Total
29868 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-1971 | 1 Oscar Fafian | 1 Video Gallery | 2025-04-03 | 5.0 MEDIUM | N/A |
| modules.php in PHP-Nuke Video Gallery Module 0.1 Beta 5 allows remote attackers to gain sensitive information via an HTTP request with an invalid (1) catid or (2) clipid parameter, which reveals the full path in an error message. | |||||
| CVE-2006-1404 | 1 Industrial Imagination | 1 Blankol | 2025-04-03 | 5.8 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in bol.cgi in BlankOL 1.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) file or (2) function parameter. | |||||
| CVE-2006-0058 | 1 Sendmail | 1 Sendmail | 2025-04-03 | 7.6 HIGH | N/A |
| Signal handler race condition in Sendmail 8.13.x before 8.13.6 allows remote attackers to execute arbitrary code by triggering timeouts in a way that causes the setjmp and longjmp function calls to be interrupted and modify unexpected memory locations. | |||||
| CVE-1999-0200 | 2025-04-03 | 10.0 HIGH | N/A | ||
| Windows NT FTP server (WFTP) with the guest account enabled without a password allows an attacker to log into the FTP server using any username and password. | |||||
| CVE-2006-0122 | 1 Aquifer Cms | 1 Aquifer Cms | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Public/Index.asp in Aquifer CMS allows remote attackers to inject arbitrary web script or HTML via the Keyword parameter. | |||||
| CVE-2005-4403 | 1 Qcm | 1 Marwel | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Marwel 2.7 and earlier allows remote attackers to execute arbitrary SQL commands via the show parameter. | |||||
| CVE-1999-1425 | 1 Sun | 1 Solstice Adminsuite | 2025-04-03 | 6.2 MEDIUM | N/A |
| Solaris Solstice AdminSuite (AdminSuite) 2.1 incorrectly sets write permissions on source files for NIS maps, which could allow local users to gain privileges by modifying /etc/passwd. | |||||
| CVE-1999-1491 | 1 Redhat | 1 Linux | 2025-04-03 | 7.2 HIGH | N/A |
| abuse.console in Red Hat 2.1 uses relative pathnames to find and execute the undrv program, which allows local users to execute arbitrary commands via a path that points to a Trojan horse program. | |||||
| CVE-2005-1084 | 1 Aewebworks | 1 Aedating | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in sdating.php in aeDating 3.2 allows remote attackers to execute arbitrary SQL commands files via the event parameter. | |||||
| CVE-2006-1825 | 1 Phplinks | 1 Phplinks | 2025-04-03 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in phpLinks 2.1.3.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the term parameter. | |||||
| CVE-2006-3675 | 1 Counterpane | 1 Passwordsafe | 2025-04-03 | 2.1 LOW | N/A |
| Password Safe 2.11, 2.16 and 3.0BETA1 does not respect the configuration settings for locking the password database when certain dialogue windows are open, which might allow attackers with physical access to obtain the database contents. | |||||
| CVE-2006-3654 | 1 Microsoft | 1 Works | 2025-04-03 | 2.6 LOW | N/A |
| Buffer overflow in wksss.exe 8.4.702.0 in Microsoft Works Spreadsheet 8.0 allows remote attackers to cause a denial of service (CPU consumption or crash) via crafted Excel files. | |||||
| CVE-2006-3184 | 1 Asp Stats Generator | 1 Asp Stats Generator | 2025-04-03 | 4.0 MEDIUM | N/A |
| Direct static code injection vulnerability in ASP Stats Generator before 2.1.2 allows remote authenticated attackers to execute arbitrary ASP code via the strAsgSknPageBgColour parameter to settings_skin.asp, which is stored in inc_skin_file.asp. | |||||
| CVE-2005-2002 | 1 Mambo | 1 Mambo | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in content.php in Mambo 4.5.2.2 and earlier allows remote attackers to execute arbitrary SQL commands via the user_rating parameter. | |||||
| CVE-2005-4150 | 1 Broadcom | 1 Cleverpath Portal | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the portal login page in Computer Associates CleverPath 4.7 allows remote attackers to execute Javascript via unknown vectors. | |||||
| CVE-1999-0235 | 1 Ncsa | 1 Ncsa Web Server | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in NCSA WebServer (1.4.1 and below) gives remote access. | |||||
| CVE-2003-1086 | 1 Pmachine | 2 Pmachine Free, Pmachine Pro | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in pm/lib.inc.php in pMachine Free and pMachine Pro 2.2 and 2.2.1 allows remote attackers to execute arbitrary PHP code by modifying the pm_path parameter to reference a URL on a remote web server that contains the code. | |||||
| CVE-2003-1088 | 1 Phpoutsourcing | 1 Zorum | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php for Zorum 3.4 and 3.5 allows remote attackers to inject arbitrary web script or HTML via the method parameter. | |||||
| CVE-2006-2024 | 1 Libtiff | 1 Libtiff | 2025-04-03 | 4.0 MEDIUM | N/A |
| Multiple vulnerabilities in libtiff before 3.8.1 allow context-dependent attackers to cause a denial of service via a TIFF image that triggers errors in (1) the TIFFFetchAnyArray function in (a) tif_dirread.c; (2) certain "codec cleanup methods" in (b) tif_lzw.c, (c) tif_pixarlog.c, and (d) tif_zip.c; (3) and improper restoration of setfield and getfield methods in cleanup functions within (e) tif_jpeg.c, tif_pixarlog.c, (f) tif_fax3.c, and tif_zip.c. | |||||
| CVE-2002-0158 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in Xsun on Solaris 2.6 through 8 allows local users to gain root privileges via a long -co (color database) command line argument. | |||||