Total
29866 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-1703 | 1 Black Cactus | 1 Warrior Kings Battles | 2025-04-03 | 5.0 MEDIUM | N/A |
| Warrior Kings: Battles 1.23 and earlier allows remote attackers to cause a denial of service (server crash) via a partial join packet that triggers a NULL pointer dereference. | |||||
| CVE-2001-0200 | 1 Heat-on Software | 1 Hsweb | 2025-04-03 | 5.0 MEDIUM | N/A |
| HSWeb 2.0 HTTP server allows remote attackers to obtain the physical path of the server via a request to the /cgi/ directory, which will list the path if directory browsing is enabled. | |||||
| CVE-2000-0893 | 1 Sgi | 1 Irix | 2025-04-03 | 5.0 MEDIUM | N/A |
| The presence of the Distributed GL Daemon (dgld) service on port 5232 on SGI IRIX systems allows remote attackers to identify the target host as an SGI system. | |||||
| CVE-2004-0550 | 1 Realnetworks | 1 Realplayer | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in Real Networks RealPlayer 10 allows remote attackers to execute arbitrary code via a URL with a large number of "." (period) characters. | |||||
| CVE-2002-1478 | 1 The Cacti Group | 1 Cacti | 2025-04-03 | 10.0 HIGH | N/A |
| Cacti before 0.6.8 allows attackers to execute arbitrary commands via the "Data Input" option in console mode. | |||||
| CVE-2004-2160 | 1 Xmlstarlet | 1 Command Line Xml Toolkit | 2025-04-03 | 6.4 MEDIUM | N/A |
| Format string vulnerability in xml_elem.c for XMLStarlet Command Line XML Toolkit 0.9.3 may allow attackers to cause a denial of service or execute arbitrary code. | |||||
| CVE-2002-1692 | 1 Microsoft | 1 Windows 95 | 2025-04-03 | 3.6 LOW | N/A |
| Buffer overflow in backup utility of Microsoft Windows 95 allows attackers to execute arbitrary code by causing a filename with a long extension to be placed in a folder to be backed up. | |||||
| CVE-2005-2992 | 1 Arc | 1 Arc | 2025-04-03 | 2.1 LOW | N/A |
| arc 5.21j and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files, a different type of vulnerability than CVE-2005-2945. | |||||
| CVE-2004-0408 | 1 Michael Bacarella | 1 Ident2 | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the child_service function in the ident2 ident daemon allows remote attackers to execute arbitrary code. | |||||
| CVE-2004-2471 | 1 Jamesoff | 1 Quoteengine | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the sloth TCL script in QuoteEngine before 1.2.0 allow remote attackers to execute arbitrary SQL commands via unknown vectors. | |||||
| CVE-1999-0164 | 1 Sun | 1 Sunos | 2025-04-03 | 6.2 MEDIUM | N/A |
| A race condition in the Solaris ps command allows an attacker to overwrite critical files. | |||||
| CVE-1999-0006 | 1 Qualcomm | 1 Qpopper | 2025-04-03 | 10.0 HIGH | 9.8 CRITICAL |
| Buffer overflow in POP servers based on BSD/Qualcomm's qpopper allows remote attackers to gain root access using a long PASS command. | |||||
| CVE-2003-0192 | 1 Apache | 1 Http Server | 2025-04-03 | 6.4 MEDIUM | N/A |
| Apache 2 before 2.0.47, and certain versions of mod_ssl for Apache 1.3, do not properly handle "certain sequences of per-directory renegotiations and the SSLCipherSuite directive being used to upgrade from a weak ciphersuite to a strong one," which could cause Apache to use the weak ciphersuite. | |||||
| CVE-2004-1060 | 2 Icmp, Tcp | 2 Icmp, Tcp | 2025-04-03 | 5.0 MEDIUM | N/A |
| Multiple TCP/IP and ICMP implementations, when using Path MTU (PMTU) discovery (PMTUD), allow remote attackers to cause a denial of service (network throughput reduction for TCP connections) via forged ICMP ("Fragmentation Needed and Don't Fragment was Set") packets with a low next-hop MTU value, aka the "Path MTU discovery attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities. | |||||
| CVE-2005-1292 | 1 Elemental Software | 1 Cartwiz | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in CartWIZ ASP Cart allow remote attackers to inject arbitrary web script or HTML via the idProduct parameter to (1) tellAFriend.asp or (2) addToWishlist.asp, redirect parameter to (3) access.asp or (4) login.asp, message parameter to (5) login.asp or (6) error.asp, or (7) sku or (8) name parameter to searchResults.asp. | |||||
| CVE-2002-0139 | 1 Pi-soft | 1 Spoonftp | 2025-04-03 | 7.5 HIGH | N/A |
| Pi-Soft SpoonFTP 1.1 and earlier allows remote attackers to redirect traffic to other sites (aka FTP bounce) via the PORT command. | |||||
| CVE-2005-3264 | 1 Zeroblog | 1 Zeroblog | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in thread.php for Zeroblog 1.1f and 1.2a allows remote attackers to inject arbitrary web script or HTML via the threadID parameter. | |||||
| CVE-2005-2392 | 1 Cmsmadesimple | 1 Cms Made Simple | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php for CMSimple 2.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter in the search function. | |||||
| CVE-2004-1631 | 1 Openwfe | 1 Work Flow Engine | 2025-04-03 | 5.0 MEDIUM | N/A |
| Open WorkFlow Engine (OpenWFE) 1.4.x allows remote attackers to conduct port scans of remote hosts by specifying the target in an rmi:// Worklist URL, then using the response times to infer the results. | |||||
| CVE-2001-0769 | 1 Steve Poulsen | 1 Guildftpd | 2025-04-03 | 5.0 MEDIUM | N/A |
| Memory leak in GuildFTPd Server 0.97 allows remote attackers to cause a denial of service via a request containing a null character. | |||||
