Total
29867 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-0175 | 1 Sgi | 1 Irix | 2025-04-03 | 2.1 LOW | N/A |
| SGI IRIX before 6.5.21 allows local users to cause a denial of service (kernel panic) via a certain call to the PIOCSWATCH ioctl. | |||||
| CVE-2002-1019 | 1 Adobe | 1 Adobe Content Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| The library feature for Adobe Content Server 3.0 allows a remote attacker to check out an eBook for an arbitrary length of time via a modified loanMin parameter to download.asp. | |||||
| CVE-2003-0959 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 10.0 HIGH | N/A |
| Multiple integer overflows in the 32bit emulation for AMD64 architectures in Linux 2.4 kernel before 2.4.21 allows attackers to cause a denial of service or gain root privileges via unspecified vectors that trigger copy_from_user function calls with improper length arguments. | |||||
| CVE-2001-1365 | 1 Osi Codes Inc. | 1 Intragnat | 2025-04-03 | 7.5 HIGH | N/A |
| Vulnerability in IntraGnat before 1.4. | |||||
| CVE-2005-4717 | 1 Microsoft | 6 Ie, Internet Explorer, Windows 2000 and 3 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| Microsoft Internet Explorer 6.0 on Windows NT 4.0 SP6a, Windows 2000 SP4, Windows XP SP1, Windows XP SP2, and Windows Server 2003 SP1 allows remote attackers to cause a denial of service (client crash) via a certain combination of a malformed HTML file and a CSS file that triggers a null dereference, probably related to rendering of a DIV element that contains a malformed IMG tag, as demonstrated by IEcrash.htm and IEcrash.rar. | |||||
| CVE-2005-3566 | 1 Symantec Veritas | 4 Cluster Server, Sanpoint Control Quickstart, Storage Foundation and 1 more | 2025-04-03 | 4.3 MEDIUM | N/A |
| Buffer overflow in various ha commands of VERITAS Cluster Server for UNIX before 4.0MP2 allows local users to execute arbitrary code via a long VCSI18N_LANG environment variable to (1) haagent, (2) haalert, (3) haattr, (4) hacli, (5) hacli_runcmd, (6) haclus, (7) haconf, (8) hadebug, (9) hagrp, (10) hahb, (11) halog, (12) hareg, (13) hares, (14) hastatus, (15) hasys, (16) hatype, (17) hauser, and (18) tststew. | |||||
| CVE-2000-0635 | 1 Akopia | 1 Minivend | 2025-04-03 | 7.5 HIGH | N/A |
| The view_page.html sample page in the MiniVend shopping cart program allows remote attackers to execute arbitrary commands via shell metacharacters. | |||||
| CVE-2004-2550 | 1 Xperience | 1 Sandsurfer | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in unspecified Perl scripts in SandSurfer before 1.7.1 allow remote attackers to inject arbitrary web script or HTML, which is later executed by a target who views reports containing the injected data. | |||||
| CVE-2006-3624 | 1 Flv | 1 Flv Player | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in FLV Players 8 allow remote attackers to inject arbitrary web script or HTML via the url parameter to (1) player.php or (2) popup.php. | |||||
| CVE-2004-2577 | 1 Phpgroupware | 1 Phpgroupware | 2025-04-03 | 5.0 MEDIUM | N/A |
| The acl_check function in phpGroupWare 0.9.16RC2 always returns True, even when mkdir does not behave as expected, which could allow remote attackers to obtain sensitive information via WebDAV from users' home directories that lack .htaccess files, and possibly has other unknown impacts. | |||||
| CVE-2006-0992 | 1 Novell | 1 Groupwise Messenger | 2025-04-03 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in Novell GroupWise Messenger before 2.0 Public Beta 2 allows remote attackers to execute arbitrary code via a long Accept-Language value without a comma or semicolon. NOTE: due to a typo, the original ZDI advisory accidentally referenced CVE-2006-0092. This is the correct identifier. | |||||
| CVE-2006-1998 | 1 Openttd | 1 Openttd | 2025-04-03 | 2.1 LOW | N/A |
| OpenTTD 0.4.7 and earlier allows local users to cause a denial of service (application exit) via a large invalid error number, which triggers an error. | |||||
| CVE-2004-2353 | 1 Incogen | 1 Bugport | 2025-04-03 | 5.0 MEDIUM | N/A |
| BugPort before 1.099 stores its configuration file (conf/config.conf) under the web document root with a file extension that is not normally parsed by web servers, which allows remote attackers to obtain sensitive information. | |||||
| CVE-2003-0954 | 1 Ibm | 1 Aix | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in rcp for AIX 4.3.3, 5.1 and 5.2 allows local users to gain privileges. | |||||
| CVE-2006-3202 | 1 Netbsd | 1 Netbsd | 2025-04-03 | 4.9 MEDIUM | N/A |
| The ip6_savecontrol function in NetBSD 2.0 through 3.0, under certain configurations, does not check to see if IPv4-mapped sockets are being used before processing IPv6 socket options, which allows local users to cause a denial of service (crash) by creating an IPv4-mapped IPv6 socket with the SO_TIMESTAMP socket option set, then sending an IPv4 packet through the socket. | |||||
| CVE-2006-0838 | 1 Micromuse | 1 Netcool Neusecure | 2025-04-03 | 2.1 LOW | N/A |
| IBM Tivoli Micromuse Netcool/NeuSecure 3.0.236 stores cleartext passwords in the (1) CMS_DBPASS, (2) CMSM_DBPASS, and (3) RPT_DBPASS fields in /etc/neusecure.conf, and in (4) /opt/NeuSecure/bin/ns_archiver.log, which allows local users to gain privileges. NOTE: IBM has privately confirmed to CVE that a fix is available for these issues. | |||||
| CVE-2004-1110 | 2 Gentoo, Jean-jacques Sarton | 2 Linux, Mtink | 2025-04-03 | 2.1 LOW | N/A |
| The mtink status monitor before 1.0.5 for Epson printers allows local users to overwrite arbitrary files via a symlink attack on the epson temporary file. | |||||
| CVE-2005-1463 | 1 Ethereal Group | 1 Ethereal | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple format string vulnerabilities in the (1) DHCP and (2) ANSI A dissectors in Ethereal before 0.10.11 may allow remote attackers to execute arbitrary code. | |||||
| CVE-2005-1145 | 1 Calendarscript | 1 Calendarscript | 2025-04-03 | 4.3 MEDIUM | N/A |
| NOTE: this issue has been disputed by the vendor. Cross-site scripting (XSS) vulnerability in calendar.pl in CalendarScript 3.20 allows remote attackers to inject arbitrary web script or HTML via the template parameter, a different vulnerability than CVE-2005-1146 | |||||
| CVE-2005-2868 | 1 Ziptorrent | 1 Ziptorrent | 2025-04-03 | 2.1 LOW | N/A |
| ZipTorrent 1.3.7.3 stores sensitive information in plaintext in the pref.txt file, which allows local users to obtain sensitive information such as proxy server information and passwords. | |||||