | 1 Microsoft | 1 Internet Explorer | 2025-04-03 | 5.0 MEDIUM | N/A |
| Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (crash) by declaring the sourceURL attribute on an uninitialized DirectAnimation.StructuredGraphicsControl ActiveX Object, which triggers a null dereference. | |||||
| CVE-2001-0407 | 1 Oracle | 1 Mysql | 2025-04-03 | 4.6 MEDIUM | N/A |
| Directory traversal vulnerability in MySQL before 3.23.36 allows local users to modify arbitrary files and gain privileges by creating a database whose name starts with .. (dot dot). | |||||
| CVE-2000-0056 | 1 Ipswitch | 1 Imail | 2025-04-03 | 5.0 MEDIUM | N/A |
| IMail IMONITOR status.cgi CGI script allows remote attackers to cause a denial of service with many calls to status.cgi. | |||||
| CVE-2005-2979 | 1 Phpoutsourcing | 1 Noahs Classifieds | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in phpoutsourcing Noah's classifieds allows remote attackers to execute arbitrary SQL commands via the rollid parameter. | |||||