Total
29864 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-1176 | 1 Nullsoft | 1 Winamp | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in Winamp 2.81 allows remote attackers to execute arbitrary code via a long Artist ID3v2 tag in an MP3 file. | |||||
| CVE-2006-2171 | 1 Jgaa | 1 Warftpd | 2025-04-03 | 6.4 MEDIUM | N/A |
| Buffer overflow in WDM.exe in WarFTPD allows remote attackers to execute arbitrary code via unspecified arguments, as demonstrated by the Infigo FTPStress Fuzzer. | |||||
| CVE-2005-0180 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 3.6 LOW | N/A |
| Multiple integer signedness errors in the sg_scsi_ioctl function in scsi_ioctl.c for Linux 2.6.x allow local users to read or modify kernel memory via negative integers in arguments to the scsi ioctl, which bypass a maximum length check before calling the copy_from_user and copy_to_user functions. | |||||
| CVE-2006-0658 | 1 Fckeditor | 1 Fckeditor | 2025-04-03 | 5.0 MEDIUM | N/A |
| Incomplete blacklist vulnerability in connector.php in FCKeditor 2.0 and 2.2, as used in products such as RunCMS, allows remote attackers to upload and execute arbitrary script files by giving the files specific extensions that are not listed in the Config[DeniedExtensions][File], such as .php.txt. | |||||
| CVE-2001-1127 | 1 Progress | 1 Progress | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in Progress database 8.3D and 9.1C could allow a local user to execute arbitrary code via (1) _proapsv, (2) _mprosrv, (3) _mprshut, (4) orarx, (5) sqlcpp, (6) _probrkr, (7) _sqlschema and (8) _sqldump. | |||||
| CVE-2005-3252 | 1 Sourcefire | 1 Snort | 2025-04-03 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the Back Orifice (BO) preprocessor for Snort before 2.4.3 allows remote attackers to execute arbitrary code via a crafted UDP packet. | |||||
| CVE-2002-2075 | 1 Mirabilis | 1 Icq | 2025-04-03 | 5.0 MEDIUM | N/A |
| ICQ 2001a and 2002b allows remote attackers to cause a denial of service (memory consumption and hang) via a contact message with a large contacts number. | |||||
| CVE-2006-3023 | 1 Uapplication | 1 Uphotogallery | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in thumbnails.asp in Uapplication Uphotogallery 1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) s and (2) block parameters. | |||||
| CVE-2004-0219 | 1 Openbsd | 1 Openbsd | 2025-04-03 | 5.0 MEDIUM | N/A |
| isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a denial of service (crash) via an ISAKMP packet with a malformed IPSEC SA payload, as demonstrated by the Striker ISAKMP Protocol Test Suite. | |||||
| CVE-2006-1533 | 1 Sourceworkshop | 1 Newsletter | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in newsletter.php in Sourceworkshop newsletter 1.0 allows remote attackers to execute arbitrary SQL commands via the newsletteremail parameter. | |||||
| CVE-2005-2365 | 1 Ethereal Group | 1 Ethereal | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in the SMB dissector in Ethereal 0.9.0 through 0.10.11 allows remote attackers to cause a buffer overflow or a denial of service (memory consumption) via unknown attack vectors. | |||||
| CVE-2005-2668 | 2 Broadcom, Ca | 28 Advantage Data Transport, Adviseit, Brightstor Portal and 25 more | 2025-04-03 | 10.0 HIGH | N/A |
| Multiple buffer overflows in Computer Associates (CA) Message Queuing (CAM / CAFT) 1.05, 1.07 before Build 220_13, and 1.11 before Build 29_13 allow remote attackers to execute arbitrary code via unknown vectors. | |||||
| CVE-2005-2297 | 1 Sybase | 1 Easerver | 2025-04-03 | 4.6 MEDIUM | N/A |
| Stack-based buffer overflow in TreeAction.do in Sybase EAServer 4.2.5 through 5.2 allows remote authenticated users to execute arbitrary code via a large javascript parameter. | |||||
| CVE-2006-3786 | 1 Symantec | 1 Pcanywhere | 2025-04-03 | 3.6 LOW | N/A |
| Symantec pcAnywhere 12.5 uses weak integrity protection for .cif (aka caller or CallerID) files, which allows local users to generate a custom .cif file and modify the superuser flag. | |||||
| CVE-2005-1372 | 1 Bakbone | 1 Netvault | 2025-04-03 | 4.6 MEDIUM | N/A |
| nvstatsmngr.exe process in BakBone NetVault 7.1 does not properly drop privileges before opening files, which allows local users to gain privileges via the Help menu. | |||||
| CVE-2005-3419 | 1 Phpbb Group | 1 Phpbb | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in usercp_register.php in phpBB 2.0.17 allows remote attackers to execute arbitrary SQL commands via the signature_bbcode_uid parameter, which is not properly initialized. | |||||
| CVE-2005-0903 | 1 Apple | 1 Quicktime Pictureviewer | 2025-04-03 | 2.6 LOW | N/A |
| Buffer overflow in QuickTime PictureViewer 6.5.1 allows remote attackers to cause a denial of service (application crash) via a JPEG file with crafted Huffman Table (marker DHT) data. | |||||
| CVE-2002-1614 | 1 Hp | 2 Hp-ux, Tru64 | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in HP Tru64 UNIX allows local users to execute arbitrary code via a long argument to /usr/bin/at. | |||||
| CVE-2006-1042 | 1 Gregarius | 1 Gregarius | 2025-04-03 | 6.4 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in Gregarius 0.5.2 allow remote attackers to execute arbitrary SQL commands via the (1) folder parameter to feed.php or (2) rss_query parameter to search.php. | |||||
| CVE-2005-3101 | 1 Six Apart | 1 Movable Type | 2025-04-03 | 5.0 MEDIUM | N/A |
| The password reset feature in Movable Type before 3.2 generates different error messages depending on whether a user exists or not, which allows remote attackers to determine valid usernames. | |||||