Total
29539 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-3888 | 1 Gadu-gadu | 1 Gadu-gadu Instant Messenger | 2025-04-03 | 7.8 HIGH | N/A |
| Memory leak in Gadu-Gadu 7.20 allows remote attackers to cause a denial of service via multiple DCC packets with a code other than 2 and a large size field, which allocates memory for the packet but does not free it after the packet has been dropped. | |||||
| CVE-2002-0058 | 2 Microsoft, Sun | 4 Virtual Machine, Jdk, Jre and 1 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| Vulnerability in Java Runtime Environment (JRE) allows remote malicious web sites to hijack or sniff a web client's sessions, when an HTTP proxy is being used, via a Java applet that redirects the session to another server, as seen in (1) Netscape 6.0 through 6.1 and 4.79 and earlier, (2) Microsoft VM build 3802 and earlier as used in Internet Explorer 4.x and 5.x, and possibly other implementations that use vulnerable versions of SDK or JDK. | |||||
| CVE-2004-1336 | 2 Debian, Gentoo | 2 Tetex-bin, Linux | 2025-04-03 | 2.1 LOW | N/A |
| The xdvizilla script in tetex-bin 2.0.2 creates temporary files with predictable file names, which allows local users to overwrite arbitrary files via a symlink attack. | |||||
| CVE-2003-0856 | 1 Stephen Hemminger | 1 Iproute | 2025-04-03 | 4.9 MEDIUM | N/A |
| iproute 2.4.7 and earlier allows local users to cause a denial of service via spoofed messages as other users to the kernel netlink interface. | |||||
| CVE-2004-1952 | 1 Advanced Guestbook | 1 Advanced Guestbook | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Advanced Guestbook 2.2 allows remote attackers to execute arbitrary SQL commands and gain privileges via the password. | |||||
| CVE-2006-4240 | 1 Fusionphp | 1 Fusion News | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in index.php in Fusion News 3.7 allows remote attackers to execute arbitrary PHP code via a URL in the fpath parameter. | |||||
| CVE-2000-0349 | 1 Sco | 1 Unixware | 2025-04-03 | 5.0 MEDIUM | N/A |
| Vulnerability in the passthru driver in SCO UnixWare 7.1.0 allows an attacker to cause a denial of service. | |||||
| CVE-2004-1720 | 1 Merak | 1 Mail Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| The (1) address.html and possibly (2) calendar.html pages in Merak Mail Server 5.2.7 allow remote attackers to gain sensitive information via an invalid HTTP request, which reveals the installation path. NOTE: it is unclear whether the calendar.html is an exposure, since the path is leaked in web logs that may only be available to the administrators, who would have access to the path through legitimate means. | |||||
| CVE-2002-1146 | 1 Gnu | 1 Glibc | 2025-04-03 | 5.0 MEDIUM | N/A |
| The BIND 4 and BIND 8.2.x stub resolver libraries, and other libraries such as glibc 2.2.5 and earlier, libc, and libresolv, use the maximum buffer size instead of the actual size when processing a DNS response, which causes the stub resolvers to read past the actual boundary ("read buffer overflow"), allowing remote attackers to cause a denial of service (crash). | |||||
| CVE-2006-0247 | 1 Netbula | 1 Anyboard | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in anyboard.cgi in Netbula Anyboard 9.9 and earlier allows remote attackers to inject arbitrary web script or HTML via the tK parameter in a find command. | |||||
| CVE-1999-0043 | 6 Bsdi, Caldera, Isc and 3 more | 7 Bsd Os, Openlinux, Inn and 4 more | 2025-04-03 | 10.0 HIGH | 9.8 CRITICAL |
| Command execution via shell metachars in INN daemon (innd) 1.5 using "newgroup" and "rmgroup" control messages, and others. | |||||
| CVE-2000-1093 | 1 Aol | 1 Instant Messenger | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in AOL Instant Messenger before 4.3.2229 allows remote attackers to execute arbitrary commands via a long "goim" command. | |||||
| CVE-2002-0094 | 1 Fraunhofer Fit | 1 Bscw | 2025-04-03 | 7.5 HIGH | N/A |
| config_converters.py in BSCW (Basic Support for Cooperative Work) 3.x and versions before 4.06 allows remote attackers to execute arbitrary commands via shell metacharacters in the file name during filename conversion. | |||||
| CVE-2005-4722 | 1 The Media Shoppe Berhad | 1 Tmspublisher | 2025-04-03 | 5.0 MEDIUM | N/A |
| _Request_Message.cfm in tmsPUBLISHER 3.3 allows remote attackers to obtain sensitive information via an invalid id argument to pagename.cfm, which reveals the installation path in an error message. | |||||
| CVE-1999-0095 | 1 Eric Allman | 1 Sendmail | 2025-04-03 | 10.0 HIGH | N/A |
| The debug command in Sendmail is enabled, allowing attackers to execute commands as root. | |||||
| CVE-2002-0164 | 1 Caldera | 2 Openlinux Server, Openlinux Workstation | 2025-04-03 | 4.6 MEDIUM | N/A |
| Vulnerability in the MIT-SHM extension of the X server on Linux (XFree86) 4.2.1 and earlier allows local users to read and write arbitrary shared memory, possibly to cause a denial of service or gain privileges. | |||||
| CVE-2004-2131 | 1 Ibm | 2 Informix Dynamic Server, Informix Extended Parallel Server | 2025-04-03 | 7.2 HIGH | N/A |
| Stack-based buffer overflow in ontape for IBM Informix Dynamic Server (IDS) 9.40.xC3 and earlier allows local users, with DSA privileges, to execute arbitrary code via a long ONCONFIG environment variable. | |||||
| CVE-2004-1718 | 1 Pedestal Software | 1 Integrity Protection Driver | 2025-04-03 | 2.1 LOW | N/A |
| The ZwOpenSection function in Integrity Protection Driver (IPD) 1.4 and earlier allows local users to cause a denial of service (crash) via an invalid pointer in the "oa" argument. | |||||
| CVE-2000-0838 | 1 Fastream | 1 Fur Http Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Fastream FUR HTTP server 1.0b allows remote attackers to cause a denial of service via a long GET request. | |||||
| CVE-2006-1072 | 1 Simplog | 1 Simplog | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Daverave Simplog 1.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via a blog post. | |||||