Total
29553 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0810 | 1 Cgi Script Center | 1 Auction Weaver | 2025-04-03 | 7.5 HIGH | N/A |
| Auction Weaver 1.0 through 1.04 does not properly validate the names of form fields, which allows remote attackers to delete arbitrary files and directories via a .. (dot dot) attack. | |||||
| CVE-2000-1075 | 2 Netscape, Sun | 2 Directory Server, Iplanet Certificate Management System | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in iPlanet Certificate Management System 4.2 and Directory Server 4.12 allows remote attackers to read arbitrary files via a .. (dot dot) attack in the Agent, End Entity, or Administrator services. | |||||
| CVE-2004-0493 | 5 Apache, Avaya, Gentoo and 2 more | 8 Http Server, Converged Communications Server, S8300 and 5 more | 2025-04-03 | 6.4 MEDIUM | N/A |
| The ap_get_mime_headers_core function in Apache httpd 2.0.49 allows remote attackers to cause a denial of service (memory exhaustion), and possibly an integer signedness error leading to a heap-based buffer overflow on 64 bit systems, via long header lines with large numbers of space or tab characters. | |||||
| CVE-2006-4866 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | 4.6 MEDIUM | N/A |
| Buffer overflow in kextload in Apple OS X, as used by TDIXSupport in Roxio Toast Titanium and possibly other products, allows local users to execute arbitrary code via a long extension argument. | |||||
| CVE-2005-4163 | 1 Milky | 1 Captcha Php | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in captcha.php in Captcha PHP 0.9 allows remote attackers to read arbitrary files via the _tcf parameter. | |||||
| CVE-2002-1034 | 1 Sun | 1 I-runbook | 2025-04-03 | 10.0 HIGH | N/A |
| none.php for SunPS iRunbook 2.5.2 allows remote attackers to read arbitrary files via an absolute pathname in the argument. | |||||
| CVE-2003-0881 | 1 Apple | 1 Mac Os X | 2025-04-03 | 7.5 HIGH | N/A |
| Mail in Mac OS X before 10.3, when configured to use MD5 Challenge Response, uses plaintext authentication if the CRAM-MD5 hashed login fails, which could allow remote attackers to gain privileges by sniffing the password. | |||||
| CVE-2006-3125 | 1 Gtetrinet | 1 Gtetrinet | 2025-04-03 | 7.5 HIGH | N/A |
| Array index error in tetrinet.c in gtetrinet 0.7.8 and earlier allows remote attackers to execute arbitrary code via a packet specifying a negative number of players, which is used as an array index. | |||||
| CVE-1999-0628 | 4 Freebsd, Ibm, Linux and 1 more | 4 Freebsd, Aix, Linux Kernel and 1 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| The rwho/rwhod service is running, which exposes machine status and user information. | |||||
| CVE-1999-0641 | 2025-04-03 | N/A | N/A | ||
| The UUCP service is running. | |||||
| CVE-2006-4735 | 1 Kellan Elliott-mccrea | 1 Magpierss | 2025-04-03 | 5.0 MEDIUM | N/A |
| Kellan Elliott-McCrea MagpieRSS allows remote attackers to obtain sensitive information via a direct request for (1) rss_fetch.inc.php or (2) rss_parse.inc.php, which reveals the path in various error messages. | |||||
| CVE-2002-2003 | 1 Compaq | 1 Tru64 | 2025-04-03 | 5.0 MEDIUM | N/A |
| ypbind in Compaq Tru64 4.0F, 4.0G, 5.0A, 5.1 and 5.1A allows remote attackers to cause the process to core dump via certain network packets generated by nmap. | |||||
| CVE-2006-1118 | 1 Bmail | 1 Bmail | 2025-04-03 | 5.0 MEDIUM | N/A |
| SQL injection vulnerability in bmail before Aardvark PR9.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors involving GBK character sets. | |||||
| CVE-2002-1504 | 1 Radiobird Software | 1 Webserver 4 Everyone | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in WebServer 4 Everyone 1.22 allows remote attackers to read arbitrary files via "..\" (dot-dot backslash) sequences in a URL. | |||||
| CVE-2005-3293 | 1 Xerver | 1 Xerver | 2025-04-03 | 5.0 MEDIUM | N/A |
| Xerver 4.17 allows remote attackers to (1) obtain source code of scripts via a request with a trailing "." (dot) or (2) list directory contents via a trailing null character. | |||||
| CVE-2004-0055 | 1 Lbl | 1 Tcpdump | 2025-04-03 | 5.0 MEDIUM | N/A |
| The print_attr_string function in print-radius.c for tcpdump 3.8.1 and earlier allows remote attackers to cause a denial of service (segmentation fault) via a RADIUS attribute with a large length value. | |||||
| CVE-2001-1033 | 1 Compaq | 2 Tru64, Trucluster | 2025-04-03 | 5.0 MEDIUM | N/A |
| Compaq TruCluster 1.5 allows remote attackers to cause a denial of service via a port scan from a system that does not have a DNS PTR record, which causes the cluster to enter a "split-brain" state. | |||||
| CVE-2002-0845 | 1 Iplanet | 1 Iplanet Web Server | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in Sun ONE / iPlanet Web Server 4.1 and 6.0 allows remote attackers to execute arbitrary code via an HTTP request using chunked transfer encoding. | |||||
| CVE-2005-0398 | 6 Altlinux, Ipsec-tools, Kame and 3 more | 7 Alt Linux, Ipsec-tools, Racoon and 4 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| The KAME racoon daemon in ipsec-tools before 0.5 allows remote attackers to cause a denial of service (crash) via malformed ISAKMP packets. | |||||
| CVE-2005-4216 | 1 Macromedia | 1 Flash Media Server | 2025-04-03 | 7.8 HIGH | N/A |
| The Administration Service (FMSAdmin.exe) in Macromedia Flash Media Server 2.0 r1145 allows remote attackers to cause a denial of service (application crash) via a malformed request with a single character to port 1111. | |||||