Total
29539 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-1545 | 1 Ht Editor | 1 Ht Editor | 2025-04-03 | 5.1 MEDIUM | N/A |
| Integer overflow in the ELF parser in HT Editor before 0.8.0 allows remote attackers to execute arbitrary code via a crafted ELF file, which leads to a heap-based buffer overflow. | |||||
| CVE-1999-0203 | 1 Eric Allman | 1 Sendmail | 2025-04-03 | 10.0 HIGH | N/A |
| In Sendmail, attackers can gain root privileges via SMTP by specifying an improper "mail from" address and an invalid "rcpt to" address that would cause the mail to bounce to a program. | |||||
| CVE-1999-1504 | 1 Stalker | 1 Stalker Internet Mail Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Stalker Internet Mail Server 1.6 allows a remote attacker to cause a denial of service (crash) via a long HELO command. | |||||
| CVE-2005-4770 | 1 Accelerated Enterprise Solutions | 1 Accelerated E Solutions | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in an unspecified Accelerated Enterprise Solutions product, possibly Accelerated E Solutions, allows remote attackers to execute arbitrary SQL commands via the password parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2001-0618 | 1 Lucent | 1 Orinoco Rg-1000 | 2025-04-03 | 7.5 HIGH | N/A |
| Orinoco RG-1000 wireless Residential Gateway uses the last 5 digits of the 'Network Name' or SSID as the default Wired Equivalent Privacy (WEP) encryption key. Since the SSID occurs in the clear during communications, a remote attacker could determine the WEP key and decrypt RG-1000 traffic. | |||||
| CVE-2005-3063 | 1 Unu Networks | 1 Mailgust | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in MailGust 1.9 allows remote attackers to execute arbitrary SQL commands via the email field on the password reminder page. | |||||
| CVE-2004-1984 | 2 Coppermine, Francisco Burzi | 2 Coppermine Photo Gallery, Php-nuke | 2025-04-03 | 5.0 MEDIUM | N/A |
| Coppermine Photo Gallery 1.2.2b and 1.2.0 RC4 allows remote attackers to obtain sensitive information via a direct HTTP request to (1) phpinfo.php, (2) addpic.php, (3) config.php, (4) db_input.php, (5) displayecard.php, (6) ecard.php, (7) crop.inc.php, which reveal the full path in a PHP error message. | |||||
| CVE-2001-0547 | 1 Microsoft | 1 Isa Server | 2025-04-03 | 2.1 LOW | N/A |
| Memory leak in the proxy service in Microsoft Internet Security and Acceleration (ISA) Server 2000 allows local attackers to cause a denial of service (resource exhaustion). | |||||
| CVE-2000-0640 | 1 Steve Poulsen | 1 Guildftpd | 2025-04-03 | 7.5 HIGH | N/A |
| Guild FTPd allows remote attackers to determine the existence of files outside the FTP root via a .. (dot dot) attack, which provides different error messages depending on whether the file exists or not. | |||||
| CVE-2004-0484 | 1 Microsoft | 1 Internet Explorer | 2025-04-03 | 2.6 LOW | N/A |
| mshtml.dll in Microsoft Internet Explorer 6.0.2800 allows remote attackers to cause a denial of service (crash) via a table containing a form that crosses multiple td elements, and whose "float: left" class is defined in a link to a CSS stylesheet after the end of the table, which may trigger a null dereference. | |||||
| CVE-2005-3144 | 1 Standards Based Linux Instrumentation | 1 Sblim-sfcb | 2025-04-03 | 5.0 MEDIUM | N/A |
| httpAdapter.c in sblim-sfcb before 0.9.2 allows remote attackers to cause a denial of service via long HTTP headers. | |||||
| CVE-2006-0745 | 5 Mandrakesoft, Redhat, Sun and 2 more | 6 Mandrake Linux, Fedora Core, Solaris and 3 more | 2025-04-03 | 7.2 HIGH | N/A |
| X.Org server (xorg-server) 1.0.0 and later, X11R6.9.0, and X11R7.0 inadvertently treats the address of the geteuid function as if it is the return value of a call to geteuid, which allows local users to bypass intended restrictions and (1) execute arbitrary code via the -modulepath command line option or (2) overwrite arbitrary files via -logfile. | |||||
| CVE-2004-2229 | 1 Oracle | 1 Database Server Lite | 2025-04-03 | 4.6 MEDIUM | N/A |
| Multiple unknown vulnerabilities in Oracle 9i Lite Mobile Server 5.0.0.0.0 through 5.0.2.9.0 allow remote authenticated users to gain privileges. | |||||
| CVE-2005-3521 | 1 E107 | 1 E107 | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in resetcore.php in e107 0.617 through 0.6173 allows remote attackers to execute arbitrary SQL commands, bypass authentication, and inject HTML or script via the (1) a_name parameter or (2) user field of the login page. | |||||
| CVE-2002-1913 | 1 Myphpnuke | 1 Myphpnuke | 2025-04-03 | 5.0 MEDIUM | N/A |
| phptonuke.php in myPHPNuke 1.8.8 allows remote attackers to read arbitrary files via a full pathname in the filnavn variable. | |||||
| CVE-1999-1542 | 1 Redhat | 1 Linux | 2025-04-03 | 10.0 HIGH | N/A |
| RPMMail before 1.4 allows remote attackers to execute commands via an e-mail message with shell metacharacters in the "MAIL FROM" command. | |||||
| CVE-2006-4831 | 1 Iodine | 1 Iodine | 2025-04-03 | 10.0 HIGH | N/A |
| Unspecified vulnerability in IP over DNS is now easy (iodine) before 0.3.2 has unknown impact and attack vectors, related to "potential security problems." | |||||
| CVE-2002-0743 | 1 Ibm | 1 Aix | 2025-04-03 | 10.0 HIGH | N/A |
| mail and mailx in AIX 4.3.3 core dump when called with a very long argument, an indication of a buffer overflow. | |||||
| CVE-2000-0270 | 1 Gnu | 1 Emacs | 2025-04-03 | 3.6 LOW | N/A |
| The make-temp-name Lisp function in Emacs 20 creates temporary files with predictable names, which allows attackers to conduct a symlink attack. | |||||
| CVE-2005-0473 | 3 Mandrakesoft, Redhat, Rob Flynn | 5 Mandrake Linux, Mandrake Linux Corporate Server, Enterprise Linux and 2 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| The HTML parsing functions in Gaim before 1.1.3 allow remote attackers to cause a denial of service (application crash) via malformed HTML that causes "an invalid memory access," a different vulnerability than CVE-2005-0208. | |||||