Total
29864 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0873 | 1 Ibm | 1 Aix | 2025-04-03 | 2.1 LOW | N/A |
| netstat in AIX 4.x.x does not properly restrict access to the -Zi option, which allows local users to clear network interface statistics and possibly hide evidence of unusual network activities. | |||||
| CVE-2005-0472 | 3 Mandrakesoft, Redhat, Rob Flynn | 5 Mandrake Linux, Mandrake Linux Corporate Server, Enterprise Linux and 2 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| Gaim before 1.1.3 allows remote attackers to cause a denial of service (infinite loop) via malformed SNAC packets from (1) AIM or (2) ICQ. | |||||
| CVE-2002-0580 | 1 Workforceroi | 1 Xpede | 2025-04-03 | 7.5 HIGH | N/A |
| WorkforceROI Xpede 4.1 allows remote attackers to obtain the database username via a request to datasource.asp, which leaks the username in a form and allows the attacker to more easily conduct brute force password guessing attacks. | |||||
| CVE-2002-0179 | 1 Xpilot | 1 Xpilot | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in xpilot-server for XPilot 4.5.0 and earlier allows remote attackers to execute arbitrary code. | |||||
| CVE-2000-0639 | 1 Sean Macguire | 1 Big Brother | 2025-04-03 | 7.5 HIGH | N/A |
| The default configuration of Big Brother 1.4h2 and earlier does not include proper access restrictions, which allows remote attackers to execute arbitrary commands by using bbd to upload a file whose extension will cause it to be executed as a CGI script by the web server. | |||||
| CVE-2003-1272 | 1 Nullsoft | 1 Winamp | 2025-04-03 | 9.3 HIGH | N/A |
| Multiple buffer overflows in Winamp 3.0 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a .b4s file containing (1) a long playlist name or (2) a long path in a file: argument to the Playstring parameter. | |||||
| CVE-2003-0934 | 1 Symbol Technologies | 1 Pdt | 2025-04-03 | 4.6 MEDIUM | N/A |
| Symbol Access Portable Data Terminal (PDT) 8100 does not hide the default WEP keys if they are not changed, which could allow attackers to retrieve the keys and gain access to the wireless network. | |||||
| CVE-2005-4318 | 1 Limbo Cms | 1 Limbo Cms | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Limbo CMS 1.0.4.2 and earlier, with register_globals off, allows remote attackers to execute arbitrary SQL commands via the _SERVER[REMOTE_ADDR] parameter, which modifies the underlying $_SERVER variable. | |||||
| CVE-2005-0108 | 1 Apache | 1 Mod Auth Radius | 2025-04-03 | 5.0 MEDIUM | N/A |
| Apache mod_auth_radius 1.5.4 and libpam-radius-auth allow remote malicious RADIUS servers to cause a denial of service (crash) via a RADIUS_REPLY_MESSAGE with a RADIUS attribute length of 1, which leads to a memcpy operation with a -1 length argument. | |||||
| CVE-2002-0263 | 1 Ezne.net | 1 Ezboard 2000 | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in EasyBoard 2000 1.27 (aka EZboard) allows remote attackers to execute arbitrary code via a long boundary value in a multipart Content-Type header to (1) ezboard.cgi, (2) ezman.cgi, or (3) ezadmin.cgi. | |||||
| CVE-2006-3621 | 1 Dream4 | 1 Koobi Pro | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the showtopic module in Koobi Pro CMS 5.6 allows remote attackers to execute arbitrary SQL commands via the toid parameter. | |||||
| CVE-2006-0043 | 1 Suse | 1 Suse Linux | 2025-04-03 | 4.6 MEDIUM | N/A |
| Buffer overflow in the realpath function in nfs-server rpc.mountd, as used in SUSE Linux 9.1 through 10.0, allows local users to execute arbitrary code via unspecified vectors involving mount requests and symlinks. | |||||
| CVE-2004-0980 | 3 Angus Mackay, Debian, Gentoo | 3 Ez-ipupdate, Debian Linux, Linux | 2025-04-03 | 10.0 HIGH | N/A |
| Format string vulnerability in ez-ipupdate.c for ez-ipupdate 3.0.10 through 3.0.11b8, when running in daemon mode with certain service types in use, allows remote servers to execute arbitrary code. | |||||
| CVE-2005-2782 | 1 Autolinks | 1 Autolinks | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in al_initialize.php for AutoLinks Pro 2.1 allows remote attackers to execute arbitrary PHP code via an "ftp://" URL in the alpath parameter, which bypasses the incomplete blacklist that only checks for "http" and "https" URLs. | |||||
| CVE-2004-1582 | 1 Blackboard Internet Newsboard System | 1 Blackboard Internet Newsboard System | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in BlackBoard 1.5.1 allows remote attackers to execute arbitrary PHP code by modifying the libpath parameter (incorrectly called "libpach") to reference a URL on a remote web server that contains _more.php, as demonstrated using checkdb.inc.php. | |||||
| CVE-2003-0736 | 1 Phpwebsite | 1 Phpwebsite | 2025-04-03 | 6.8 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in phpWebSite 0.9.x and earlier allow remote attackers to execute arbitrary web script via (1) the day parameter in the calendar module, (2) the fatcat_id parameter in the fatcat module, (3) the PAGE_id parameter in the pagemaster module, (4) the PDA_limit parameter in the search, and (5) possibly other parameters in the calendar, fatcat, and pagemaster modules. | |||||
| CVE-2000-1017 | 1 Webteacher | 1 Webdata | 2025-04-03 | 5.0 MEDIUM | N/A |
| Webteachers Webdata allows remote attackers with valid Webdata accounts to read arbitrary files by posting a request to import the file into the WebData database. | |||||
| CVE-2001-0019 | 1 Cisco | 2 Arrowpoint, Content Services Switch | 2025-04-03 | 2.1 LOW | N/A |
| Arrowpoint (aka Cisco Content Services, or CSS) allows local users to cause a denial of service via a long argument to the "show script," "clear script," "show archive," "clear archive," "show log," or "clear log" commands. | |||||
| CVE-2000-0699 | 1 Hp | 1 Hp-ux | 2025-04-03 | 10.0 HIGH | N/A |
| Format string vulnerability in ftpd in HP-UX 10.20 allows remote attackers to cause a denial of service or execute arbitrary commands via format strings in the PASS command. | |||||
| CVE-2004-2583 | 1 Smartertools | 1 Smartermail | 2025-04-03 | 7.8 HIGH | N/A |
| SMTP service in SmarterTools SmarterMail 1.6.1511 and 1.6.1529 allows remote attackers to cause a denial of service (CPU consumption) via a large number of simultaneous open connections to TCP port 25. | |||||