Total
255508 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-0078 | 3 Debian, Kde, Redhat | 5 Debian Linux, Kde, Enterprise Linux and 2 more | 2024-02-04 | 4.6 MEDIUM | N/A |
| The KDE screen saver in KDE before 3.0.5 does not properly check the return value from a certain function call, which allows attackers with physical access to cause a crash and access the desktop session. | |||||
| CVE-2006-3970 | 1 Joomla | 1 Lmo | 2024-02-04 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in lmo.php in the LMO Component (com_lmo) 1.0b2 and earlier for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | |||||
| CVE-2006-0380 | 1 Freebsd | 1 Freebsd | 2024-02-04 | 2.1 LOW | N/A |
| A logic error in FreeBSD kernel 5.4-STABLE and 6.0 causes the kernel to calculate an incorrect buffer length, which causes more data to be copied to userland than intended, which could allow local users to read portions of kernel memory. | |||||
| CVE-2006-3306 | 1 Zoid Technologies | 1 Project Eros Bbsengine | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the preparestring function in lib/common.php in Project EROS bbsengine before 20060501-0142-jam, and possibly earlier versions dating back to 2006-02-23, might allow remote attackers to inject arbitrary web script or HTML via unknown vectors. | |||||
| CVE-2005-0902 | 1 Nukebookmarks | 1 Nukebookmarks | 2024-02-04 | 7.5 HIGH | N/A |
| SQL injection vulnerability in marks.php in NukeBookmarks 0.6 for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the category parameter. | |||||
| CVE-2005-1609 | 1 Sun | 1 Storedge 6130 Arrays | 2024-02-04 | 7.5 HIGH | N/A |
| Unknown vulnerability in Sun StorEdge 6130 Arrays (SE6130) with serial numbers between 0451AWF00G and 0513AWF00J allows local users and remote attackers to delete data. | |||||
| CVE-2006-2371 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2024-02-04 | 7.5 HIGH | N/A |
| Buffer overflow in the Remote Access Connection Manager service (RASMAN) service in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows remote unauthenticated or authenticated attackers to execute arbitrary code via certain crafted "RPC related requests," that lead to registry corruption and stack corruption, aka the "RASMAN Registry Corruption Vulnerability." | |||||
| CVE-2005-2499 | 1 Slocate | 1 Slocate | 2024-02-04 | 2.1 LOW | N/A |
| slocate before 2.7 does not properly process very long paths, which allows local users to cause a denial of service (updatedb exit and incomplete slocate database) via a certain crafted directory structure. | |||||
| CVE-2004-1301 | 1 Xlreader | 1 Xlreader | 2024-02-04 | 10.0 HIGH | N/A |
| Buffer overflow in the book_format_sql function in format.c for xlreader 0.9.0 allows remote attackers to execute arbitrary code via a crafted Excel (XLS) file. | |||||
| CVE-2005-2399 | 1 Php Surveyor | 1 Php Surveyor | 2024-02-04 | 7.5 HIGH | N/A |
| PHP Surveyor 0.98 allows remote attackers to trigger SQL errors via missing parameters to (1) browse.php, (2) export.php, (3) conditions.php, or (4) spss.php. | |||||
| CVE-2006-0899 | 1 4images | 1 Image Gallery Management System | 2024-02-04 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in index.php in 4Images 1.7.1 and earlier allows remote attackers to read and include arbitrary files via ".." (dot dot) sequences in the template parameter. | |||||
| CVE-2005-2944 | 1 Brent Ely | 1 Gnome Workstation Command Center | 2024-02-04 | 4.6 MEDIUM | N/A |
| The perform_file_save function in GNOME Workstation Command Center (gwcc) 0.9.6 and earlier allows local users to create and overwrite arbitrary files via a symlink attack on the gwcc_out.txt temporary file. | |||||
| CVE-2006-1000 | 1 G2soft | 1 Pentacle In-out Board | 2024-02-04 | 10.0 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Pentacle In-Out Board 3.0 and earlier allow remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) newsid parameter to newsdetailsview.asp and (2) password parameter to login.asp. | |||||
| CVE-2005-4479 | 1 Phpslash | 1 Phpslash | 2024-02-04 | 7.5 HIGH | N/A |
| SQL injection vulnerability in article.php in phpSlash 0.8.1 and earlier allows remote attackers to execute arbitrary SQL commands via the story_id parameter. | |||||
| CVE-2005-4053 | 1 Cowiki | 1 Cowiki | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in coWiki 0.3.4 allows remote attackers to inject arbitrary web script or HTML via the q parameter, as demonstrated using 26.html. | |||||
| CVE-2005-2901 | 1 Cj Desing | 1 Cjweb2mail | 2024-02-04 | 4.3 MEDIUM | N/A |
| Multiple Cross-site scripting (XSS) vulnerabilities in CjWeb2Mail 3.0 allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) message, or (3) ip parameter to thankyou.php or (4) emsg parameter to web2mail.php. | |||||
| CVE-2006-3678 | 1 3com | 1 Tippingpoint Ips Tos | 2024-02-04 | 5.0 MEDIUM | N/A |
| TippingPoint IPS running the TippingPoint Operating System (TOS) before 2.2.4.6519 allows remote attackers to "force the device into layer 2 fallback (L2FB)", causing a denial of service (page fault), via a malformed packet. | |||||
| CVE-2006-3851 | 1 X7 Group | 1 X7 Chat | 2024-02-04 | 7.5 HIGH | N/A |
| SQL injection vulnerability in upgradev1.php in X7 Chat 2.0.4 and earlier allows remote attackers to execute arbitrary SQL commands via the old_prefix parameter. | |||||
| CVE-2006-3464 | 1 Libtiff | 1 Libtiff | 2024-02-04 | 7.5 HIGH | N/A |
| TIFF library (libtiff) before 3.8.2 allows context-dependent attackers to pass numeric range checks and possibly execute code, and trigger assert errors, via large offset values in a TIFF directory that lead to an integer overflow and other unspecified vectors involving "unchecked arithmetic operations". | |||||
| CVE-2005-1270 | 1 Gentoo | 1 Rootkit Hunter | 2024-02-04 | 2.1 LOW | N/A |
| The (1) check_update.sh and (2) rkhunter script in Rootkit Hunter before 1.2.3-r1 create temporary files with predictable file names, which allows local users to overwrite arbitrary files via a symlink attack. | |||||