Total
11775 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-2923 | 1 Ipswitch | 2 Imail Server, Ipswitch Collaboration Suite | 2025-04-03 | 4.0 MEDIUM | N/A |
| The IMAP server in IMail Server 8.20 in Ipswitch Collaboration Suite (ICS) before 2.02 allows remote attackers to cause a denial of service (crash) via a long argument to the LIST command, which causes IMail Server to reference invalid memory. | |||||
| CVE-2006-1192 | 2 Canon, Microsoft | 3 Network Camera Server Vb101, Ie, Internet Explorer | 2025-04-03 | 2.6 LOW | N/A |
| Microsoft Internet Explorer 5.01 through 6 allows remote attackers to conduct phishing attacks by spoofing the address bar and other parts of the trust UI via unknown methods that allow "window content to persist" after the user has navigated to another site, aka the "Address Bar Spoofing Vulnerability." NOTE: this is a different vulnerability than CVE-2006-1626. | |||||
| CVE-2003-1444 | 1 Kaspersky Lab | 1 Kaspersky Anti-virus | 2025-04-03 | 4.4 MEDIUM | N/A |
| Kaspersky Antivirus (KAV) 4.0.9.0 allows local users to cause a denial of service (CPU consumption or crash) and prevent malicious code from being detected via a file with a long pathname. | |||||
| CVE-2002-2420 | 1 Independent Solution | 2 Simple Site Searcher, Super Site Searcher | 2025-04-03 | 7.5 HIGH | N/A |
| site_searcher.cgi in Super Site Searcher allows remote attackers to execute arbitrary commands via shell metacharacters in the page parameter. | |||||
| CVE-2005-3591 | 1 Macromedia | 1 Flash Player | 2025-04-03 | 7.5 HIGH | N/A |
| Macromedia Flash plugin (1) Flash.ocx 7.0.19.0 (Windows) and earlier and (2) libflashplayer.so before 7.0.25.0 (Unix) allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via parameters to the ActionDefineFunction ActionScript call in a SWF file, which causes an improper memory access condition, a different vulnerability than CVE-2005-2628. | |||||
| CVE-2002-2325 | 1 University Of Washington | 1 Pine | 2025-04-03 | 7.8 HIGH | N/A |
| The c-client library in Internet Message Access Protocol (IMAP) dated before 2002 RC2, as used by Pine 4.20 through 4.44, allows remote attackers to cause a denial of service (client crash) via a MIME-encoded email with Content-Type header containing an empty boundary field. | |||||
| CVE-2005-0116 | 1 Awstats | 1 Awstats | 2025-04-03 | 7.5 HIGH | N/A |
| AWStats 6.1, and other versions before 6.3, allows remote attackers to execute arbitrary commands via shell metacharacters in the configdir parameter to aswtats.pl. | |||||
| CVE-2002-2371 | 1 Linksys | 1 Wet11 | 2025-04-03 | 7.8 HIGH | N/A |
| Linksys WET11 firmware 1.31 and 1.32 allows remote attackers to cause a denial of service (crash) via a packet containing the device's hardware address as the source MAC address in the DLC header. | |||||
| CVE-2006-0047 | 1 Freeciv | 1 Freeciv | 2025-04-03 | 5.0 MEDIUM | N/A |
| packets.c in Freeciv 2.0 before 2.0.8 allows remote attackers to cause a denial of service (server crash) via crafted packets with negative compressed size values. | |||||
| CVE-2006-4301 | 1 Microsoft | 1 Ie | 2025-04-03 | 5.0 MEDIUM | N/A |
| Microsoft Internet Explorer 6.0 SP1 allows remote attackers to cause a denial of service (crash) via a long Color attribute in multiple DirectX Media Image DirectX Transforms ActiveX COM Objects from (a) dxtmsft.dll and (b) dxtmsft3.dll, including (1) DXImageTransform.Microsoft.MaskFilter.1, (2) DXImageTransform.Microsoft.Chroma.1, and (3) DX3DTransform.Microsoft.Shapes.1. | |||||
| CVE-2002-2423 | 1 Sendmail | 1 Sendmail | 2025-04-03 | 6.4 MEDIUM | N/A |
| Sendmail 8.12.0 through 8.12.6 truncates log messages longer than 100 characters, which allows remote attackers to prevent the IP address from being logged via a long IDENT response. | |||||
| CVE-2006-0914 | 1 Mozilla | 1 Bugzilla | 2025-04-03 | 5.5 MEDIUM | N/A |
| Bugzilla 2.16.10, 2.17 through 2.18.4, and 2.20 does not properly handle certain characters in the mostfreqthreshold parameter in duplicates.cgi, which allows remote attackers to trigger a SQL error. | |||||
| CVE-1999-0999 | 1 Microsoft | 1 Sql Server | 2025-04-03 | 4.3 MEDIUM | N/A |
| Microsoft SQL 7.0 server allows a remote attacker to cause a denial of service via a malformed TDS packet. | |||||
| CVE-2006-4935 | 1 Moodle | 1 Moodle | 2025-04-03 | 10.0 HIGH | N/A |
| The Database module in Moodle before 1.6.2 does not properly handle uploaded files, which has unspecified impact and remote attack vectors. | |||||
| CVE-1999-0918 | 1 Microsoft | 4 Windows 2000, Windows 95, Windows 98 and 1 more | 2025-04-03 | 7.8 HIGH | N/A |
| Denial of service in various Windows systems via malformed, fragmented IGMP packets. | |||||
| CVE-2003-1403 | 1 Dotbr | 1 Botbr | 2025-04-03 | 7.5 HIGH | N/A |
| foo.php3 in DotBr 0.1 allows remote attackers to obtain sensitive information via a direct request, which calls the phpinfo function. | |||||
| CVE-2005-0492 | 1 Adobe | 1 Acrobat Reader | 2025-04-03 | 2.6 LOW | N/A |
| Adobe Acrobat Reader 6.0.3 and 7.0.0 allows remote attackers to cause a denial of service (application crash) via a PDF file that contains a negative Count value in the root page node. | |||||
| CVE-2001-0566 | 1 Cisco | 1 Catalyst 2900 | 2025-04-03 | 5.0 MEDIUM | N/A |
| Cisco Catalyst 2900XL switch allows a remote attacker to create a denial of service via an empty UDP packet sent to port 161 (SNMP) when SNMP is disabled. | |||||
| CVE-2006-4227 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2025-04-03 | 6.5 MEDIUM | N/A |
| MySQL before 5.0.25 and 5.1 before 5.1.12 evaluates arguments of suid routines in the security context of the routine's definer instead of the routine's caller, which allows remote authenticated users to gain privileges through a routine that has been made available using GRANT EXECUTE. | |||||
| CVE-2004-1386 | 1 Tiki | 1 Tikiwiki Cms\/groupware | 2025-04-03 | 7.5 HIGH | N/A |
| TikiWiki before 1.8.4.1 does not properly verify uploaded images, which could allow remote attackers to upload and execute arbitrary PHP scripts, a different vulnerability than CVE-2005-0200. | |||||