Total
29866 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-4295 | 1 Xigla | 1 Absolute Image Gallery Xe | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Absolute Image Gallery XE 2.x allows remote attackers to inject arbitrary web script or HTML via the text parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2001-0797 | 5 Hp, Ibm, Sco and 2 more | 6 Hp-ux, Aix, Openserver and 3 more | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin. | |||||
| CVE-2004-0530 | 1 Slackware | 1 Slackware Linux | 2025-04-03 | 7.2 HIGH | N/A |
| The PHP package in Slackware 8.1, 9.0, and 9.1, when linked against a static library, includes /tmp in the search path, which allows local users to execute arbitrary code as the PHP user by inserting shared libraries into the appropriate path. | |||||
| CVE-1999-1307 | 1 Novell | 1 Unixware | 2025-04-03 | 7.2 HIGH | N/A |
| Vulnerability in urestore in Novell UnixWare 1.1 allows local users to gain root privileges. | |||||
| CVE-2004-1508 | 1 Webcalendar | 1 Webcalendar | 2025-04-03 | 7.5 HIGH | N/A |
| init.php in WebCalendar allows remote attackers to execute arbitrary local PHP scripts via the user_inc parameter. | |||||
| CVE-2002-0154 | 1 Microsoft | 1 Sql Server | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflows in extended stored procedures for Microsoft SQL Server 7.0 and 2000 allow remote attackers to cause a denial of service or execute arbitrary code via a database query with certain long arguments. | |||||
| CVE-2006-2863 | 1 Cs-cart | 1 Cs-cart | 2025-04-03 | 5.1 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in class.cs_phpmailer.php in CS-Cart 1.3.3 allows remote attackers to execute arbitrary PHP code via a URL in the classes_dir parameter. | |||||
| CVE-2006-4134 | 1 Sap | 1 Internet Graphics Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability related to a "design flaw" in SAP Internet Graphics Service (IGS) 6.40 and earlier and 7.00 and earlier allows remote attackers to cause a denial of service (service shutdown) via certain HTTP requests. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended. | |||||
| CVE-2000-0227 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 2.1 LOW | N/A |
| The Linux 2.2.x kernel does not restrict the number of Unix domain sockets as defined by the wmem_max parameter, which allows local users to cause a denial of service by requesting a large number of sockets. | |||||
| CVE-2004-1871 | 1 Photopost | 1 Photopost Php Pro | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in PhotoPost PHP Pro 4.6.x and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) ppuser, (2) password, (3) stype, (4) perpage, (5) sort, (6) page, (7) si, or (8) cat parameters to showmembers.php, or the (9) photo name, (10) photo description, (11) album name, or (12) album description fields. | |||||
| CVE-1999-1262 | 1 Netscape | 1 Communicator | 2025-04-03 | 5.1 MEDIUM | N/A |
| Java in Netscape 4.5 does not properly restrict applets from connecting to other hosts besides the one from which the applet was loaded, which violates the Java security model and could allow remote attackers to conduct unauthorized activities. | |||||
| CVE-2002-0942 | 1 Lumigent | 1 Log Explorer | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflows in Lugiment Log Explorer before 3.02 allow attackers with database permissions to execute arbitrary code via long arguments to the extended stored procedures (1) xp_logattach_StartProf, (2) xp_logattach_setport, or (3) xp_logattach. | |||||
| CVE-2005-4164 | 1 Widgetmonkey | 1 Php-addressbook | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in view.php in PHP-addressbook 1.2 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2003-1300 | 1 Pablo Software Solutions | 1 Baby Ftp Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Baby FTP Server (BabyFTP) 1.2, and possibly other versions before May 31, 2003, allows remote attackers to cause a denial of service via a large number of connections from the same IP address, which triggers an access violation. | |||||
| CVE-2000-0333 | 2 Ethereal Group, Lbl | 2 Ethereal, Tcpdump | 2025-04-03 | 5.0 MEDIUM | N/A |
| tcpdump, Ethereal, and other sniffer packages allow remote attackers to cause a denial of service via malformed DNS packets in which a jump offset refers to itself, which causes tcpdump to enter an infinite loop while decompressing the packet. | |||||
| CVE-2006-0852 | 1 Devscripts | 1 Admbook | 2025-04-03 | 7.5 HIGH | N/A |
| Direct static code injection vulnerability in write.php in Admbook 1.2.2 and earlier allows remote attackers to execute arbitrary PHP code via the X-Forwarded-For HTTP header field, which is inserted into content-data.php. | |||||
| CVE-2002-0978 | 1 Microsoft | 1 File Transfer Manager | 2025-04-03 | 5.0 MEDIUM | N/A |
| Microsoft File Transfer Manager (FTM) ActiveX control before 4.0 allows remote attackers to upload or download arbitrary files to arbitrary locations via a man-in-the-middle attack with modified TGT and TGN parameters in a call to the "Persist" function. | |||||
| CVE-2004-0069 | 1 Hd Soft | 1 Windows Ftp Server | 2025-04-03 | 7.5 HIGH | N/A |
| Format string vulnerability in HD Soft Windows FTP Server 1.6 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the username, which is processed by the wscanf function. | |||||
| CVE-2001-0483 | 1 Symantec | 1 Raptor Firewall | 2025-04-03 | 7.5 HIGH | N/A |
| Configuration error in Axent Raptor Firewall 6.5 allows remote attackers to use the firewall as a proxy to access internal web resources when the http.noproxy Rule is not set. | |||||
| CVE-2006-3363 | 1 Xoops | 1 Xoops Glossaire Module | 2025-04-03 | 5.1 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in index.php in the Glossaire module 1.7 for Xoops allows remote attackers to execute arbitrary PHP code via a URL in the pa parameter. | |||||