Total
255390 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-0366 | 1 Phpclanwebsite | 1 Phpclanwebsite | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Phpclanwebsite (aka PCW) allows remote attackers to inject arbitrary web script or HTML via a javascript URI in a BBCode img tag. | |||||
| CVE-2006-0481 | 1 Greg Roelofs | 1 Libpng | 2024-02-04 | 5.0 MEDIUM | N/A |
| Heap-based buffer overflow in the alpha strip capability in libpng 1.2.7 allows context-dependent attackers to cause a denial of service (crash) when the png_do_strip_filler function is used to strip alpha channels out of the image. | |||||
| CVE-2006-0793 | 1 V-webmail | 1 V-webmail | 2024-02-04 | 5.0 MEDIUM | N/A |
| frameset.php in V-webmail 1.6.2 allows remote attackers to conduct phishing attacks by referencing arbitrary websites in the rframe parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2006-2074 | 1 Juniper | 1 Junose | 2024-02-04 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Juniper Networks JUNOSe E-series routers before 7-1-1 has unknown impact and remote attack vectors related to the DNS "client code," as demonstrated by the OUSPG PROTOS DNS test suite. | |||||
| CVE-2005-4306 | 1 Focalmedia.net | 1 Sitenet Bbs | 2024-02-04 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in SiteNet BBS 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) pg, (2) tid, (3) cid, and (4) fid parameters to netboardr.cgi, or (5) cid parameter to search.cgi. | |||||
| CVE-2005-0942 | 1 Sybase | 1 Adaptive Server Enterprise | 2024-02-04 | 5.0 MEDIUM | N/A |
| The XP Server process (xp_server) in Sybase Adaptive Server Enterprise (ASE) XP Server 12.x before 12.5.3 ESD#1 allows attackers to cause a denial of service (process crash) via malformed data sent to the XP Server TCP port. | |||||
| CVE-2005-4055 | 1 Cars Portal | 1 Cars Portal | 2024-02-04 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Cars Portal 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) page and (2) car parameters. | |||||
| CVE-2005-4794 | 1 Cisco | 7 Application And Content Networking Software, Ata, Ip Phone 7902 and 4 more | 2024-02-04 | 5.0 MEDIUM | N/A |
| Cisco IP Phones 7902/7905/7912, ATA 186/188, Unity Express, ACNS, and Subscriber Edge Services Manager (SESM) allows remote attackers to cause a denial of service (crash or instability) via a compressed DNS packet with a label length byte with an incorrect offset. | |||||
| CVE-2006-2693 | 1 Nivisec | 1 Hacks List | 2024-02-04 | 7.1 HIGH | N/A |
| Directory traversal vulnerability in admin/admin_hacks_list.php in Nivisec Hacks List 1.20 and earlier for phpBB, when register_globals is enabled, allows remote attackers to read arbitrary files via a ".." in the phpEx parameter. | |||||
| CVE-2005-3299 | 1 Phpmyadmin | 1 Phpmyadmin | 2024-02-04 | 5.0 MEDIUM | N/A |
| PHP file inclusion vulnerability in grab_globals.lib.php in phpMyAdmin 2.6.4 and 2.6.4-pl1 allows remote attackers to include local files via the $__redirect parameter, possibly involving the subform array. | |||||
| CVE-2006-3813 | 1 Redhat | 1 Enterprise Linux | 2024-02-04 | 2.1 LOW | N/A |
| A regression error in the Perl package for Red Hat Enterprise Linux 4 omits the patch for CVE-2005-0155, which allows local users to overwrite arbitrary files with debugging information. | |||||
| CVE-2005-4396 | 1 Icms Content Management Systems | 1 Icms | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in admin/Default.asp in iCMS allows remote attackers to inject arbitrary web script or HTML via the LoginMSG parameter. NOTE: the provenance of this issue is unknown; the details were obtained solely from third party sources. | |||||
| CVE-2005-1937 | 1 Mozilla | 2 Firefox, Mozilla | 2024-02-04 | 2.6 LOW | N/A |
| A regression error in Firefox 1.0.3 and Mozilla 1.7.7 allows remote attackers to inject arbitrary Javascript from one page into the frameset of another site, aka the frame injection spoofing vulnerability, a re-introduction of a vulnerability that was originally identified and addressed by CVE-2004-0718. | |||||
| CVE-2005-2057 | 1 Ubbcentral | 1 Ubb.threads | 2024-02-04 | 6.8 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Infopop UBB.Threads before 6.5.2 Beta allow remote attackers to inject arbitrary web script or HTML via the (1) Searchpage parameter to dosearch.php, (2) Number, (3) what, or (4) page parameter to newreply.php, (5) Number, (6) Board, or (7) what parameter to showprofile.php, (8) fpart or (9) page parameter to showflat.php, or (10) like parameter to showmembers.php. | |||||
| CVE-2005-3934 | 1 Symantec | 1 Pcanywhere | 2024-02-04 | 7.8 HIGH | N/A |
| Buffer overflow in Symantec pcAnywhere 11.0.1, 11.5.1, and all other 32-bit versions allows remote attackers to cause a denial of service (application crash) via unknown attack vectors. | |||||
| CVE-2005-0948 | 1 Iatek | 1 Portalapp | 2024-02-04 | 7.5 HIGH | N/A |
| SQL injection vulnerability in ad_click.asp for PortalApp allows remote attackers to execute arbitrary SQL commands via the banner_id parameter. | |||||
| CVE-2005-2657 | 1 Common-lisp-controller | 1 Common-lisp-controller | 2024-02-04 | 4.6 MEDIUM | N/A |
| Unknown vulnerability in common-lisp-controller 4.18 and earlier allows local users to gain privileges by compiling arbitrary code in the cache directory, which is executed by another user if the user has not run Common Lisp before. | |||||
| CVE-2004-2624 | 1 Wackowiki | 1 Wackowiki | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in "TextSearch" in WackoWiki 3.5 allows remote attackers to inject arbitrary web script or HTML via the "phrase" parameter. | |||||
| CVE-2005-0755 | 1 Realnetworks | 3 Helix Player, Realone Player, Realplayer | 2024-02-04 | 5.1 MEDIUM | N/A |
| Heap-based buffer overflow in RealPlayer 10 and earlier, Helix Player before 10.0.4, and RealOne Player v1 and v2 allows remote attackers to execute arbitrary code via a long hostname in a RAM file. | |||||
| CVE-2005-4288 | 1 Marmaraweb | 1 Marmaraweb E-commerce | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in MarmaraWeb E-commerce allows remote attackers to inject arbitrary web script or HTML via the page parameter to index.php. NOTE: this might be resultant from CVE-2005-4287. | |||||