Total
29864 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-0765 | 1 Mirabilis | 2 Icq, Icq Lite | 2025-04-03 | 5.1 MEDIUM | N/A |
| GUI display truncation vulnerability in ICQ Inc. (formerly Mirabilis) ICQ 2003a, 2003b, Lite 4.0, Lite 4.1, and possibly other Windows versions allows user-assisted remote attackers to hide malicious file extensions, bypass Windows security warnings via a filename that is all uppercase and of a specific length, which truncates the malicious extension from the display and could trick a user into executing arbitrary programs. | |||||
| CVE-2006-0422 | 1 Bea | 1 Weblogic Server | 2025-04-03 | 6.4 MEDIUM | N/A |
| Multiple unspecified vulnerabilities in BEA WebLogic Server and WebLogic Express 8.1 through SP4, 7.0 through SP6, and 6.1 through SP7 allow remote attackers to access MBean attributes or cause an unspecified denial of service via unknown attack vectors. | |||||
| CVE-2005-0933 | 1 Coinsoft Technologies | 1 Phpcoin | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in auxpage.php for phpCOIN 1.2.1b and earlier allows remote attackers to read arbitrary files via the page parameter. | |||||
| CVE-2004-2266 | 1 Ansel | 1 Ansel | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Ansel 2.1 and earlier allows remote attackers to modify SQL statements via the image parameter. | |||||
| CVE-2006-1644 | 1 Interact | 1 Interact | 2025-04-03 | 5.0 MEDIUM | N/A |
| login.php in Interact 2.1.1 generates different responses depending on whether or not a username is valid, which allows remote attackers to determine valid usernames. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2002-1104 | 1 Cisco | 1 Vpn Client | 2025-04-03 | 5.0 MEDIUM | N/A |
| Cisco Virtual Private Network (VPN) Client software 2.x.x and 3.x before 3.0.5 allows remote attackers to cause a denial of service (crash) via TCP packets with source and destination ports of 137 (NETBIOS). | |||||
| CVE-2005-1391 | 1 Apsis | 1 Pound | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the add_port function in APSIS Pound 1.8.2 and earlier allows remote attackers to execute arbitrary code via a long Host HTTP header. | |||||
| CVE-2006-3478 | 1 Myphp Cms | 1 Myphp Cms | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in styles/default/global_header.php in MyPHP CMS 0.3 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the domain parameter. | |||||
| CVE-2005-1383 | 1 Oracle | 1 Application Server | 2025-04-03 | 7.5 HIGH | N/A |
| The OHS component 1.0.2 through 10.x, when UseWebcacheIP is disabled, in Oracle Application Server allows remote attackers to bypass HTTP Server mod_access restrictions via a request to the webcache TCP port 7778. | |||||
| CVE-2004-1644 | 1 Jerod Moemeka | 1 Xedus | 2025-04-03 | 5.0 MEDIUM | N/A |
| Xedus 1.0 allows remote attackers to cause a denial of service (refuse connections) by connecting multiple times from the same IP address. | |||||
| CVE-2001-1554 | 1 Ibm | 1 Aix | 2025-04-03 | 5.0 MEDIUM | N/A |
| IBM AIX 430 does not properly unlock IPPMTU_LOCK, which allows remote attackers to cause a denial of service (hang) via Path Maximum Transmit Unit (PMTU) IP packets. | |||||
| CVE-2002-1759 | 1 Phprojekt | 1 Phprojekt | 2025-04-03 | 5.0 MEDIUM | N/A |
| The upload function in PHProjekt 2.0 through 3.1 does not properly verify certain variables related to uploaded data, which allows remote attackers to cause PHProjekt to process arbitrary files. | |||||
| CVE-2006-0125 | 1 Appserv Open Project | 1 Appserv | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in appserv/main.php in AppServ 2.4.5 allows remote attackers to include arbitrary files via the appserv_root parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. There is not enough detail from these third party sources to know whether this is directory traversal, remote file include, or another issue. | |||||
| CVE-2005-3947 | 1 Sergey Korostel | 1 Php Upload Center | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in PHP Upload Center allows remote attackers to read arbitrary files via "../" sequences in the filename parameter. | |||||
| CVE-2005-1882 | 1 Yapig | 1 Yapig | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in last_gallery.php in YaPiG 0.93u and 0.94u allows remote attackers to execute arbitrary PHP code via the YAPIG_PATH parameter. | |||||
| CVE-2001-0525 | 1 Suse | 1 Suse Linux | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in dsh in dqs 3.2.7 in SuSE Linux 7.0 and earlier, and possibly other operating systems, allows local users to gain privileges via a long first command line argument. | |||||
| CVE-2004-2308 | 1 Cpanel | 1 Cpanel | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in cPanel 9.1.0 and possibly earlier allows remote attackers to inject arbitrary web script or HTML via the dir parameter in dohtaccess.html. | |||||
| CVE-2005-2556 | 1 Mantis | 1 Mantis | 2025-04-03 | 7.5 HIGH | N/A |
| core/database_api.php in Mantis 0.19.0a1 through 1.0.0a3, with register_globals enabled, allows remote attackers to connect to internal databases by modifying the g_db_type variable and monitoring the speed of responses, as identified by bug#0005956. | |||||
| CVE-2002-1411 | 1 Duma | 1 Photo Gallery System | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in update.dpgs in Duma Photo Gallery System (DPGS) 0.99.4 allows remote attackers to read arbitrary files via .. (dot dot) sequences in the id parameter. | |||||
| CVE-2005-2522 | 1 Apple | 2 Mac Os X, Safari | 2025-04-03 | 5.1 MEDIUM | N/A |
| Safari in WebKit in Mac OS X 10.4 to 10.4.2 directly accesses URLs within PDF files without the normal security checks, which allows remote attackers to execute arbitrary code via links in a PDF file. | |||||