Total
29864 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-3964 | 1 Integrated Computer Solutions | 1 Openmotif | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple buffer overflows in libUil (libUil.so) in OpenMotif 2.2.3, and possibly other versions, allows attackers to execute arbitrary code via the (1) diag_issue_diagnostic function in UilDiags.c and (2) open_source_file function in UilSrcSrc.c. | |||||
| CVE-2003-0348 | 1 Microsoft | 1 Windows Media Player | 2025-04-03 | 6.4 MEDIUM | N/A |
| A certain Microsoft Windows Media Player 9 Series ActiveX control allows remote attackers to view and manipulate the Media Library on the local system via HTML script. | |||||
| CVE-2005-0144 | 1 Mozilla | 2 Firefox, Mozilla | 2025-04-03 | 2.6 LOW | N/A |
| Firefox before 1.0 and Mozilla before 1.7.5 display the secure site lock icon when a view-source: URL references a secure SSL site while an insecure page is being loaded, which could facilitate phishing attacks. | |||||
| CVE-2005-4316 | 1 Hp | 1 Hp-ux | 2025-04-03 | 7.8 HIGH | N/A |
| HP-UX B.11.00, B.11.04, B.11.11, and B.11.23 allows remote attackers to cause a denial of service via a "Rose Attack" that involves sending a subset of small IP fragments that do not form a complete, larger packet. | |||||
| CVE-2002-1078 | 1 Aprelium Technologies | 1 Abyss Web Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Abyss Web Server 1.0.3 allows remote attackers to list directory contents via an HTTP GET request that ends in a large number of / (slash) characters. | |||||
| CVE-2004-2065 | 1 Daniel Barron | 1 Dansguardian | 2025-04-03 | 7.5 HIGH | N/A |
| DansGuardian 2.8 and earlier allows remote attackers to bypass the extension filtering rule via a hex encoded extension or . in the filename. | |||||
| CVE-2005-3816 | 1 Zoneo-soft | 1 Freeforum | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in forum.php in freeForum 1.1 and earlier and earlier allow remote attackers to execute arbitrary SQL commands via the (1) cat parameter or (2) thread parameter in thread mode. | |||||
| CVE-2004-1526 | 1 New Media Generation | 1 Hired Team Trial | 2025-04-03 | 7.5 HIGH | N/A |
| Hired Team: Trial 2.0 and earlier and 2.200 does not limit how game players can kick other players off the server, including the administrator. | |||||
| CVE-2006-2697 | 1 Easy-content Forums | 1 Easy-content Forums | 2025-04-03 | 6.4 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in Easy-Content Forums 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) startletter parameter in userview.asp and the (2) forumname parameter in topics.asp. | |||||
| CVE-2003-0386 | 1 Openbsd | 1 Openssh | 2025-04-03 | 7.5 HIGH | N/A |
| OpenSSH 3.6.1 and earlier, when restricting host access by numeric IP addresses and with VerifyReverseMapping disabled, allows remote attackers to bypass "from=" and "user@host" address restrictions by connecting to a host from a system whose reverse DNS hostname contains the numeric IP address. | |||||
| CVE-1999-0887 | 1 Floosietek | 1 Ftgate | 2025-04-03 | 5.0 MEDIUM | N/A |
| FTGate web interface server allows remote attackers to read files via a .. (dot dot) attack. | |||||
| CVE-2005-3447 | 1 Oracle | 2 Application Server, Database Server | 2025-04-03 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Single Sign-On in Oracle Database Server 10g up to 10.1.0.4.2 and Application Server 9.0.2.3 up to 9.0.4.2 has unknown impact and attack vectors, aka Oracle Vuln# DB33 and AS08. | |||||
| CVE-2004-0093 | 1 Xfree86 Project | 1 X11r6 | 2025-04-03 | 7.5 HIGH | N/A |
| XFree86 4.1.0 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an out-of-bounds array index when using the GLX extension and Direct Rendering Infrastructure (DRI). | |||||
| CVE-2006-2283 | 1 Spiffyjr | 1 Phpraid | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in SpiffyJr phpRaid 2.9.5 through 3.0.b3 allow remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter in (1) auth.php and (2) auth_phpbb when the phpBB portal is enabled, and via a URL in the smf_root_path parameter in (3) auth.php and (4) auth_SMF when the SMF portal is enabled. | |||||
| CVE-2000-0481 | 1 Kde | 1 K-mail | 2025-04-03 | 5.0 MEDIUM | N/A |
| Buffer overflow in KDE Kmail allows a remote attacker to cause a denial of service via an attachment with a long file name. | |||||
| CVE-2001-0171 | 1 Whitsoft | 1 Slimserve | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in SlimServe HTTPd 1.0 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long GET request. | |||||
| CVE-2005-1233 | 1 Php Labs | 1 Profile | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in PHP Labs proFile allows remote attackers to inject arbitrary web script or HTML via the (1) dir or (2) file parameters. | |||||
| CVE-2001-1112 | 1 Khamil Landross And Zack Jones | 1 Eftp | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in EFTP 2.0.7.337 allows remote attackers to execute arbitrary code by uploading a .lnk file containing a large number of characters. | |||||
| CVE-2003-1194 | 1 Booby | 1 Booby | 2025-04-03 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Booby .1 through 0.2.3 allows remote attackers to inject arbitrary web script or HTML via the error message. | |||||
| CVE-2001-0844 | 1 Seth Leonard | 2 Book Of Guests, Post It | 2025-04-03 | 7.5 HIGH | N/A |
| Vulnerability in (1) Book of guests and (2) Post it! allows remote attackers to execute arbitrary code via shell metacharacters in the email parameter. | |||||