Total
29866 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-0336 | 1 Qualcomm | 1 Eudora | 2025-04-03 | 5.0 MEDIUM | N/A |
| Qualcomm Eudora 5.2.1 allows remote attackers to read arbitrary files via an email message with a carriage return (CR) character in a spoofed "Attachment Converted:" string, which is not properly handled by Eudora. | |||||
| CVE-2005-4289 | 1 Edatcat | 1 Edatcat Shopping Cart System | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in EDCstore.pl in eDatCat 0.3 allows remote attackers to inject arbitrary web script or HTML via the user_action parameter. | |||||
| CVE-2002-0968 | 1 Analogx | 1 Simpleserver Www | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in AnalogX SimpleServer:WWW 1.16 and earlier allows remote attackers to cause a denial of service (crash) and execute code via a long HTTP request method name. | |||||
| CVE-2002-1941 | 1 Radiobird Software | 1 Web Server 4 Everyone | 2025-04-03 | 5.0 MEDIUM | N/A |
| Buffer overflow in RadioBird WebServer 4 Everyone 1.28 allows remote attackers to cause a denial of service (crash) via a long HTTP GET request with the Host header set. | |||||
| CVE-2006-2044 | 1 Ip3 Networks | 1 Ip3 Netaccess 75 | 2025-04-03 | 7.5 HIGH | N/A |
| na-img-4.0.34.bin for the IP3 Networks NetAccess NA75 has a default username of admin and a default password of admin. | |||||
| CVE-2006-0088 | 1 Intouch | 1 Intouch | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in intouch.lib.php in inTouch 0.5.1 Alpha allows remote attackers to execute arbitrary SQL commands via the user parameter. | |||||
| CVE-2006-3996 | 1 Adaptive Technology Resource Centre | 1 Atutor | 2025-04-03 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in links/index.php in ATutor 1.5.3.1 and earlier allows remote authenticated users to execute arbitrary SQL commands via the (1) desc or (2) asc parameters. | |||||
| CVE-2005-1449 | 1 S9y | 1 Serendipity | 2025-04-03 | 10.0 HIGH | N/A |
| Unknown vulnerability in serendipity_config_local.inc.php for Serendipity before 0.8 has unknown impact. | |||||
| CVE-2006-4720 | 1 Mcgallery | 1 Mcgallery Pro | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in random2.php in mcGalleryPRO 2006 allows remote attackers to execute arbitrary PHP code via a URL in the path_to_folder parameter. | |||||
| CVE-2002-1888 | 1 Commonname | 1 Commonname Toolbar | 2025-04-03 | 2.1 LOW | N/A |
| CommonName Toolbar 3.5.2.0 sends unqualified domain name requests to the CommonName organization and possibly other web servers for name resolution, which allows those organizations to obtain internal server names. | |||||
| CVE-2001-0185 | 1 Netopia | 1 R9100 Router | 2025-04-03 | 5.0 MEDIUM | N/A |
| Netopia R9100 router version 4.6 allows authenticated users to cause a denial of service by using the router's telnet program to connect to the router's IP address, which causes a crash. | |||||
| CVE-2006-3076 | 1 Phpbluedragon | 1 Phpbluedragon Cms | 2025-04-03 | 6.4 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in software_upload/public_includes/pub_templates/vphptree/template.php in PhpBlueDragon CMS 2.9.1 allows remote attackers to execute arbitrary PHP code via a URL in the vsDragonRootPath parameter. | |||||
| CVE-2004-1998 | 1 Francisco Burzi | 1 Php-nuke | 2025-04-03 | 5.0 MEDIUM | N/A |
| The Downloads module in Php-Nuke 6.x through 7.2 allows remote attackers to gain sensitive information via an invalid show parameter to modules.php, which reveals the full path in a PHP error message. | |||||
| CVE-2002-0185 | 1 Apache | 1 Mod Python | 2025-04-03 | 7.5 HIGH | N/A |
| mod_python version 2.7.6 and earlier allows a module indirectly imported by a published module to then be accessed via the publisher, which allows remote attackers to call possibly dangerous functions from the imported module. | |||||
| CVE-2005-2278 | 1 Mailenable | 1 Mailenable Professional | 2025-04-03 | 7.2 HIGH | N/A |
| Stack-based buffer overflow in the IMAP daemon (imapd) in MailEnable Professional 1.54 allows remote authenticated users to execute arbitrary code via the status command with a long mailbox name. | |||||
| CVE-2004-1469 | 1 Peter D. Gray | 1 Sus | 2025-04-03 | 7.2 HIGH | N/A |
| Format string vulnerability in the log function in SUS 2.0.2, and other versions before 2.0.6, allows local users to execute arbitrary code via format string specifiers in a command line argument that is passed directly to syslog. | |||||
| CVE-2005-0610 | 1 Freebsd | 1 Freebsd | 2025-04-03 | 7.2 HIGH | N/A |
| Multiple symlink vulnerabilities in portupgrade before 20041226_2 in FreeBSD allow local users to (1) overwrite arbitrary files and possibly replace packages to execute arbitrary code via pkg_fetch, (2) overwrite arbitrary files via temporary files when portupgrade upgrades a port or package, or (3) create arbitrary zero-byte files via the pkgdb.fixme temporary file. | |||||
| CVE-2004-0701 | 1 Sun | 1 Ray Server Software | 2025-04-03 | 4.6 MEDIUM | N/A |
| Sun Ray Server Software (SRSS) 1.3 and 2.0 for Solaris 2.6, 7 and 8 does not properly detect a smartcard removal when the card is quickly removed, reinserted, and removed again, which could cause a user session to stay logged in and allow local users to gain unauthorized access. | |||||
| CVE-2005-0280 | 1 Jowood Productions | 1 Soldner Secret Wars | 2025-04-03 | 7.5 HIGH | N/A |
| Format string vulnerability in Soldner Secret Wars 30830 and earlier allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via format string specifiers in a message. | |||||
| CVE-1999-0479 | 2 Hp, Netscape | 2 Hp-ux, Enterprise Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Denial of service Netscape Enterprise Server with VirtualVault on HP-UX VVOS systems. | |||||