Total
29867 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-0951 | 1 Eset Software | 1 Nod32 Antivirus | 2025-04-03 | 7.2 HIGH | N/A |
| The GUI (nod32.exe) in NOD32 2.5 runs with SYSTEM privileges when the scheduler runs a scheduled on-demand scan, which allows local users to execute arbitrary code during a scheduled scan via unspecified attack vectors. | |||||
| CVE-2006-0611 | 1 Atmail | 1 Atmail | 2025-04-03 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in compose.pl in @Mail 4.3 and earlier for Windows allows remote attackers to upload arbitrary files to arbitrary locations via a .. (dot dot) in the unique parameter. | |||||
| CVE-2004-2437 | 1 Php Fusion | 1 Php Fusion | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in PHP-Fusion 4.01 allows remote attackers to execute arbitrary SQL commands via the rowstart parameter to (1) index.php or (2) members.php, or (3) the comment_id parameter to comments.php. | |||||
| CVE-2006-2078 | 1 Furukawa Electric | 2 Fitelnet, Mucho-ev Pk | 2025-04-03 | 7.8 HIGH | N/A |
| Multiple unspecified vulnerabilities in multiple FITELnet products, including FITELnet-F40, F80, F100, F120, F1000, and E20/E30, allow remote attackers to cause a denial of service via crafted DNS messages that trigger errors in (1) ProxyDNS or (2) PKI-Resolver, as demonstrated by the OUSPG PROTOS DNS test suite. | |||||
| CVE-2005-2786 | 1 Cosmoshop | 1 Cosmoshop | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in bestmail_edit.cgi in cosmoshop 8.10.78 and earlier allows remote administrators to read arbitrary files via ".." sequences in the file parameter. | |||||
| CVE-2003-0171 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | 7.2 HIGH | N/A |
| DirectoryServices in MacOS X trusts the PATH environment variable to locate and execute the touch command, which allows local users to execute arbitrary commands by modifying the PATH to point to a directory containing a malicious touch program. | |||||
| CVE-2006-2665 | 1 V-webmail | 1 V-webmail | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in includes/mailaccess/pop3/core.php in V-Webmail 1.3 allows remote attackers to execute arbitrary PHP code via a URL in the CONFIG[pear_dir] parameter. | |||||
| CVE-2005-3657 | 1 Mcafee | 2 Mcinsctl.dll, Virusscan Security Center | 2025-04-03 | 5.0 MEDIUM | N/A |
| The ActiveX control in MCINSCTL.DLL for McAfee VirusScan Security Center does not use the IObjectSafetySiteLock API to restrict access to required domains, which allows remote attackers to create or append to arbitrary files via the StartLog and AddLog methods in the MCINSTALL.McLog object. | |||||
| CVE-1999-0424 | 1 Netscape | 1 Communicator | 2025-04-03 | 2.1 LOW | N/A |
| talkback in Netscape 4.5 allows a local user to overwrite arbitrary files of another user whose Netscape crashes. | |||||
| CVE-2006-4768 | 1 Stefan Ernst | 1 Newsscript | 2025-04-03 | 5.0 MEDIUM | N/A |
| Multiple direct static code injection vulnerabilities in add_go.php in Stefan Ernst Newsscript (aka WM-News) 0.5 beta allow remote attackers to execute arbitrary PHP code via the (1) description, (2) issue, (3) title, (4) var, (5) name, (6) keywords, and (7) note parameters, which are stored in an article file. NOTE: the original source of this vulnerability is unknown; the details are obtained from third party information and CVE post-disclosure analysis. | |||||
| CVE-2005-1497 | 1 Mywebland | 1 Mybloggie | 2025-04-03 | 5.0 MEDIUM | N/A |
| index.php in myBloggie 2.1.1 allows remote attackers to obtain sensitive information via an invalid post_id parameter, which reveals the path in an error message. | |||||
| CVE-2003-1292 | 1 Ashwebstudio | 1 Ashnews | 2025-04-03 | 5.0 MEDIUM | N/A |
| PHP remote file include vulnerability in Derek Ashauer ashNews 0.83 allows remote attackers to include and execute arbitrary remote files via a URL in the pathtoashnews parameter to (1) ashnews.php and (2) ashheadlines.php. | |||||
| CVE-1999-0297 | 5 Bsdi, Freebsd, Netbsd and 2 more | 5 Bsd Os, Freebsd, Netbsd and 2 more | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in Vixie Cron library up to version 3.0 allows local users to obtain root access via a long environmental variable. | |||||
| CVE-2006-2647 | 1 Ibm | 1 Aix | 2025-04-03 | 7.2 HIGH | N/A |
| Untrusted search path vulnerability in update_flash for IBM AIX 5.1, 5.2 and 5.3 allows local users to execute arbitrary commands via unknown vectors involving lsmcode and possibly other commands. | |||||
| CVE-2000-0679 | 1 Cvs | 1 Cvs | 2025-04-03 | 2.1 LOW | N/A |
| The CVS 1.10.8 client trusts pathnames that are provided by the CVS server, which allows the server to force the client to create arbitrary files. | |||||
| CVE-2004-2726 | 1 Mailenable | 1 Mailenable | 2025-04-03 | 5.0 MEDIUM | N/A |
| HTTPMail service in MailEnable Professional 1.18 does not properly handle arguments to the Authorization header, which allows remote attackers to cause a denial of service (null dereference and application crash). NOTE: This is a different vulnerability than CVE-2005-1348. | |||||
| CVE-2006-3810 | 1 Mozilla | 3 Firefox, Seamonkey, Thunderbird | 2025-04-03 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to inject arbitrary web script or HTML via the XPCNativeWrapper(window).Function construct. | |||||
| CVE-2005-4548 | 1 Rws | 1 Statistics Counter | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the "user area" in RWS Statistics Counter before 2.4.1 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | |||||
| CVE-1999-0765 | 1 Sgi | 1 Irix | 2025-04-03 | 10.0 HIGH | N/A |
| SGI IRIX midikeys program allows local users to modify arbitrary files via a text editor. | |||||
| CVE-2001-1400 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 2.1 LOW | N/A |
| Unknown vulnerabilities in the UDP port allocation for Linux kernel before 2.2.19 could allow local users to cause a denial of service (deadlock). | |||||