Total
254946 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2006-3376 | 1 Wvware | 2 Libwmf, Wv2 | 2024-02-04 | 7.5 HIGH | N/A |
Integer overflow in player.c in libwmf 0.2.8.4, as used in multiple products including (1) wv, (2) abiword, (3) freetype, (4) gimp, (5) libgsf, and (6) imagemagick allows remote attackers to execute arbitrary code via the MaxRecordSize header field in a WMF file. | |||||
CVE-2006-4016 | 1 Toenda Software Development | 1 Toendacms | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in /toendaCMS in toendaCMS stable 1.0.3 and earlier, and unstable 1.1 and earlier, allows remote attackers to inject arbitrary web script or HTML via the s parameter. | |||||
CVE-2006-0865 | 1 Punbb | 1 Punbb | 2024-02-04 | 5.0 MEDIUM | N/A |
PunBB 1.2.10 and earlier allows remote attackers to cause a denial of service (resource consumption) by registering many user accounts quickly. | |||||
CVE-2006-3779 | 1 Citrix | 3 Metaframe, Metaframe Presentation Server, Presentation Server | 2024-02-04 | 6.5 MEDIUM | N/A |
Citrix MetaFrame up to XP 1.0 Feature 1, except when running on Windows Server 2003, installs a registry key with an insecure ACL, which allows remote authenticated users to gain privileges. | |||||
CVE-2004-2672 | 1 Argosoft | 1 Ftp Server | 2024-02-04 | 7.5 HIGH | N/A |
Unspecified vulnerability in ArGoSoft FTP server before 1.4.2.2 allows attackers to upload .lnk files via unknown vectors. | |||||
CVE-2006-0229 | 1 Wehnus | 1 Wehntrust | 2024-02-04 | 2.1 LOW | N/A |
Unquoted Windows search path vulnerability in Wehntrust might allow local users to gain privileges via a malicious "program.exe" file in the C: folder, which is run when Wehntrust creates the autostart key. | |||||
CVE-2006-3869 | 1 Microsoft | 1 Ie | 2024-02-04 | 7.5 HIGH | N/A |
Heap-based buffer overflow in URLMON.DLL in Microsoft Internet Explorer 6 SP1 on Windows 2000 and XP SP1, with versions the MS06-042 patch before 20060824, allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long URL on a website that uses HTTP 1.1 compression. | |||||
CVE-2006-2789 | 1 Gnome | 1 Evolution | 2024-02-04 | 2.6 LOW | N/A |
Evolution 2.2.x and 2.3.x in GNOME 2.7 and 2.8, when "load images if sender in addressbook" is enabled, allows remote attackers to cause a denial of service (persistent crash) via a crafted "From" header that triggers an assert error in camel-internet-address.c when a null pointer is used. | |||||
CVE-2006-1963 | 1 Pcpin | 1 Pcpin Chat | 2024-02-04 | 5.5 MEDIUM | N/A |
Directory traversal vulnerability in main.php in PCPIN Chat 5.0.4 and earlier allows remote authenticated users to include and execute arbitrary PHP code via a ".." (dot dot) in a language cookie, as demonstrated by uploading then accessing a smiliefile image that actually contains PHP code. | |||||
CVE-2005-3724 | 1 Zyxel | 2 P2000w Version 1 Voip Wifi Phone, Prestige 2000w V.1voip Wi-fi Phone | 2024-02-04 | 6.4 MEDIUM | N/A |
Zyxel P2000W Version 1 VOIP WIFI Phone Wj.00.10 allows remote attackers to obtain sensitive information and possibly cause a denial of service via a direct connection to UDP port 9090, which is undocumented and does not require authentication. | |||||
CVE-2006-2928 | 1 Cms-bandits | 1 Cms-bandits | 2024-02-04 | 5.1 MEDIUM | N/A |
Multiple PHP remote file inclusion vulnerabilities in CMS-Bandits 2.5 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the spaw_root parameter in (1) dialogs/img.php and (2) dialogs/td.php. | |||||
CVE-2006-1062 | 1 Lurker | 1 Lurker | 2024-02-04 | 5.0 MEDIUM | N/A |
Unspecified vulnerability in lurker.cgi for Lurker 2.0 and earlier allows attackers to read arbitrary files via unknown vectors. | |||||
CVE-2005-3664 | 2 F-secure, Kaspersky Lab | 3 F-secure Anti-virus, Kaspersky Anti-virus, Kaspersky Anti-virus Personal | 2024-02-04 | 7.5 HIGH | N/A |
Heap-based buffer overflow in Kaspersky Anti-Virus Engine, as used in Kaspersky Personal 5.0.227, Anti-Virus On-Demand Scanner for Linux 5.0.5, and F-Secure Anti-Virus for Linux 4.50 allows remote attackers to execute arbitrary code via a crafted CHM file. | |||||
CVE-2006-3424 | 1 Webex Communications | 1 Webex Downloader Activex Control | 2024-02-04 | 7.5 HIGH | N/A |
Multiple buffer overflows in WebEx Downloader ActiveX Control, possibly in versions before November 2005, allow remote attackers to execute arbitrary code via unspecified vectors. | |||||
CVE-2005-0185 | 1 Mnet Soft Factory | 1 Nodemanager Professional | 2024-02-04 | 7.5 HIGH | N/A |
Stack-based buffer overflow in NodeManager Professional 2.00 allows remote attackers to execute arbitrary commands via a LinkDown-Trap packet that contains a long OCTET-STRING in the Trap variable-bindings field. | |||||
CVE-2006-3804 | 1 Mozilla | 2 Seamonkey, Thunderbird | 2024-02-04 | 5.0 MEDIUM | N/A |
Heap-based buffer overflow in Mozilla Thunderbird before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote attackers to cause a denial of service (crash) via a VCard attachment with a malformed base64 field, which copies more data than expected due to an integer underflow. | |||||
CVE-2006-1186 | 1 Microsoft | 2 Ie, Internet Explorer | 2024-02-04 | 10.0 HIGH | N/A |
Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via by instantiating the (1) Mdt2gddr.dll, (2) Mdt2dd.dll, and (3) Mdt2gddo.dll COM objects as ActiveX controls, which leads to memory corruption. | |||||
CVE-2006-3114 | 1 Pc Tools | 1 Pc Tools Antivirus | 2024-02-04 | 4.6 MEDIUM | N/A |
PC Tools AntiVirus 2.1.0.51 uses insecure default permissions on the "PC Tools AntiVirus" directory, which allows local users to gain privileges and execute commands. | |||||
CVE-2005-0130 | 1 Berlios | 1 Konversation | 2024-02-04 | 7.5 HIGH | N/A |
Certain Perl scripts in Konversation 0.15 allow remote attackers to execute arbitrary commands via shell metacharacters in (1) channel names or (2) song names that are not properly quoted when the user runs IRC scripts. | |||||
CVE-2005-1721 | 1 Apple | 1 Afp Server | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in the legacy client support for AFP Server for Mac OS X 10.4.1 allows attackers to execute arbitrary code. |