Total
29554 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-1492 | 1 Gossamer Threads | 2 Gossamer Threads Links, Gossamer Threads Links-sql | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in user.cgi in Gossamer Threads Links SQL 2.x and 3.0 allows remote attackers to inject arbitrary web script or HTML via the url parameter. | |||||
| CVE-2005-1393 | 1 Esri | 1 Arcinfo Workstation | 2025-04-03 | 4.6 MEDIUM | N/A |
| Multiple buffer overflows in ArcGIS for ESRI ArcInfo Workstation 9.0 allow local users to execute arbitrary code via long command line arguments to (1) asmaster, (2) asuser, (3) asutility, (4) se, or (5) asrecovery. | |||||
| CVE-2005-2694 | 1 Winace | 1 Winace | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in WinAce 2.6.0.5, and possibly earlier versions, allows remote attackers to execute arbitrary code via a temporary (.tmp) file that contains an entry with a long file name. | |||||
| CVE-2000-1041 | 1 Swen Thuemmler | 1 Ypbind | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in ypbind 3.3 possibly allows an attacker to gain root privileges. | |||||
| CVE-2005-4419 | 1 Quicksquare Development | 2 Honeycomb Archive, Honeycomb Archive Enterprise | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in CategoryResults.cfm in Honeycomb Archive and Honeycomb Archive Enterprise 3.0 allow remote attackers to execute arbitrary SQL commands via the (1) series, (2) cat_parent, (3) cat, and (4) div parameters. | |||||
| CVE-2004-2414 | 1 Novell | 1 Netware | 2025-04-03 | 2.1 LOW | N/A |
| Novell NetWare 6.5 SP 1.1, when installing or upgrading using the Overlay CDs and performing a custom installation with OpenSSH, includes sensitive password information in the (1) NIOUTPUT.TXT and (2) NI.LOG log files, which might allow local users to obtain the passwords. | |||||
| CVE-2004-1018 | 2 Canonical, Php | 2 Ubuntu Linux, Php | 2025-04-03 | 10.0 HIGH | N/A |
| Multiple integer handling errors in PHP before 4.3.10 allow attackers to bypass safe mode restrictions, cause a denial of service, or execute arbitrary code via (1) a negative offset value to the shmop_write function, (2) an "integer overflow/underflow" in the pack function, or (3) an "integer overflow/underflow" in the unpack function. NOTE: this issue was originally REJECTed by its CNA before publication, but that decision is in active dispute. This candidate may change significantly in the future as a result of further discussion. | |||||
| CVE-2003-0806 | 1 Microsoft | 3 Windows 2000, Windows Nt, Windows Xp | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the Windows logon process (winlogon) in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, and XP SP1, when a member of a domain, allows remote attackers to execute arbitrary code. | |||||
| CVE-2006-4417 | 1 Xoops | 1 Xoops | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in edituser.php in Xoops before 2.0.15 allows remote attackers to execute arbitrary SQL commands via the user_avatar parameter. | |||||
| CVE-2005-3043 | 1 Mall23 | 1 Mall23 | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in AddItem.asp in Mall23 eCommerce allows remote attackers to execute arbitrary SQL commands via the idOption_Dropdown_2 parameter. | |||||
| CVE-2005-1603 | 1 Niteenterprises | 1 Remote File Manager | 2025-04-03 | 5.0 MEDIUM | N/A |
| NiteEnterprises Remote File Manager 1.0 allows remote attackers to cause a denial of service (crash) via a crafted string to TCP port 7080. | |||||
| CVE-2006-4086 | 1 Ozjournals | 1 Ozjournals | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Elaine Aquino Online Zone Journals (OZJournals) 1.5 allows remote attackers to inject arbitrary web script or HTML via the keywords parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | |||||
| CVE-2003-0972 | 1 Gnu | 1 Screen | 2025-04-03 | 10.0 HIGH | N/A |
| Integer signedness error in ansi.c for GNU screen 4.0.1 and earlier, and 3.9.15 and earlier, allows local users to execute arbitrary code via a large number of ";" (semicolon) characters in escape sequences, which leads to a buffer overflow. | |||||
| CVE-2003-0946 | 1 Clam Anti-virus | 1 Clamav | 2025-04-03 | 7.5 HIGH | N/A |
| Format string vulnerability in clamav-milter for Clam AntiVirus 0.60 through 0.60p, and other versions before 0.65, allows remote attackers to cause a denial of service and possibly execute arbitrary code via format string specifiers in the email address argument of a "MAIL FROM" command. | |||||
| CVE-2004-0982 | 1 Mpg123 | 1 Mpg123 | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in the getauthfromURL function in httpget.c in mpg123 pre0.59s and mpg123 0.59r could allow remote attackers or local users to execute arbitrary code via an mp3 file that contains a long string before the @ (at sign) in a URL. | |||||
| CVE-2003-0203 | 2 Moxftp, Xftp | 2 Moxftp, Xftp | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in moxftp 2.2 and earlier allows remote malicious FTP servers to execute arbitrary code via a long FTP banner. | |||||
| CVE-2004-2077 | 1 Nadeo | 3 Game Engine, Trackmania, Virtual Skipper | 2025-04-03 | 5.0 MEDIUM | N/A |
| Nadeo Game Engine for Nadeo TrackMania and Nadeo Virtual Skipper 3 allows remote attackers to cause a denial of service (server crash) via malformed data to TCP port 2350, possibly due to long values or incorrect size fields. | |||||
| CVE-2001-1288 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2025-04-03 | 2.1 LOW | N/A |
| Windows 2000 and Windows NT allows local users to cause a denial of service (reboot) by executing a command at the command prompt and pressing the F7 and enter keys several times while the command is executing, possibly related to an exception handling error in csrss.exe. | |||||
| CVE-1999-0901 | 1 Linux-nis | 1 Ypserv | 2025-04-03 | 7.2 HIGH | N/A |
| ypserv allows a local user to modify the GECOS and login shells of other users. | |||||
| CVE-2005-0414 | 1 Mercuryboard | 1 Mercuryboard | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in post.php for MercuryBoard 1.1.1 allows remote attackers to execute arbitrary SQL commands via a reply post action for index.php with (1) the t parameter or (2) the qu parameter. | |||||