Total
29864 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-3356 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | 2.6 LOW | N/A |
| The TIFFFetchAnyArray function in ImageIO in Apple OS X 10.4.7 and earlier allows remote user-assisted attackers to cause a denial of service (application crash) via an invalid tag value in a TIFF image, possibly triggering a null dereference. NOTE: This is a different issue than CVE-2006-1469. | |||||
| CVE-2006-0177 | 1 Cray | 1 Unicos | 2025-04-03 | 7.2 HIGH | N/A |
| Multiple buffer overflows in Cray UNICOS 9.0.2.2 might allow local users to gain privileges by (1) invoking /usr/bin/script with a long command line argument or (2) setting the -c option of /etc/nu to the name of a file containing a long line. | |||||
| CVE-2006-3394 | 1 Bxcp | 1 Bxcp | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the files mod in index.php in BXCP 0.3.0.4 allows remote attackers to execute arbitrary SQL commands via the where parameter in a view action. | |||||
| CVE-2006-4065 | 1 Dmitry Sheiko | 1 Sapid Gallery | 2025-04-03 | 5.1 MEDIUM | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Dmitry Sheiko SAPID Gallery 1.0 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) root_path parameter to (a) usr/extensions/get_calendar.inc.php or the (2) GLOBALS[root_path] parameter to (b) usr/extensions/get_tree.inc.php. | |||||
| CVE-2000-1036 | 1 Extent Technologies | 1 Rbs Isp | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Extent RBS ISP web server allows remote attackers to read sensitive information via a .. (dot dot) attack on the Image parameter. | |||||
| CVE-2006-3800 | 1 Amazing Flash Commerce | 1 Afcommerce Shopping Cart | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Amazing Flash AFCommerce Shopping Cart allows remote attackers to inject arbitrary web script or HTML via the "new review" text box. | |||||
| CVE-2005-4139 | 1 Thwboard | 1 Thwboard Beta | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in ThWboard before 3 Beta 2.84 allow remote attackers to execute arbitrary SQL commands via the (1) year parameter in calendar.php, (2) user parameter array in v_profile.php, and (3) the userid parameter in misc.php. | |||||
| CVE-2006-2226 | 1 Dxmsoft | 1 Xm Easy Personal Ftp Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Buffer overflow in XM Easy Personal FTP Server 4.2 and 5.0.1 allows remote authenticated users to cause a denial of service via a long argument to the PORT command. | |||||
| CVE-1999-1563 | 1 Nachuatec | 2 D435, D445 | 2025-04-03 | 5.0 MEDIUM | N/A |
| Nachuatec D435 and D445 printer allows remote attackers to cause a denial of service via ICMP redirect storm. | |||||
| CVE-2006-3036 | 1 Andy Mack | 1 35mmslidegallery | 2025-04-03 | 5.8 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in 35mmslidegallery 6.0 allow remote attackers to inject arbitrary web script or HTML via the (1) imgdir parameter in (a) index.php, and the (2) w, (3) h, and (4) t parameters in (b) popup.php. | |||||
| CVE-2004-2435 | 1 Peoplesoft | 1 Hrms | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in PeopleSoft Human Resources Management System (HRMS) 7.0, when "web enabled" using HTML Access, allows remote attackers to inject arbitrary web script or HTML via unspecified (1) debugging or (2) utility scripts. | |||||
| CVE-2006-2300 | 1 Keyvan1 | 1 Eimagepro | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in EImagePro allow remote attackers to execute arbitrary SQL commands via the (1) CatID parameter to subList.asp, (2) SubjectID parameter to imageList.asp, or (3) Pic parameter to view.asp. | |||||
| CVE-2005-1796 | 2 Debian, Ettercap | 2 Debian Linux, Ettercap | 2025-04-03 | 7.5 HIGH | N/A |
| Format string vulnerability in the curses_msg function in the Ncurses interface (ec_curses.c) for Ettercap before 0.7.3 allows remote attackers to execute arbitrary code. | |||||
| CVE-2005-3837 | 1 Scssboard | 1 Scssboard | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the search module in sCssBoard 1.2 and 1.12, and earlier versions, allows remote attackers to inject arbitrary web script or HTML via the search_term parameter. | |||||
| CVE-2002-1382 | 1 Macromedia | 1 Flash Player | 2025-04-03 | 7.5 HIGH | N/A |
| Macromedia Flash Player before 6.0.65.0 allows remote attackers to execute arbitrary code via certain malformed data headers in Shockwave Flash file format (SWF) files, a different issue than CAN-2002-0846. | |||||
| CVE-1999-0492 | 2025-04-03 | 10.0 HIGH | N/A | ||
| The ffingerd 1.19 allows remote attackers to identify users on the target system based on its responses. | |||||
| CVE-2004-0545 | 1 Ibm | 1 Aix | 2025-04-03 | 7.2 HIGH | N/A |
| LVM for AIX 5.1 and 5.2 allows local users to overwrite arbitrary files via a symlink attack. | |||||
| CVE-1999-1112 | 1 Irfanview | 1 Irfanview | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in IrfanView32 3.07 and earlier allows attackers to execute arbitrary commands via a long string after the "8BPS" image type in a Photo Shop image header. | |||||
| CVE-2004-2542 | 1 Dynix | 1 Webpac | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Dynix (formerly known as epixtech) WebPAC allow remote attackers to execute arbitrary SQL commands via unknown attack vectors, resulting in an ability to execute stored procedures, bypass login authentication, and cause an unspecified denial of service to backend databases. | |||||
| CVE-2006-0872 | 1 Coppermine | 1 Coppermine Photo Gallery | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in init.inc.php in Coppermine Photo Gallery 1.4.3 and earlier allows remote attackers to include arbitrary files via a .. (dot dot) sequence and trailing NULL (%00) byte in the lang parameter. | |||||