Total
29312 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-0457 | 1 Debian | 1 Debian Linux | 2025-04-03 | 5.0 MEDIUM | N/A |
| man2html before 1.5-22 allows remote attackers to cause a denial of service (memory exhaustion). | |||||
| CVE-2006-3820 | 1 Gerrit Van Aaken | 1 Loudblog | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in loudblog/index.php in Loudblog before 0.5 allows remote attackers to inject arbitrary web script or HTML via the page parameter. | |||||
| CVE-2002-1783 | 1 Php | 1 Php | 2025-04-03 | 5.0 MEDIUM | N/A |
| CRLF injection vulnerability in PHP 4.2.1 through 4.2.3, when allow_url_fopen is enabled, allows remote attackers to modify HTTP headers for outgoing requests by causing CRLF sequences to be injected into arguments that are passed to the (1) fopen or (2) file functions. | |||||
| CVE-2004-2625 | 1 Outblaze | 1 Outblaze Email | 2025-04-03 | 5.1 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Outblaze Email allows remote attackers to inject arbitrary web script or HTML via Javascript in an attribute of an IMG tag. | |||||
| CVE-2001-0681 | 1 Qpc Software | 2 Qvt Net, Qvt Term | 2025-04-03 | 5.0 MEDIUM | N/A |
| Buffer overflow in ftpd in QPC QVT/Net 5.0 and QVT/Term 5.0 allows a remote attacker to cause a denial of service via a long (1) username or (2) password. | |||||
| CVE-2006-4076 | 1 Wim Fleischhauer | 1 Docpile We | 2025-04-03 | 5.1 MEDIUM | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Wim Fleischhauer docpile: wim's edition (docpile:we) 0.2.2 allow remote attackers to execute arbitrary PHP code via a URL in the INIT_PATH parameter to (1) lib/access.inc.php, (2) lib/folders.inc.php, (3) lib/init.inc.php or (4) lib/templates.inc.php. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | |||||
| CVE-1999-0579 | 1 Microsoft | 1 Windows Nt | 2025-04-03 | 10.0 HIGH | N/A |
| A Windows NT system's registry audit policy does not log an event success or failure for non-critical registry keys. | |||||
| CVE-2003-1319 | 1 Smartftp | 1 Smartftp | 2025-04-03 | 7.6 HIGH | N/A |
| Multiple buffer overflows in SmartFTP 1.0.973, and other versions before 1.0.976, allow remote attackers to execute arbitrary code via (1) a long response to a PWD command, which triggers a stack-based overflow, and (2) a long line in a response to a file LIST command, which triggers a heap-based overflow. | |||||
| CVE-2005-4239 | 1 Php Jackknife | 1 Php Jackknife | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Search/DisplayResults.php in PHP JackKnife 2.21 and earlier allows remote attackers to inject arbitrary web script or HTML via URL-encoded values in the sKeywords parameter. | |||||
| CVE-2004-0646 | 1 Macromedia | 2 Coldfusion, Jrun | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in the WriteToLog function for JRun 3.0 through 4.0 web server connectors, such as (1) mod_jrun and (2) mod_jrun20 for Apache, with verbose logging enabled, allows remote attackers to execute arbitrary code via a long HTTP header Content-Type field or other fields. | |||||
| CVE-1999-1398 | 1 Sgi | 1 Irix | 2025-04-03 | 6.2 MEDIUM | N/A |
| Vulnerability in xfsdump in SGI IRIX may allow local users to obtain root privileges via the bck.log log file, possibly via a symlink attack. | |||||
| CVE-2006-3228 | 1 Nullsoft | 1 Winamp | 2025-04-03 | 9.3 HIGH | N/A |
| Buffer overflow in in_midi.dll for WinAmp 2.90 up to 5.23, including 5.21, allows remote attackers to execute arbitrary code via a crafted .mid (MIDI) file. | |||||
| CVE-2006-4552 | 1 Chxo | 1 Feedsplitter | 2025-04-03 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in CHXO Feedsplitter 2006-01-21 allows remote attackers to inject arbitrary web script or HTML via the RSS feed. | |||||
| CVE-2005-0962 | 1 Lighthouse Development | 1 Squirrelcart | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php for Lighthouse Squirrelcart allows remote attackers to execute arbitrary SQL commands via the (1) crn parameter in a show action or (2) rn parameter in a show_detail action. | |||||
| CVE-2003-0604 | 1 Microsoft | 1 Windows Media Player | 2025-04-03 | 7.5 HIGH | N/A |
| Windows Media Player (WMP) 7 and 8, as running on Internet Explorer and possibly other Microsoft products that process HTML, allows remote attackers to bypass zone restrictions and access or execute arbitrary files via an IFRAME tag pointing to an ASF file whose Content-location contains a File:// URL. | |||||
| CVE-2005-1506 | 1 Cj | 1 Ultra Plus | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in out.php in CJ Ultra (CJUltra) Plus 1.0.3 and 1.0.4 allows remote attackers to execute arbitrary SQL commands via the perm parameter. | |||||
| CVE-1999-0432 | 1 Hp | 1 Hp-ux | 2025-04-03 | 4.6 MEDIUM | N/A |
| ftp on HP-UX 11.00 allows local users to gain privileges. | |||||
| CVE-1999-1358 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2025-04-03 | 4.6 MEDIUM | N/A |
| When an administrator in Windows NT or Windows 2000 changes a user policy, the policy is not properly updated if the local ntconfig.pol is not writable by the user, which could allow local users to bypass restrictions that would otherwise be enforced by the policy, possibly by changing the policy file to be read-only. | |||||
| CVE-2004-2456 | 1 Minibb | 1 Minibb | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in miniBB 1.7f and earlier allows remote attackers to execute arbitrary SQL commands via the user parameter in a userinfo action. | |||||
| CVE-2006-0378 | 1 Netrix | 1 X-site Manager | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Netrix X-Site Manager allows remote attackers to inject arbitrary web script or HTML via the product_id parameter, as originally demonstrated for a custom mp3players_details.php program. NOTE: the name of the affected program might be installation-dependent, but it has been identified as "product_details.php" by some sources. | |||||