Total
254968 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-2591 | 1 Buttuglysoftware | 1 Cleancache | 2024-02-04 | 2.1 LOW | N/A |
| The data-overwrite capability of ButtUglySoftware CleanCache 2.19 does not properly overwrite data in files, which allows attackers to recover the data. | |||||
| CVE-2005-1859 | 1 Sgi | 1 Propack | 2024-02-04 | 7.2 HIGH | N/A |
| Unknown vulnerability in arshell in the Array Service (arrayd) for SGI ProPack 3 with SP 5 and 6, and SGI ProPack 4, allows local users to execute arbitrary shells as root on other hosts in the cluster or array. | |||||
| CVE-2005-3891 | 1 Gadu-gadu | 1 Gadu-gadu Instant Messenger | 2024-02-04 | 7.8 HIGH | N/A |
| Stack-based buffer overflow in Gadu-Gadu 7.20 allows remote attackers to cause a denial of service (crash) via an image filename between exactly 192 to 200 characters, which does not account for the "imgcache\" string that is added to the end of the buffer. | |||||
| CVE-2006-2121 | 1 I-rater | 1 I-rater Platinum | 2024-02-04 | 5.0 MEDIUM | N/A |
| PHP remote file include vulnerability in admin/config_settings.tpl.php in I-RATER Platinum allows remote attackers to execute arbitrary code via a URL in the include_path parameter. NOTE: this is a different vector, and possibly a different vulnerability, than CVE-2006-1929. | |||||
| CVE-2006-1430 | 1 Controlzx | 1 Hms | 2024-02-04 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in CONTROLzx HMS (formerly DRZES) 3.3.4 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) dedicatedPlanID parameter to dedicated_order.php, (2) sharedPlanID parameter to shared_order.php, (3) plan_id parameter to customers/server_management.php, and (4) email field to customers/forgotpass.php. | |||||
| CVE-2004-2280 | 1 Ibm | 1 Lotus Notes | 2024-02-04 | 5.0 MEDIUM | N/A |
| Buffer overflow in IBM Lotus Notes 6.5.x before 6.5.3 and 6.0.x before 6.0.5 allows remote attackers to cause a denial of service (crash) via unknown vectors related to Java applets, as identified by KSPR62F4KN. | |||||
| CVE-2005-2658 | 1 Softwolves Software | 1 Turquoise Superstat | 2024-02-04 | 7.5 HIGH | N/A |
| Buffer overflow in utility.cpp in Turquoise SuperStat (turqstat) 2.2.4 and earlier might allow remote NNTP servers to execute arbitrary code via a date with a long month. | |||||
| CVE-2006-2973 | 1 Php Lite | 1 Calendar Express | 2024-02-04 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in month.php in PHP Lite Calendar Express 2.2 allow remote attackers to execute arbitrary SQL commands via the (1) catid and (2) cid parameter. NOTE: this might be a duplicate of CVE-2005-4009.c. | |||||
| CVE-2006-2887 | 1 Aspburst | 1 Mynewsletter | 2024-02-04 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in myNewsletter 1.1.2 and earlier allow remote attackers to execute arbitrary SQL commands via the UserName parameter in (1) validatelogin.asp or (2) adminlogin.asp. | |||||
| CVE-2006-1031 | 1 Igenus | 1 Igenus Webmail | 2024-02-04 | 7.5 HIGH | N/A |
| config/config_inc.php in iGENUS Webmail 2.02 and earlier allows remote attackers to include arbitrary local files via the SG_HOME parameter. | |||||
| CVE-2005-2488 | 1 Web Content Management | 1 Web Content Management News System | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Web Content Management News System allows remote attackers to inject arbitrary web script or HTML via (1) the strRootpath parameter to validsession.php or (2) the strTable parameter to Admin/News/List.php. | |||||
| CVE-2005-0880 | 1 Vortex Portal | 1 Vortex Portal | 2024-02-04 | 5.0 MEDIUM | N/A |
| content.php in Vortex Portal allows remote attackers to obtain sensitive information via an invalid act parameter, which leaks the full pathname in a PHP error message. | |||||
| CVE-2005-2156 | 1 Phpnews | 1 Phpnews | 2024-02-04 | 7.5 HIGH | N/A |
| SQL injection vulnerability in news.php in PHPNews 1.2.5 allows remote attackers to execute arbitrary SQL commands via the prevnext parameter. | |||||
| CVE-2005-0961 | 1 Horde | 1 Application Framework | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Horde 3.0.4 before 3.0.4-RC2 allows remote attackers to inject arbitrary web script or HTML via the parent frame title. | |||||
| CVE-2005-4012 | 1 Php Web | 1 Statistik | 2024-02-04 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in PHP Web Statistik 1.4 allows remote attackers to inject arbitrary web script or HTML via (1) the lastnumber parameter to stat.php and (2) the HTTP referer to pixel.php. | |||||
| CVE-2006-1294 | 1 Knowledgebasepublisher | 1 Knowledgebasepublisher | 2024-02-04 | 7.5 HIGH | N/A |
| PHP remote file include vulnerability in PageController.php in KnowledgebasePublisher 1.2 allows remote attackers to include and execute arbitrary PHP code via a URL in the dir parameter. | |||||
| CVE-2005-1424 | 1 Stumbleinside | 1 Gotext | 2024-02-04 | 2.1 LOW | N/A |
| StumbleInside GoText 1.01 stores sensitive username, mail address,and phone number information in plaintext in the GoText.bin file, which allows local users to obtain that information. | |||||
| CVE-2005-2115 | 1 Raven Software | 1 Soldier Of Fortune 2 | 2024-02-04 | 5.0 MEDIUM | N/A |
| Soldier of Fortune II 1.02x and 1.03 allows remote attackers to cause a denial of service (server crash) via a large ID value in the ignore command, which is used as an array index and causes an out-of-bounds operation. | |||||
| CVE-2005-3486 | 1 Scorched 3d | 1 Scorched 3d | 2024-02-04 | 7.5 HIGH | N/A |
| Multiple format string vulnerabilities in Scorched 3D 39.1 (bf) and earlier allow remote attackers to execute arbitrary code via various (1) GLConsole::addLine, (2) ServerCommon::sendString, (3) ServerCommon::serverLog functions, and possibly other unspecified vectors. | |||||
| CVE-2006-3407 | 1 Tor | 1 Tor | 2024-02-04 | 6.4 MEDIUM | N/A |
| Tor before 0.1.1.20 allows remote attackers to spoof log entries or possibly execute shell code via strings with non-printable characters. | |||||