Total
29867 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-2448 | 1 Ekg | 1 Ekg | 2025-04-03 | 5.0 MEDIUM | N/A |
| Multiple "endianness errors" in libgadu in ekg before 1.6rc2 allow remote attackers to cause a denial of service (invalid behavior in applications) on big-endian systems. | |||||
| CVE-2004-0414 | 5 Cvs, Gentoo, Openbsd and 2 more | 5 Cvs, Linux, Openbsd and 2 more | 2025-04-03 | 10.0 HIGH | N/A |
| CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle malformed "Entry" lines, which prevents a NULL terminator from being used and may lead to a denial of service (crash), modification of critical program data, or arbitrary code execution. | |||||
| CVE-2002-0877 | 1 Evolvable Corporation | 1 Shambala Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the FTP server for Shambala 4.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the (1) LIST (ls) or (2) GET commands. | |||||
| CVE-2004-2259 | 1 Beasts | 1 Vsftpd | 2025-04-03 | 5.0 MEDIUM | N/A |
| vsftpd before 1.2.2, when under heavy load, allows attackers to cause a denial of service (crash) via a SIGCHLD signal during a malloc or free call, which is not re-entrant. | |||||
| CVE-2002-0953 | 1 Php Address | 1 Php Address | 2025-04-03 | 7.5 HIGH | N/A |
| globals.php in PHP Address before 0.2f, with the PHP allow_url_fopen and register_globals variables enabled, allows remote attackers to execute arbitrary PHP code via a URL to the code in the LangCookie parameter. | |||||
| CVE-2005-1045 | 1 Centrinity | 1 Centrinity Firstclass Desktop Client | 2025-04-03 | 7.5 HIGH | N/A |
| OpenText FirstClass 8.0 client does not properly sanitize strings before passing them to the Windows ShellExecute API, which allows remote attackers to execute arbitrary commands via a UNC path in a bookmark. | |||||
| CVE-2001-0715 | 1 Sendmail | 1 Sendmail | 2025-04-03 | 2.1 LOW | N/A |
| Sendmail before 8.12.1, without the RestrictQueueRun option enabled, allows local users to obtain potentially sensitive information about the mail queue by setting debugging flags to enable debug mode. | |||||
| CVE-2006-4060 | 1 Web-scripts | 1 Visual Events Calendar | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in calendar.php in Visual Events Calendar 1.1 allows remote attackers to execute arbitrary PHP code via a URL in the cfg_dir parameter. | |||||
| CVE-2005-2537 | 1 Flatnuke | 1 Flatnuke | 2025-04-03 | 5.0 MEDIUM | N/A |
| FlatNuke 2.5.5 and possibly earlier versions allows remote attackers to obtain sensitive information via a direct request to structure.php. | |||||
| CVE-2000-0180 | 1 Generation Terrorists Designs And Concepts | 1 Sojourn | 2025-04-03 | 5.0 MEDIUM | N/A |
| Sojourn search engine allows remote attackers to read arbitrary files via a .. (dot dot) attack. | |||||
| CVE-2004-2034 | 1 Wildtangent | 1 Webdriver | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the (1) WTHoster and (2) WebDriver modules in WildTangent Web Driver 4.0 allows remote attackers to execute arbitrary code via a long filename. | |||||
| CVE-2006-4437 | 1 Venture Nine | 1 Tagger Le | 2025-04-03 | 7.5 HIGH | N/A |
| Eval injection vulnerability in Tagger LE allows remote attackers to execute arbitrary PHP code via the query string in (1) tags.php, (2) sign.php, and (3) admin/index.php. | |||||
| CVE-2000-0733 | 1 Sgi | 1 Irix | 2025-04-03 | 10.0 HIGH | N/A |
| Telnetd telnet server in IRIX 5.2 through 6.1 does not properly cleans user-injected format strings, which allows remote attackers to execute arbitrary commands via a long RLD variable in the IAC-SB-TELOPT_ENVIRON request. | |||||
| CVE-2005-3904 | 1 Sun | 2 Jdk, Jre | 2025-04-03 | 7.5 HIGH | N/A |
| Unspecified vulnerability in Java Management Extensions (JMX) in Java JDK and JRE 5.0 Update 3, 1.4.2 and later, 1.3.1 and later allows remote attackers to escape the Java sandbox and access arbitrary files or execute arbitrary application via unknown attack vectors. | |||||
| CVE-2006-1951 | 1 Solarwinds | 1 Tftp Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in SolarWinds TFTP Server 8.1 and earlier allows remote attackers to download arbitrary files via a crafted GET request including "....//" sequences, which are collapsed into "../" sequences by filtering. | |||||
| CVE-2003-0062 | 1 Eset Software | 1 Nod32 Antivirus | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in Eset Software NOD32 for UNIX before 1.013 allows local users to execute arbitrary code via a long path name. | |||||
| CVE-2004-2663 | 1 Ibm | 1 Egatherer | 2025-04-03 | 7.5 HIGH | N/A |
| The (1) SetDebugging and (2) RunEgatherer methods in IBM Access Support eGatherer ActiveX control 2.0.0.16 allow remote attackers to create files with arbitrary content, as demonstrated by creating a .hta file in a Startup folder. | |||||
| CVE-2001-1553 | 1 University Of California | 1 Seti At Home | 2025-04-03 | 4.6 MEDIUM | N/A |
| Buffer overflow in setiathome for SETI@home 3.03, if installed setuid, could allow local users to execute arbitrary code via long command line options (1) socks_server, (2) socks_user, and (3) socks_passwd. NOTE: since the default configuration of setiathome is not setuid, perhaps this issue should not be included in CVE. | |||||
| CVE-2004-2281 | 1 Ibm | 1 Lotus Notes | 2025-04-03 | 10.0 HIGH | N/A |
| Multiple unknown vulnerabilities in IBM Lotus Notes 6.5.x before 6.5.4 and 6.0.x before 6.0.5 have unknown impact and attack vectors, related to Java applets, as identified by (1) KSPR5YS6GR and (2) KSPR62F4D3. | |||||
| CVE-2005-4375 | 1 Box Uk | 1 Amaxus | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Amaxus 3 and earlier allows remote attackers to inject arbitrary web script or HTML via the change parameter. NOTE: it is possible that this is resultant from CVE-2005-4376. | |||||