Total
29868 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-1309 | 1 Eaden Mckee | 1 Bblog | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in bBlog 0.7.4 allows remote attackers to inject arbitrary web script or HTML via the (1) entry title field or (2) comment body text. | |||||
| CVE-2004-0782 | 1 Gnome | 2 Gdkpixbuf, Gtk | 2025-04-03 | 7.5 HIGH | N/A |
| Integer overflow in pixbuf_create_from_xpm (io-xpm.c) in the XPM image decoder for gtk+ 2.4.4 (gtk2) and earlier, and gdk-pixbuf before 0.22, allows remote attackers to execute arbitrary code via certain n_col and cpp values that enable a heap-based buffer overflow. NOTE: this identifier is ONLY for gtk+. It was incorrectly referenced in an advisory for a different issue (CVE-2004-0687). | |||||
| CVE-2006-4237 | 1 Invisionix Systems | 1 Invisionix Roaming System Remote | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in pageheaderdefault.inc.php in Invisionix Roaming System Remote (IRSR) 0.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the _sysSessionPath parameter. | |||||
| CVE-1999-1553 | 1 Xcmail | 1 Xcmail | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in XCmail 0.99.6 with autoquote enabled allows remote attackers to execute arbitrary commands via a long subject line. | |||||
| CVE-2005-1934 | 1 Rob Flynn | 1 Gaim | 2025-04-03 | 5.0 MEDIUM | N/A |
| Gaim before 1.3.1 allows remote attackers to cause a denial of service (crash) via a malformed MSN message that leads to a memory allocation of a large size, possibly due to an integer signedness error. | |||||
| CVE-1999-0316 | 1 Sam Lantinga | 1 Splitvt | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in Linux splitvt command gives root access to local users. | |||||
| CVE-2002-2056 | 1 Teekai | 1 Teekai Forum | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in TeeKai Forum 1.2 allows remote attackers to inject arbitrary web script or HTML via the valid_username_online cookie. | |||||
| CVE-1999-0764 | 1 Netbsd | 1 Netbsd | 2025-04-03 | 6.4 MEDIUM | N/A |
| NetBSD allows ARP packets to overwrite static ARP entries. | |||||
| CVE-2005-0190 | 1 Realnetworks | 2 Realone Player, Realplayer | 2025-04-03 | 2.6 LOW | N/A |
| Directory traversal vulnerability in RealPlayer 10.5 (6.0.12.1040) and earlier allows remote attackers to delete arbitrary files via a Real Metadata Packages (RMP) file with a FILENAME tag containing .. (dot dot) sequences in a filename that ends with a ? (question mark) and an allowed file extension (e.g. .mp3), which bypasses the check for the file extension. | |||||
| CVE-2001-0592 | 1 Watchguard | 1 Firebox Ii | 2025-04-03 | 5.0 MEDIUM | N/A |
| Watchguard Firebox II prior to 4.6 allows a remote attacker to create a denial of service in the kernel via a large stream (>10,000) of malformed ICMP or TCP packets. | |||||
| CVE-2003-0759 | 1 Ibm | 1 Db2 Universal Database | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in db2licm in IBM DB2 Universal Data Base 7.2 before Fixpak 10a allows local users to gain root privileges via a long command line argument. | |||||
| CVE-2002-0893 | 1 New Atlanta Communications | 1 Servletexec Isapi | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in NewAtlanta ServletExec ISAPI 4.1 allows remote attackers to read arbitrary files via a URL-encoded request to com.newatlanta.servletexec.JSP10Servlet containing "..%5c" (modified dot-dot) sequences. | |||||
| CVE-2000-0832 | 1 Oscar Nierstrasz | 1 Htgrep | 2025-04-03 | 5.0 MEDIUM | N/A |
| Htgrep CGI program allows remote attackers to read arbitrary files by specifying the full pathname in the hdr parameter. | |||||
| CVE-2000-0172 | 2 Matt Kimball And Roger Wolff, Turbolinux | 2 Mtr, Turbolinux | 2025-04-03 | 7.2 HIGH | N/A |
| The mtr program only uses a seteuid call when attempting to drop privileges, which could allow local users to gain root privileges. | |||||
| CVE-2005-4762 | 1 Bea | 1 Weblogic Server | 2025-04-03 | 7.2 HIGH | N/A |
| BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, 7.0 SP6 and earlier, and 6.1 SP7 and earlier sometimes stores the boot password in the registry in cleartext, which might allow local users to gain administrative privileges. | |||||
| CVE-1999-1234 | 1 Microsoft | 1 Windows Nt | 2025-04-03 | 5.0 MEDIUM | N/A |
| LSA (LSASS.EXE) in Windows NT 4.0 allows remote attackers to cause a denial of service via a NULL policy handle in a call to (1) SamrOpenDomain, (2) SamrEnumDomainUsers, and (3) SamrQueryDomainInfo. | |||||
| CVE-2005-4032 | 1 Hotcgiscripts | 1 Easy Search System | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in search.cgi in Easy Search System 1.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the q parameter. | |||||
| CVE-2006-1389 | 1 Hp | 1 Hp-ux | 2025-04-03 | 7.8 HIGH | N/A |
| Unspecified vulnerability in swagentd in HP-UX B.11.00, B.11.04, and B.11.11 allows remote attackers to cause a denial of service (application crash) via unspecified vectors. | |||||
| CVE-2004-0095 | 1 Mcafee | 1 Epolicy Orchestrator | 2025-04-03 | 5.0 MEDIUM | N/A |
| McAfee ePolicy Orchestrator agent allows remote attackers to cause a denial of service (memory consumption and crash) and possibly execute arbitrary code via an HTTP POST request with an invalid Content-Length value, possibly triggering a buffer overflow. | |||||
| CVE-2006-2325 | 1 Onlyscript.info | 1 Online Universal Payment System Script | 2025-04-03 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in OnlyScript.info Online Universal Payment System Script allows remote attackers to inject arbitrary web script or HTML via the read parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. Also, this issue might be resultant from directory traversal. | |||||