Total
29548 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0642 | 1 Itafrica | 1 Webactive | 2025-04-03 | 5.0 MEDIUM | N/A |
| The default configuration of WebActive HTTP Server 1.00 stores the web access log active.log in the document root, which allows remote attackers to view the logs by directly requesting the page. | |||||
| CVE-2005-4172 | 1 Efiction Project | 1 Efiction | 2025-04-03 | 5.0 MEDIUM | N/A |
| eFiction 1.0, 1.1, and 2.0 allows remote attackers to obtain sensitive information via a direct request to storyblock.php without arguments, which leaks the full pathname in the resulting PHP error message. | |||||
| CVE-2004-1142 | 7 Altlinux, Conectiva, Debian and 4 more | 9 Alt Linux, Linux, Debian Linux and 6 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed SMB packet. | |||||
| CVE-2002-0968 | 1 Analogx | 1 Simpleserver Www | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in AnalogX SimpleServer:WWW 1.16 and earlier allows remote attackers to cause a denial of service (crash) and execute code via a long HTTP request method name. | |||||
| CVE-2005-0852 | 1 Microsoft | 1 Windows Xp | 2025-04-03 | 2.1 LOW | N/A |
| Microsoft Windows XP SP1 allows local users to cause a denial of service (system crash) via an empty datagram to a raw IP over IP socket (IP protocol 4), as originally demonstrated using code in Python 2.3. | |||||
| CVE-2001-1540 | 1 David F. Mischler | 1 Iproute | 2025-04-03 | 5.0 MEDIUM | N/A |
| IPRoute 0.973, 0.974 and 1.18 allows remote attackers to cause a denial of service via fragmented IP packets that split the TCP header. | |||||
| CVE-2005-3280 | 1 Paros | 1 Paros | 2025-04-03 | 7.5 HIGH | N/A |
| Paros 3.2.5 uses a default password for the "sa" account in the underlying HSQLDB database and does not restrict access to the local machine, which allows remote attackers to gain privileges. | |||||
| CVE-2004-0795 | 1 Ibm | 1 Db2 Universal Database | 2025-04-03 | 7.2 HIGH | N/A |
| DB2 8.1 remote command server (DB2RCMD.EXE) executes the db2rcmdc.exe program as the db2admin administrator, which allows local users to gain privileges via the DB2REMOTECMD named pipe. | |||||
| CVE-2002-1885 | 1 Powerphlogger | 1 Powerphlogger | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in showhits.php3 for PowerPhlogger (PPhlogger) 2.0.9 through 2.2.2 allows remote attackers to execute arbitrary PHP code via the rel_path parameter. | |||||
| CVE-1999-0883 | 1 Zeus Technologies | 1 Zeus Web Server | 2025-04-03 | 10.0 HIGH | N/A |
| Zeus web server allows remote attackers to read arbitrary files by specifying the file name in an option to the search engine. | |||||
| CVE-2005-0933 | 1 Coinsoft Technologies | 1 Phpcoin | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in auxpage.php for phpCOIN 1.2.1b and earlier allows remote attackers to read arbitrary files via the page parameter. | |||||
| CVE-2005-1117 | 1 All4www | 1 All4www-homepagecreator | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in index.php in All4WWW-Homepagecreator 1.0a allows remote attackers to execute arbitrary PHP code by modifying the site parameter to reference a URL on a remote web server that contains the code. | |||||
| CVE-2005-4721 | 1 The Media Shoppe Berhad | 1 Tmspublisher | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in search.cfm in tmsPUBLISHER 3.3 allows remote attackers to inject arbitrary web script or HTML via the q parameter. | |||||
| CVE-2002-1109 | 1 Amavis | 1 Virus Scanner | 2025-04-03 | 2.1 LOW | N/A |
| securetar, as used in AMaViS shell script 0.2.1 and earlier, allows users to cause a denial of service (CPU consumption) via a malformed TAR file, possibly via an incorrect file size parameter. | |||||
| CVE-2005-4146 | 1 Lyris Technologies Inc | 1 Listmanager | 2025-04-03 | 5.0 MEDIUM | N/A |
| Lyris ListManager before 8.9b allows remote attackers to obtain sensitive information via a request to the TCLHTTPd status module, which provides sensitive server configuration information. | |||||
| CVE-2005-3012 | 1 Simplecdr-x | 1 Simplecdr-x | 2025-04-03 | 2.1 LOW | N/A |
| The MasterDataCD::createImage function in masterdatacd.cpp for SimpleCDR-X 1.3.3 creates the .temp temporary directory with insecure permissions, which allows local users to read sensitive ISO images. | |||||
| CVE-2000-1013 | 1 Freebsd | 1 Freebsd | 2025-04-03 | 7.2 HIGH | N/A |
| The setlocale function in FreeBSD 5.0 and earlier, and possibly other OSes, allows local users to read arbitrary files via the LANG environmental variable. | |||||
| CVE-2002-1165 | 2 Netbsd, Sendmail | 2 Netbsd, Sendmail | 2025-04-03 | 4.6 MEDIUM | N/A |
| Sendmail Consortium's Restricted Shell (SMRSH) in Sendmail 8.12.6, 8.11.6-15, and possibly other versions after 8.11 from 5/19/1998, allows attackers to bypass the intended restrictions of smrsh by inserting additional commands after (1) "||" sequences or (2) "/" characters, which are not properly filtered or verified. | |||||
| CVE-2005-4584 | 1 Bzflag | 1 Bzflag Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| BZFlag server 2.0.4 and earlier allows remote attackers to cause a denial of service (application crash) via a callsign that is not followed by a NULL (\0) character. | |||||
| CVE-2006-1634 | 1 Lucidcms | 1 Lucidcms | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in LucidCMS 2.0.0 RC4 allows remote attackers to inject arbitrary web script or HTML via the command parameter. | |||||