Total
29863 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-0415 | 3 Linux, Redhat, Trustix | 3 Linux Kernel, Fedora Core, Secure Linux | 2025-04-03 | 2.1 LOW | N/A |
| Linux kernel does not properly convert 64-bit file offset pointers to 32 bits, which allows local users to access portions of kernel memory. | |||||
| CVE-2001-1058 | 1 Wolfram Research | 1 Mathematica | 2025-04-03 | 7.5 HIGH | N/A |
| The License Manager (mathlm) for Mathematica 4.0 and 4.1 allows remote attackers to bypass access control (specified by the -restrict argument) and steal a license via a client request that includes the name of a host that is allowed to obtain the license. | |||||
| CVE-2004-2579 | 1 Novell | 1 Ichain | 2025-04-03 | 7.5 HIGH | N/A |
| ACLCHECK module in Novell iChain 2.3 allows attackers to bypass access control rules of an unspecified component via an unspecified attack vector involving a string that contains escape sequences represented with "overlong UTF-8 encoding." | |||||
| CVE-2005-0229 | 1 Citrusdb | 1 Citrusdb Customer Database | 2025-04-03 | 5.0 MEDIUM | N/A |
| CitrusDB 0.3.5 and earlier stores the newfile.txt temporary data file under the web root, which allows remote attackers to steal credit card information via a direct request to newfile.txt. | |||||
| CVE-2000-0337 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in Xsun X server in Solaris 7 allows local users to gain root privileges via a long -dev parameter. | |||||
| CVE-2005-1324 | 1 Matthieu Aubry | 1 Phpmyvisites | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index.php for phpMyVisites allow remote attackers to inject arbitrary web script or HTML via the (1) part, (2) per, or (3) site parameters. | |||||
| CVE-2005-0414 | 1 Mercuryboard | 1 Mercuryboard | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in post.php for MercuryBoard 1.1.1 allows remote attackers to execute arbitrary SQL commands via a reply post action for index.php with (1) the t parameter or (2) the qu parameter. | |||||
| CVE-2004-2305 | 1 Broadcom | 1 Etrust Antivirus Ee | 2025-04-03 | 5.0 MEDIUM | N/A |
| Computer Associates eTrust Antivirus EE 6.0 through 7.0 allows remote attackers to bypass virus scanning by including a password-protected file in a ZIP file, which causes eTrust to scan only the password protected file and skip the other files. | |||||
| CVE-2004-2316 | 1 Mbedthis Software | 1 Mbedthis Appweb Http Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Mbedthis AppWeb HTTP server before 1.0.2 allows remote attackers to cause a denial of service (crash) via a GET request containing an MS-DOS device name such as COM1. | |||||
| CVE-1999-0192 | 2 Redhat, Slackware | 2 Linux, Slackware Linux | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in telnet daemon tgetent routing allows remote attackers to gain root access via the TERMCAP environmental variable. | |||||
| CVE-2001-0598 | 1 Symantec | 1 Norton Ghost | 2025-04-03 | 5.0 MEDIUM | N/A |
| Symantec Ghost 6.5 and earlier allows a remote attacker to create a denial of service by sending large (> 45Kb) amounts of data to the Ghost Configuration Server on port 1347, which triggers an error that is not properly handled. | |||||
| CVE-2005-2396 | 1 Mediawiki | 1 Mediawiki | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in MediaWiki 1.4.6 and earlier allows remote attackers to inject arbitrary web script or HTML via a parameter to the page move template. | |||||
| CVE-2005-4221 | 1 Arab Portal | 1 Arab Portal | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in link.php in Arab Portal System 2 Beta 2 allows remote attackers to execute arbitrary SQL commands via the (1) PHPSESSID (session ID) or (2) REQUEST_URI (query string). | |||||
| CVE-2002-2043 | 1 Cyrus | 1 Sasl | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the LDAP and MySQL authentication patch for Cyrus SASL 1.5.24 and 1.5.27 allows remote attackers to execute arbitrary SQL commands and log in as arbitrary POP mail users via the password. | |||||
| CVE-2004-2604 | 1 Phproxy | 1 Phproxy | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in PHProxy allows remote attackers to inject arbitrary web script or HTML via the error parameter. | |||||
| CVE-2004-2086 | 1 Sambar | 1 Sambar Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Stack-based buffer overflow in results.stm for Sambar Server before the 6.0 production release allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an HTTP POST request with a long query parameter. | |||||
| CVE-1999-1295 | 1 Transarc | 1 Dce Distributed File System | 2025-04-03 | 4.6 MEDIUM | N/A |
| Transarc DCE Distributed File System (DFS) 1.1 for Solaris 2.4 and 2.5 does not properly initialize the grouplist for users who belong to a large number of groups, which could allow those users to gain access to resources that are protected by DFS. | |||||
| CVE-2005-2429 | 1 Mozilla | 1 Firefox | 2025-04-03 | 5.0 MEDIUM | N/A |
| Firefox, when opening Microsoft Word documents, does not properly set the permissions on shared sections, which allows remote attackers to write arbitrary data to open applications in Microsoft Office. | |||||
| CVE-2000-0404 | 1 Microsoft | 5 Terminal Server, Windows 2000, Windows 95 and 2 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| The CIFS Computer Browser service allows remote attackers to cause a denial of service by sending a ResetBrowser frame to the Master Browser, aka the "ResetBrowser Frame" vulnerability. | |||||
| CVE-2001-1342 | 1 Apache | 1 Http Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Apache before 1.3.20 on Windows and OS/2 systems allows remote attackers to cause a denial of service (GPF) via an HTTP request for a URI that contains a large number of / (slash) or other characters, which causes certain functions to dereference a null pointer. | |||||