Total
29866 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-3052 | 1 Jportal | 1 Jportal Web Portal | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in module/down.inc.php in jportal 2.3.1 allows remote attackers to execute arbitrary SQL commands via the search field to download.php. | |||||
| CVE-2005-0308 | 1 Ursoftware | 1 W32dasm | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the wsprintf function in W32Dasm 8.93 and earlier allows remote attackers to execute arbitrary code via a large import or export function name. | |||||
| CVE-2001-1170 | 1 Amtote International | 1 Homebet | 2025-04-03 | 5.0 MEDIUM | N/A |
| AmTote International homebet program stores the homebet.log file in the homebet/ virtual directory, which allows remote attackers to steal account and PIN numbers. | |||||
| CVE-2002-0970 | 1 Kde | 2 Kde, Konqueror | 2025-04-03 | 7.5 HIGH | N/A |
| The SSL capability for Konqueror in KDE 3.0.2 and earlier does not verify the Basic Constraints for an intermediate CA-signed certificate, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack. | |||||
| CVE-2004-1067 | 3 Carnegie Mellon University, Redhat, Ubuntu | 3 Cyrus Imap Server, Fedora Core, Ubuntu Linux | 2025-04-03 | 10.0 HIGH | N/A |
| Off-by-one error in the mysasl_canon_user function in Cyrus IMAP Server 2.2.9 and earlier leads to a buffer overflow, which may allow remote attackers to execute arbitrary code via the username. | |||||
| CVE-2006-0922 | 1 Devellion | 1 Cubecart | 2025-04-03 | 5.0 MEDIUM | N/A |
| CubeCart 3.0 through 3.6 does not properly check authorization for an administration session because of a missing auth.inc.php include, which results in an absolute path traversal vulnerability in FileUpload in connector.php (aka upload.php) that allows remote attackers to upload arbitrary files via a modified CurrentFolder parameter in a direct request to admin/filemanager/upload.php. | |||||
| CVE-2005-1176 | 1 Ibm | 1 Aix | 2025-04-03 | 1.2 LOW | N/A |
| Race condition in JFS2 on AIX 5.2 and 5.3, when deleting a file while I/O is still occurring for that file, may write data to a different file, which could leak sensitive information. | |||||
| CVE-2005-0158 | 1 Bidwatcher | 1 Bidwatcher | 2025-04-03 | 7.5 HIGH | N/A |
| Format string vulnerability in bidwatcher before 1.3.17 allows remote malicious web servers from eBay, or a spoofed eBay server, to cause a denial of service and possibly execute arbitrary code via certain responses. | |||||
| CVE-2005-4475 | 1 Alkacon | 1 Opencms | 2025-04-03 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in OpenCms 6.0.3 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters. | |||||
| CVE-2000-0507 | 1 Concatus | 1 Imate Webmail Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Imate Webmail Server 2.5 allows remote attackers to cause a denial of service via a long HELO command. | |||||
| CVE-2005-3270 | 1 Symantec | 1 Norton Antivirus | 2025-04-03 | 7.2 HIGH | N/A |
| Untrusted search path vulnerability in DiskMountNotify for Symantec Norton AntiVirus 9.0.3 allows local users to gain privileges by modifying the PATH to reference a malicious (1) ps or (2) grep file. | |||||
| CVE-2001-0229 | 1 Sun | 1 Chilisoft | 2025-04-03 | 7.2 HIGH | N/A |
| Chili!Soft ASP for Linux before 3.6 does not properly set group privileges when running in inherited mode, which could allow attackers to gain privileges via malicious scripts. | |||||
| CVE-2006-4664 | 1 Premod Shadow | 1 Premod Shadow | 2025-04-03 | 5.1 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in includes/functions_portal.php in Premod Shadow 2.7.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | |||||
| CVE-2006-2542 | 1 Ti Kan | 1 Xmcd | 2025-04-03 | 2.1 LOW | N/A |
| xmcdconfig in xmcd for Debian GNU/Linux 2.6-17.1 creates /var/lib/cddb and /var/lib/xmcd/discog with world writable permissions, which allows local users to cause a denial of service (disk consumption). | |||||
| CVE-2005-1284 | 1 Argosoft | 1 Argosoft Mail Server | 2025-04-03 | 7.5 HIGH | N/A |
| The addnew script in Argosoft Mail Server Pro 1.8.7.6 allows remote attackers to create arbitrary accounts, even if "Allow Creation of Accounts From the Web Interface" is disabled, via a direct HTTP POST request. | |||||
| CVE-2005-4611 | 1 Phpfreebies.com | 1 Free Clickbank | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in search.php in Free ClickBank 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the keywords parameter. | |||||
| CVE-2006-0327 | 1 Typo3 | 1 Typo3 | 2025-04-03 | 5.0 MEDIUM | N/A |
| TYPO3 3.7.1 allows remote attackers to obtain sensitive information via a direct request to (1) thumbs.php, (2) showpic.php, or (3) tables.php, which causes them to incorrectly define a variable and reveal the path in an error message when a require function call fails. | |||||
| CVE-2004-1093 | 6 Debian, Gentoo, Midnight Commander and 3 more | 8 Debian Linux, Linux, Midnight Commander and 5 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "use of already freed memory." | |||||
| CVE-2002-1389 | 1 Typespeed | 1 Typespeed | 2025-04-03 | 4.6 MEDIUM | N/A |
| Buffer overflow in typespeed 0.4.2 and earlier allows local users to gain privileges via long input. | |||||
| CVE-2005-1718 | 1 Ls Games | 1 War Times | 2025-04-03 | 5.0 MEDIUM | N/A |
| Buffer overflow in LS Games War Times 1.03 and earlier allows remote attackers to cause a denial of service (server crash) via a long nickname. | |||||