Vulnerabilities (CVE)

Filtered by NVD-CWE-Other
Total 29866 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2005-1703 1 Black Cactus 1 Warrior Kings Battles 2025-04-03 5.0 MEDIUM N/A
Warrior Kings: Battles 1.23 and earlier allows remote attackers to cause a denial of service (server crash) via a partial join packet that triggers a NULL pointer dereference.
CVE-2001-0200 1 Heat-on Software 1 Hsweb 2025-04-03 5.0 MEDIUM N/A
HSWeb 2.0 HTTP server allows remote attackers to obtain the physical path of the server via a request to the /cgi/ directory, which will list the path if directory browsing is enabled.
CVE-2000-0893 1 Sgi 1 Irix 2025-04-03 5.0 MEDIUM N/A
The presence of the Distributed GL Daemon (dgld) service on port 5232 on SGI IRIX systems allows remote attackers to identify the target host as an SGI system.
CVE-2004-0550 1 Realnetworks 1 Realplayer 2025-04-03 7.5 HIGH N/A
Buffer overflow in Real Networks RealPlayer 10 allows remote attackers to execute arbitrary code via a URL with a large number of "." (period) characters.
CVE-2002-1478 1 The Cacti Group 1 Cacti 2025-04-03 10.0 HIGH N/A
Cacti before 0.6.8 allows attackers to execute arbitrary commands via the "Data Input" option in console mode.
CVE-2004-2160 1 Xmlstarlet 1 Command Line Xml Toolkit 2025-04-03 6.4 MEDIUM N/A
Format string vulnerability in xml_elem.c for XMLStarlet Command Line XML Toolkit 0.9.3 may allow attackers to cause a denial of service or execute arbitrary code.
CVE-2002-1692 1 Microsoft 1 Windows 95 2025-04-03 3.6 LOW N/A
Buffer overflow in backup utility of Microsoft Windows 95 allows attackers to execute arbitrary code by causing a filename with a long extension to be placed in a folder to be backed up.
CVE-2005-2992 1 Arc 1 Arc 2025-04-03 2.1 LOW N/A
arc 5.21j and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files, a different type of vulnerability than CVE-2005-2945.
CVE-2004-0408 1 Michael Bacarella 1 Ident2 2025-04-03 7.5 HIGH N/A
Buffer overflow in the child_service function in the ident2 ident daemon allows remote attackers to execute arbitrary code.
CVE-2004-2471 1 Jamesoff 1 Quoteengine 2025-04-03 7.5 HIGH N/A
SQL injection vulnerability in the sloth TCL script in QuoteEngine before 1.2.0 allow remote attackers to execute arbitrary SQL commands via unknown vectors.
CVE-1999-0164 1 Sun 1 Sunos 2025-04-03 6.2 MEDIUM N/A
A race condition in the Solaris ps command allows an attacker to overwrite critical files.
CVE-1999-0006 1 Qualcomm 1 Qpopper 2025-04-03 10.0 HIGH 9.8 CRITICAL
Buffer overflow in POP servers based on BSD/Qualcomm's qpopper allows remote attackers to gain root access using a long PASS command.
CVE-2003-0192 1 Apache 1 Http Server 2025-04-03 6.4 MEDIUM N/A
Apache 2 before 2.0.47, and certain versions of mod_ssl for Apache 1.3, do not properly handle "certain sequences of per-directory renegotiations and the SSLCipherSuite directive being used to upgrade from a weak ciphersuite to a strong one," which could cause Apache to use the weak ciphersuite.
CVE-2004-1060 2 Icmp, Tcp 2 Icmp, Tcp 2025-04-03 5.0 MEDIUM N/A
Multiple TCP/IP and ICMP implementations, when using Path MTU (PMTU) discovery (PMTUD), allow remote attackers to cause a denial of service (network throughput reduction for TCP connections) via forged ICMP ("Fragmentation Needed and Don't Fragment was Set") packets with a low next-hop MTU value, aka the "Path MTU discovery attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities.
CVE-2005-1292 1 Elemental Software 1 Cartwiz 2025-04-03 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in CartWIZ ASP Cart allow remote attackers to inject arbitrary web script or HTML via the idProduct parameter to (1) tellAFriend.asp or (2) addToWishlist.asp, redirect parameter to (3) access.asp or (4) login.asp, message parameter to (5) login.asp or (6) error.asp, or (7) sku or (8) name parameter to searchResults.asp.
CVE-2002-0139 1 Pi-soft 1 Spoonftp 2025-04-03 7.5 HIGH N/A
Pi-Soft SpoonFTP 1.1 and earlier allows remote attackers to redirect traffic to other sites (aka FTP bounce) via the PORT command.
CVE-2005-3264 1 Zeroblog 1 Zeroblog 2025-04-03 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in thread.php for Zeroblog 1.1f and 1.2a allows remote attackers to inject arbitrary web script or HTML via the threadID parameter.
CVE-2005-2392 1 Cmsmadesimple 1 Cms Made Simple 2025-04-03 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in index.php for CMSimple 2.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter in the search function.
CVE-2004-1631 1 Openwfe 1 Work Flow Engine 2025-04-03 5.0 MEDIUM N/A
Open WorkFlow Engine (OpenWFE) 1.4.x allows remote attackers to conduct port scans of remote hosts by specifying the target in an rmi:// Worklist URL, then using the response times to infer the results.
CVE-2001-0769 1 Steve Poulsen 1 Guildftpd 2025-04-03 5.0 MEDIUM N/A
Memory leak in GuildFTPd Server 0.97 allows remote attackers to cause a denial of service via a request containing a null character.