Vulnerabilities (CVE)

Filtered by NVD-CWE-Other
Total 29310 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2004-2208 1 Ideal Science 1 Idealbb 2025-04-03 5.0 MEDIUM N/A
CRLF injection vulnerability in Ideal Science IdealBB 1.4.9 through 1.5.3 allows remote attackers to conduct HTTP response splitting attacks via unknown vectors.
CVE-2006-0867 1 South River 1 Webdrive 2025-04-03 5.0 MEDIUM N/A
Buffer overflow in certain versions of South River (aka SRT) WebDrive, possibly version 6.08 build 1131 and version 8, allows remote attackers to cause a denial of service (application crash and persistent erratic behavior) via a long string in the name entry field.
CVE-2003-1069 1 Sun 2 Solaris, Sunos 2025-04-03 5.0 MEDIUM N/A
The Telnet daemon (in.telnetd) for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (CPU consumption by infinite loop).
CVE-2006-3473 1 Drupal 1 Form Mail Module 2025-04-03 7.5 HIGH N/A
CRLF injection vulnerability in form_mail Drupal Module before 1.8.2.2 allows remote attackers to inject e-mail headers, which facilitates sending spam messages, a different issue than CVE-2006-1225.
CVE-2006-2120 1 Libtiff 1 Libtiff 2025-04-03 2.1 LOW N/A
The TIFFToRGB function in libtiff before 3.8.1 allows remote attackers to cause a denial of service (crash) via a crafted TIFF image with Yr/Yg/Yb values that exceed the YCR/YCG/YCB values, which triggers an out-of-bounds read.
CVE-2005-0058 1 Microsoft 6 Windows 2000, Windows 2003 Server, Windows 98 and 3 more 2025-04-03 7.5 HIGH N/A
Buffer overflow in the Telephony Application Programming Interface (TAPI) for Microsoft Windows 98, Windows 98 SE, Windows ME, Windows 2000, Windows XP, and Windows Server 2003 allows attackers to elevate privileges or execute arbitrary code via a crafted message.
CVE-2003-0288 1 Hiroaki Shirouzu 1 Ip Messenger 2025-04-03 10.0 HIGH N/A
Buffer overflow in the file & folder transfer mechanism for IP Messenger for Win 2.00 through 2.02 allows remote attackers to execute arbitrary code via file with a long filename, which triggers the overflow when the user saves the file.
CVE-2006-2141 1 Collaborative Portal Server Project 1 Collaborative Portal Server 2025-04-03 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in popup_image in Collaborative Portal Server (CPS) 3.4.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the pos argument.
CVE-2006-2282 1 X7 Group 1 X7 Chat 2025-04-03 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in X7 Chat 2.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via a javascript URI in the URL of an avatar, possibly related to the avatar parameter in register.php.
CVE-2004-2538 1 Nilesh Dosooye 1 Phpcodegenie 2025-04-03 6.5 MEDIUM N/A
Direct static code injection vulnerability in the PCG simple application generation in phpCodeGenie before 3.0.2 allows remote authenticated users to execute arbitrary code via the (1) header or (2) footer.
CVE-2001-0699 1 Sun 1 Sunos 2025-04-03 7.2 HIGH N/A
Buffer overflow in cb_reset in the System Service Processor (SSP) package of SunOS 5.8 allows a local user to execute arbitrary code via a long argument.
CVE-2006-1282 1 Mybulletinboard 1 Mybulletinboard 2025-04-03 4.3 MEDIUM N/A
CRLF injection vulnerability in inc/function.php in MyBulletinBoard (MyBB) 1.04 allows remote attackers to conduct cross-site scripting (XSS), poison caches, or hijack pages via CRLF (%0A%0D) sequences in the Referrer HTTP header field, possibly when redirecting to other web pages.
CVE-2004-1293 1 Rtf2latex2e 1 Rtf2latex2e 2025-04-03 10.0 HIGH N/A
Buffer overflow in the ReadFontTbl function in reader.c for rtf2latex2e 1.0fc2 allows remote attackers to execute arbitrary code via a crafted RTF file.
CVE-2006-1704 1 Hubert Plisson 1 Sire 2025-04-03 5.0 MEDIUM N/A
Sire 2.0 nws allows remote attackers to upload arbitrary image files without authentication via a direct request to upload.php.
CVE-2002-0648 1 Microsoft 1 Internet Explorer 2025-04-03 5.0 MEDIUM N/A
The legacy <script> data-island capability for XML in Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to read arbitrary XML files, and portions of other files, via a URL whose "src" attribute redirects to a local file.
CVE-2006-2875 1 Id Software 1 Quake 3 Engine 2025-04-03 7.5 HIGH N/A
Stack-based buffer overflow in the CL_ParseDownload function of Quake 3 Engine 1.32c and earlier, as used in multiple products, allows remote attackers to execute arbitrary code via a svc_download command with compressed data that triggers the overflow during expansion.
CVE-2002-0432 1 Citadel 1 Ux 2025-04-03 10.0 HIGH N/A
Buffer overflow in (1) lprintf and (2) cprintf in sysdep.c of Citadel/UX 5.90 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via attacks such as a long HELO command to the SMTP server.
CVE-2004-1035 1 Imap Proxy 1 Imap Proxy 2025-04-03 6.4 MEDIUM N/A
Multiple integer signedness errors in (1) imapcommon.c, (2) main.c, (3) request.c, and (4) select.c for up-imapproxy IMAP proxy 1.2.2 allow remote attackers to cause a denial of service (server crash) and possibly leak sensitive information via certain literal values that are not properly handled when using the IMAP_Line_Read function.
CVE-2006-2825 1 Cpanel 1 Cpanel 2025-04-03 5.1 MEDIUM N/A
cPanel does not automatically synchronize the PHP open_basedir configuration directive between the main server and virtual hosts that share physical directories, which might allow a local user to bypass open_basedir restrictions and access other virtual hosts via a PHP script that uses a main server URL (such as ~username) that is blocked by the user's own open_basedir directive, but not the main server's open_basedir directive.
CVE-2001-0772 1 Hp 1 Hp-ux 2025-04-03 4.6 MEDIUM N/A
Buffer overflows and other vulnerabilities in multiple Common Desktop Environment (CDE) modules in HP-UX 10.10 through 11.11 allow attackers to cause a denial of service and possibly gain additional privileges.