Total
29868 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-0015 | 4 Hp, Microsoft, Netbsd and 1 more | 5 Hp-ux, Windows 95, Windows Nt and 2 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| Teardrop IP denial of service. | |||||
| CVE-2003-1288 | 1 Vserver | 1 Linux-vserver | 2025-04-03 | 5.0 MEDIUM | N/A |
| Multiple race conditions in Linux-VServer 1.22 with Linux kernel 2.4.23 and SMP allow local users to cause a denial of service (kernel oops) via unknown attack vectors related to the (1) s_info and (2) ip_info data structures and the (a) forget_original_parent, (b) goodness, (c) schedule, (d) update_process_times, and (e) vc_new_s_context functions. | |||||
| CVE-2006-4364 | 1 Alt-n | 1 Mdaemon | 2025-04-03 | 5.0 MEDIUM | N/A |
| Multiple heap-based buffer overflows in the POP3 server in Alt-N Technologies MDaemon before 9.0.6 allow remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via long strings that contain '@' characters in the (1) USER and (2) APOP commands. | |||||
| CVE-2001-0112 | 2 Debian, Sam Lantinga | 2 Debian Linux, Splitvt | 2025-04-03 | 7.2 HIGH | N/A |
| Multiple buffer overflows in splitvt before 1.6.5 allow local users to execute arbitrary commands. | |||||
| CVE-2005-2381 | 1 Php Surveyor | 1 Php Surveyor | 2025-04-03 | 5.0 MEDIUM | N/A |
| PHP Surveyor 0.98 allows remote attackers to obtain sensitive information via a direct request to (1) question.php, (2) survey.php, or (3) group.php in the root directory, a direct request to (4) database.php, (5) sessioncontrol.php, (6) html.php, (7) sessioncontrol.php, an invalid (8) qid parameter to dumpquestion.php, or an invalid lid parameter to (9) labels.php or (10) dumplabel.php, which reveal the path in an error message. | |||||
| CVE-2001-1383 | 1 Redhat | 1 Linux | 2025-04-03 | 6.2 MEDIUM | N/A |
| initscript in setserial 2.17-4 and earlier uses predictable temporary file names, which could allow local users to conduct unauthorized operations on files. | |||||
| CVE-2006-3531 | 1 Pivot | 1 Pivot | 2025-04-03 | 7.5 HIGH | N/A |
| includes/editor/insert_image.php in Pivot 1.30 RC2 and earlier creates the authentication credentials from parameters, which allows remote attackers to obtain privileges and upload arbitrary files via modified (1) pass and (2) session parameters, and (3) pass and (4) userlevel indices of the (a) Pivot_Vars[] or (b) Users[] array parameters. | |||||
| CVE-2005-1914 | 1 Centericq | 1 Centericq | 2025-04-03 | 2.1 LOW | N/A |
| CenterICQ 4.20.0 and earlier creates temporary files with predictable file names, which allows local users to overwrite arbitrary files via a symlink attack on the gg.token.PID temporary file. | |||||
| CVE-2002-0031 | 1 Yahoo | 1 Messenger | 2025-04-03 | 4.6 MEDIUM | N/A |
| Buffer overflows in Yahoo! Messenger 5,0,0,1064 and earlier allows remote attackers to execute arbitrary code via a ymsgr URI with long arguments to (1) call, (2) sendim, (3) getimv, (4) chat, (5) addview, or (6) addfriend. | |||||
| CVE-2003-1174 | 1 Nullsoft | 1 Shoutcast Server | 2025-04-03 | 2.1 LOW | N/A |
| Buffer overflow in NullSoft Shoutcast Server 1.9.2 allows local users to cause a denial of service via (1) icy-name followed by a long server name or (2) icy-url followed by a long URL. | |||||
| CVE-2006-1701 | 1 Shadowed Portal | 1 Shadowed Portal | 2025-04-03 | 2.6 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in the Pages module in Shadowed Portal allows remote attackers to inject arbitrary web script or HTML via the page parameter to load.php. | |||||
| CVE-2006-1804 | 1 Phpmyadmin | 1 Phpmyadmin | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in sql.php in phpMyAdmin 2.7.0-pl1 allows remote attackers to execute arbitrary SQL commands via the sql_query parameter. | |||||
| CVE-2002-0567 | 1 Oracle | 3 Database Server, Oracle8i, Oracle9i | 2025-04-03 | 7.5 HIGH | N/A |
| Oracle 8i and 9i with PL/SQL package for External Procedures (EXTPROC) allows remote attackers to bypass authentication and execute arbitrary functions by using the TNS Listener to directly connect to the EXTPROC process. | |||||
| CVE-2004-0072 | 1 Accipiter | 1 Accipiter Direct Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Accipiter Direct Server 6.0 allows remote attackers to read arbitrary files via encoded \.. (backslash .., "%5c%2e%2e") sequences in an HTTP request. | |||||
| CVE-1999-0587 | 2025-04-03 | 10.0 HIGH | N/A | ||
| A WWW server is not running in a restricted file system, e.g. through a chroot, thus allowing access to system-critical data. | |||||
| CVE-2006-4681 | 1 Ibm | 1 Director | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Redirect.bat in IBM Director before 5.10 allows remote attackers to read arbitrary files via a .. (dot dot) sequence in the file parameter. | |||||
| CVE-1999-0340 | 1 Slackware | 1 Slackware Linux | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in Linux Slackware crond program allows local users to gain root access. | |||||
| CVE-1999-0087 | 1 Ibm | 1 Aix | 2025-04-03 | 5.0 MEDIUM | N/A |
| Denial of service in AIX telnet can freeze a system and prevent users from accessing the server. | |||||
| CVE-2002-1661 | 1 Leafnode | 1 Leafnode | 2025-04-03 | 5.0 MEDIUM | N/A |
| The leafnode server in leafnode 1.9.20 to 1.9.29 allows remote attackers to cause a denial of service (infinite loop) when leafnode requests a cross-posted article to one group whose name is a prefix of another group. | |||||
| CVE-1999-1352 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 4.6 MEDIUM | N/A |
| mknod in Linux 2.2 follows symbolic links, which could allow local users to overwrite files or gain privileges. | |||||