Total
29864 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-1448 | 1 Jetbox | 1 Jetbox One Cms | 2025-04-03 | 4.6 MEDIUM | N/A |
| Jetbox One 2.0.8 and possibly other versions allow remote attackers with Author privileges in the IMAGES module to upload PHP files and execute arbitrary code. | |||||
| CVE-2003-0634 | 1 Oracle | 2 Oracle8i, Oracle9i | 2025-04-03 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the PL/SQL EXTPROC functionality for Oracle9i Database Release 2 and 1, and Oracle 8i, allows authenticated database users, and arbitrary database users in some cases, to execute arbitrary code via a long library name. | |||||
| CVE-2006-4264 | 1 Mambo | 1 Mtg Myhomepage Component | 2025-04-03 | 7.5 HIGH | 9.8 CRITICAL |
| Multiple PHP remote file inclusion vulnerabilities in the lmtg_myhomepage Component (com_lmtg_myhomepage) for Mambo allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter in (1) install.lmtg_homepage.php and (2) mtg_homepage.php. NOTE: this issue has been disputed by a third party, who states that the $mosConfig_absolute_path variable is only used within a function definition. CVE source code analysis on 20060824 is not conclusive but tends to concur with the dispute. In addition, it appears that the component name is actually "lmtg_myhomepage" | |||||
| CVE-2004-2619 | 1 Paul L Daniels | 1 Ripmime | 2025-04-03 | 7.5 HIGH | N/A |
| ripMIME 1.3.2.3 and earlier allows remote attackers to bypass e-mail protection via a base64 MIME encoded attachment containing invalid characters that are not properly extracted. | |||||
| CVE-2006-1869 | 1 Oracle | 1 Database Server | 2025-04-03 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Oracle Database Server 8.1.7.4 and 9.0.1.5 has unknown impact and attack vectors in the Dictionary component, aka Vuln# DB04. | |||||
| CVE-1999-0413 | 1 Sgi | 1 Irix | 2025-04-03 | 7.2 HIGH | N/A |
| A buffer overflow in the SGI X server allows local users to gain root access through the X server font path. | |||||
| CVE-2001-1340 | 1 Beck Ipc Gmbh | 1 Ipc At Chip Telnetd Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Beck GmbH IPC@Chip TelnetD service supports only one connection and does not disconnect a user who does not complete the login process, which allows remote attackers to lock out the administrator account by connecting to the service. | |||||
| CVE-2006-1539 | 1 Bsd-games | 1 Tetris-bsd | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple buffer overflows in the checkscores function in scores.c in tetris-bsd in bsd-games before 2.17-r1 in Gentoo Linux might allow local users with games group membership to gain privileges by modifying tetris-bsd.scores to contain crafted executable content, which is executed when another user launches tetris-bsd. | |||||
| CVE-2006-0182 | 1 Acal | 1 Calendar Project | 2025-04-03 | 7.5 HIGH | N/A |
| login.php in ACal Calendar Project 2.2.5 allows remote attackers to bypass authentication by setting the ACalAuthenticate cookie variable to "inside". | |||||
| CVE-2002-0477 | 1 Macromedia | 1 Flash Player | 2025-04-03 | 7.5 HIGH | N/A |
| Standalone Macromedia Flash Player 5.0 before 5,0,30,2 allows remote attackers to execute arbitrary programs via a .SWF file containing the "exec" FSCommand. | |||||
| CVE-2000-0073 | 1 Microsoft | 3 Windows 2000, Windows 98, Windows Nt | 2025-04-03 | 5.0 MEDIUM | N/A |
| Buffer overflow in Microsoft Rich Text Format (RTF) reader allows attackers to cause a denial of service via a malformed control word. | |||||
| CVE-2005-0333 | 1 Lanchat Pro Revival | 1 Lanchat Pro Revival | 2025-04-03 | 5.0 MEDIUM | N/A |
| LANChat Pro Revival 1.666c allows remote attackers to cause a denial of service (application crash) via a malformed UDP packet. | |||||
| CVE-2006-0371 | 1 Noah Medling | 1 Rcblog | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in Noah Medling RCBlog 1.03 allows remote attackers to read arbitrary .txt files, possibly including one that stores the administrator's account name and password, via a .. (dot dot) in the post parameter. | |||||
| CVE-2006-0588 | 1 Jaia Interactive | 1 Mytopix | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in search.php in MyTopix 1.2.3 allows remote attackers to execute arbitrary SQL commands via the (1) mid and (2) keywords parameters. | |||||
| CVE-2002-0484 | 1 Php | 1 Php | 2025-04-03 | 5.0 MEDIUM | N/A |
| move_uploaded_file in PHP does not does not check for the base directory (open_basedir), which could allow remote attackers to upload files to unintended locations on the system. | |||||
| CVE-2005-1035 | 1 Pavuk | 1 Pavuk | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple buffer overflows in Pavuk before 0.9.32 have unknown attack vectors and impact. | |||||
| CVE-2006-1887 | 1 Oracle | 1 Enterpriseone | 2025-04-03 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Oracle JD Edwards EnterpriseOne Security Server 8.95.J1 has unknown impact and attack vectors, aka Vuln# JDE01. | |||||
| CVE-2005-4724 | 1 Phptagcool | 1 Phptagcool | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in post.php in PhpTagCool 1.0.3 allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For field in an HTTP header. | |||||
| CVE-1999-0223 | 1 Sun | 1 Sunos | 2025-04-03 | 2.1 LOW | N/A |
| Solaris syslogd crashes when receiving a message from a host that doesn't have an inverse DNS entry. | |||||
| CVE-2005-0566 | 1 Kmint21 Software | 1 Golden Ftp Server | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in Golden FTP Server Pro (goldenftpd) 2.x allows remote attackers to execute arbitrary code via a long RNTO command. | |||||