Total
255314 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2005-3098 | 1 Qualcomm | 1 Qpopper | 2024-02-04 | 4.6 MEDIUM | N/A |
poppassd in Qualcomm qpopper 4.0.8 allows local users to modify arbitrary files and gain privileges via the -t (trace file) command line argument. | |||||
CVE-2005-4092 | 1 Apple | 2 Itunes, Quicktime | 2024-02-04 | 7.5 HIGH | N/A |
Multiple heap-based buffer overflows in QuickTime.qts in Apple QuickTime Player 7.0.3 and iTunes 6.0.1 (3) and earlier allow remote attackers to cause a denial of service (crash) and execute arbitrary code via a .mov file with (1) a Movie Resource atom with a large size value, or (2) an stsd atom with a modified Sample Description Table size value, and possibly other vectors involving media files. NOTE: item 1 was originally identified by CVE-2005-4127 for a pre-patch announcement, and item 2 was originally identified by CVE-2005-4128 for a pre-patch announcement. | |||||
CVE-2005-2595 | 1 Dada Mail | 1 Dada Mail | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in Dada Mail before 2.10 Alpha 1 allows remote attackers to execute arbitrary Javascript via archived messages. | |||||
CVE-2006-3171 | 1 Comscripts | 1 Cs-forum | 2024-02-04 | 5.0 MEDIUM | N/A |
CRLF injection vulnerability in CS-Forum before 0.82 allows remote attackers to inject arbitrary email headers via a newline character in the email parameter to ajouter.php. | |||||
CVE-2005-0825 | 1 Lgames | 1 Ltris | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in LTris before 1.0.10 allows local users to execute arbitrary code via a crafted highscores file. | |||||
CVE-2006-2996 | 1 Lovecompass | 1 Aepartner | 2024-02-04 | 7.5 HIGH | N/A |
PHP remote file inclusion vulnerability in inc/design.inc.php in LoveCompass aePartner 0.8.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the dir[data] parameter. | |||||
CVE-2005-0972 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-02-04 | 7.2 HIGH | N/A |
Integer overflow in the searchfs system call in Mac OS X 10.3.9 and earlier allows local users to execute arbitrary code via crafted parameters. | |||||
CVE-2006-3258 | 1 Bnbt | 2 Easytracker, Trinedit | 2024-02-04 | 2.6 LOW | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in index.html in BNBT TrinEdit and EasyTracker 7.7r3.2004.10.27 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) filter or (2) sort parameters. | |||||
CVE-2006-4059 | 1 Usolved | 1 Newsolved Lite | 2024-02-04 | 7.5 HIGH | N/A |
Multiple PHP remote file inclusion vulnerabilities in USOLVED NEWSolved Lite 1.9.2, and possibly earlier, allow remote attackers to execute arbitrary PHP code via a URL in the abs_path parameter to (1) newsscript_lyt.php, (2) newsticker/newsscript_get.php, (3) inc/output/news_theme1.php, (4) inc/output/news_theme2.php, or (5) inc/output/news_theme3.php. | |||||
CVE-2006-1323 | 1 Webtoolmaster Software | 1 Winhki | 2024-02-04 | 5.1 MEDIUM | N/A |
Directory traversal vulnerability in WinHKI 1.6 and earlier allows user-assisted attackers to overwrite arbitrary files via a (1) RAR, (2) TAR, (3) ZIP, or (4) TAR.GZ archive with a file whose file name contains ".." sequences. | |||||
CVE-2004-0942 | 1 Apache | 1 Http Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Apache webserver 2.0.52 and earlier allows remote attackers to cause a denial of service (CPU consumption) via an HTTP GET request with a MIME header containing multiple lines with a large number of space characters. | |||||
CVE-2005-2652 | 1 Phpoutsourcing | 1 Zorum | 2024-02-04 | 5.0 MEDIUM | N/A |
Zorum 3.5 allows remote attackers to obtain the full installation path via direct requests to (1) gorum/notification.php, (2) user.php, (3) attach.php, (4) blacklist.php, (5) zorum/forum.php, (6) globalstat.php, (7) gorum/trace.php, (8) gorum/badwords.php, or (9) gorum/flood.php. | |||||
CVE-2005-0390 | 1 Axel | 1 Axel | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in the HTTP redirection capability in conn.c for Axel before 1.0b may allow remote attackers to execute arbitrary code. | |||||
CVE-2006-4424 | 1 Coinsoft Technologies | 1 Phpcoin | 2024-02-04 | 5.1 MEDIUM | N/A |
PHP remote file inclusion vulnerability in coin_includes/constants.php in phpCOIN 1.2.3 allows remote attackers to execute arbitrary PHP code via the _CCFG[_PKG_PATH_INCL] parameter. | |||||
CVE-2005-4798 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 5.0 MEDIUM | N/A |
Buffer overflow in NFS readlink handling in the Linux Kernel 2.4 up to 2.4.31 allows remote NFS servers to cause a denial of service (crash) via a long symlink, which is not properly handled in (1) nfs2xdr.c or (2) nfs3xdr.c and causes a crash in the NFS client. | |||||
CVE-2005-1973 | 1 Sun | 1 J2se | 2024-02-04 | 5.1 MEDIUM | N/A |
Java Web Start in Java 2 Platform Standard Edition (J2SE) 5.0 and 5.0 Update 1 allows applications to assign permissions to themselves and gain privileges. | |||||
CVE-2006-3524 | 1 Sipfoundry | 1 Sipxtapi | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in SIPfoundry sipXtapi released before 20060324 allows remote attackers to execute arbitrary code via a long CSeq field value in an INVITE message. | |||||
CVE-2005-4084 | 1 Phpbb Styles | 1 Phpbb Extreme Styles | 2024-02-04 | 5.0 MEDIUM | N/A |
xs_edit.php in the phpBB eXtreme Styles module 2.2.1 and earlier allows remote attackers to obtain the installation path of the application via an invalid viewbackup parameter. | |||||
CVE-2005-0144 | 1 Mozilla | 2 Firefox, Mozilla | 2024-02-04 | 2.6 LOW | N/A |
Firefox before 1.0 and Mozilla before 1.7.5 display the secure site lock icon when a view-source: URL references a secure SSL site while an insecure page is being loaded, which could facilitate phishing attacks. | |||||
CVE-2006-3735 | 1 Mail2forum | 1 Mail2forum | 2024-02-04 | 5.1 MEDIUM | N/A |
Multiple PHP remote file inclusion vulnerabilities in Mail2Forum (module for phpBB) 1.2 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the m2f_root_path parameter to (1) m2f/m2f_phpbb204.php, (2) m2f/m2f_forum.php, (3) m2f/m2f_mailinglist.php or (4) m2f/m2f_cron.php. |