Total
255393 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-3121 | 1 High Availability Linux Project | 1 Heartbeat | 2024-02-04 | 5.0 MEDIUM | N/A |
| The peel_netstring function in cl_netstring.c in the heartbeat subsystem in High-Availability Linux before 1.2.5, and 2.0 before 2.0.7, allows remote attackers to cause a denial of service (crash) via the length parameter in a heartbeat message. | |||||
| CVE-2005-2892 | 1 Pblang | 1 Pblang | 2024-02-04 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in setcookie.php in PBLang 4.65, and possibly earlier versions, allows remote attackers to read arbitrary files via ".." sequences and "%00" (trailing null byte) in the u parameter. | |||||
| CVE-2004-2477 | 1 Diamondcs | 1 Process Guard Free | 2024-02-04 | 2.1 LOW | N/A |
| DiamondCS Process Guard Free 2.000 allows local users to disable the process guard protection system by overwriting the current Service Descriptor Table (SDT) in \device\physicalmemory with the original SDT found in ntoskrnl.exe. | |||||
| CVE-2006-1621 | 1 Hosting Controller | 1 Hosting Controller | 2024-02-04 | 4.0 MEDIUM | N/A |
| Directory traversal vulnerability in admin/folders/saveuploadfiles.asp in Hosting Controller 2002 RC 1 allows remote authenticated users to overwrite arbitrary files via an absolute path in the OpenPath parameter. | |||||
| CVE-2005-0933 | 1 Coinsoft Technologies | 1 Phpcoin | 2024-02-04 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in auxpage.php for phpCOIN 1.2.1b and earlier allows remote attackers to read arbitrary files via the page parameter. | |||||
| CVE-2006-3632 | 1 Ethereal Group | 1 Ethereal | 2024-02-04 | 10.0 HIGH | N/A |
| Buffer overflow in Wireshark (aka Ethereal) 0.8.16 to 0.99.0 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the NFS dissector. | |||||
| CVE-2006-0047 | 1 Freeciv | 1 Freeciv | 2024-02-04 | 5.0 MEDIUM | N/A |
| packets.c in Freeciv 2.0 before 2.0.8 allows remote attackers to cause a denial of service (server crash) via crafted packets with negative compressed size values. | |||||
| CVE-2004-2385 | 1 Emumail | 1 Emu Webmail | 2024-02-04 | 5.0 MEDIUM | N/A |
| EMU Webmail 5.2.7 allows remote attackers to obtain sensitive path information (home directory) via an HTTP request for init.emu. | |||||
| CVE-2005-2887 | 1 Maxdev | 1 Md-pro | 2024-02-04 | 5.0 MEDIUM | N/A |
| MAXdev MD-Pro 1.0.73, and possibly earlier versions, allows remote attackers to obtain sensitive information via a direct request to (1) wiki.php, (2) AutoTheme directory, (3) Blocks directory, (4) admin.php, (5) pnadmin.php, or (6) Topics directory, which reveal the path in an error message. | |||||
| CVE-2005-3705 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-02-04 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in WebKit in Mac OS X and OS X Server 10.3.9 and 10.4.3, as used in applications such as Safari, allows remote attackers to execute arbitrary code via unknown attack vectors. | |||||
| CVE-2005-3413 | 1 Eyeos Project | 1 Eyeos | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in desktop.php in eyeOS 0.8.4 allows remote attackers to inject arbitrary web script or HTML via the motd parameter. | |||||
| CVE-2005-0021 | 1 University Of Cambridge | 1 Exim | 2024-02-04 | 7.2 HIGH | N/A |
| Multiple buffer overflows in Exim before 4.43 may allow attackers to execute arbitrary code via (1) an IPv6 address with more than 8 components, as demonstrated using the -be command line option, which triggers an overflow in the host_aton function, or (2) the -bh command line option or dnsdb PTR lookup, which triggers an overflow in the dns_build_reverse function. | |||||
| CVE-2005-1549 | 1 Colored Scripts | 1 Easy Message Board | 2024-02-04 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in easymsgb.pl in Easy Message Board allows remote attackers to read arbitrary files via a .. (dot dot) in the print parameter. | |||||
| CVE-2006-4644 | 1 Phpfullannu | 1 Phpfullannu | 2024-02-04 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in modules/home.module.php in phpFullAnnu 5.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the repmod parameter. | |||||
| CVE-2006-3975 | 1 Broadcom | 1 Etrust Antivirus Webscan | 2024-02-04 | 7.5 HIGH | N/A |
| Unspecified vulnerability in CA eTrust Antivirus WebScan allows remote attackers to execute arbitrary code due to "improper bounds checking when processing certain user input." | |||||
| CVE-2005-1930 | 1 Trend Micro | 1 Serverprotect | 2024-02-04 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the Crystal Report component (rptserver.asp) in Trend Micro ServerProtect Management Console 5.58, as used in Control Manager 2.5 and 3.0 and Damage Cleanup Server 1.1, and possibly earlier versions, allows remote attackers to read arbitrary files via the IMAGE parameter. | |||||
| CVE-2005-2986 | 1 Ahnlab | 3 V3 Virusblock 2005, V3net, V3pro 2004 | 2024-02-04 | 7.5 HIGH | N/A |
| The v3flt2k.sys driver in AhnLab V3Pro 2004 Build 6.0.0.383, V3 VirusBlock 2005 Build 6.0.0.383, V3Net for Windows Server 6.0 Build 6.0.0.383 does not properly validate the source of the DeviceIoControl commands, which allows remote attackers to gain privileges. | |||||
| CVE-2006-3162 | 1 Smartsitecms | 1 Smartsitecms | 2024-02-04 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in include/inc_foot.php in SmartSiteCMS 1.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the root parameter. | |||||
| CVE-2005-3076 | 1 Simplog | 1 Simplog | 2024-02-04 | 7.5 HIGH | N/A |
| Simplog 0.9.1 might allow remote attackers to execute arbitrary SQL commands or trigger SQL error messages via invalid (1) pid, (2) blogid, (3) cid, or (4) m parameters to archive.php, or the (5) blogid parameter to blogadmin.php. | |||||
| CVE-2005-3972 | 1 Extreme Corporate | 1 Extreme Search | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in extremesearch.php in Extreme Search Corporate Edition 6.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter. | |||||