Total
254946 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-0439 | 1 Stefan Ritt | 1 Elog Web Logbook | 2024-02-04 | 7.5 HIGH | N/A |
| Buffer overflow in the decode_post function in ELOG before 2.5.7 allows remote attackers to execute arbitrary code via attachments with long file names. | |||||
| CVE-2006-0853 | 1 Truenorth Software | 1 Ia Emailserver | 2024-02-04 | 6.5 MEDIUM | N/A |
| Buffer overflow in the IMAP service of TrueNorth Internet Anywhere (IA) eMailserver 5.3.4 allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a long SEARCH argument. | |||||
| CVE-2006-1276 | 1 Himpfen Consulting | 1 Php Simplenews | 2024-02-04 | 10.0 HIGH | N/A |
| admin.php in Himpfen Consulting Company PHP SimpleNEWS 1.0.0 allows remote attackers to bypass authentication by setting the admin parameter in a cookie. | |||||
| CVE-2006-4446 | 1 Microsoft | 1 Ie | 2024-02-04 | 5.0 MEDIUM | N/A |
| Heap-based buffer overflow in DirectAnimation.PathControl COM object (daxctle.ocx) in Microsoft Internet Explorer 6.0 SP1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a Spline function call whose first argument specifies a large number of points. | |||||
| CVE-2005-1695 | 1 Postnuke Software Foundation | 1 Postnuke | 2024-02-04 | 2.6 LOW | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the RSS module in PostNuke 0.750 and 0.760RC2 and RC3 allow remote attackers to inject arbitrary web script or HTML via the (1) rss_url parameter to magpie_slashbox.php, or the url parameter to (2) magpie_simple.php or (3) magpie_debug.php. | |||||
| CVE-2005-0401 | 1 Mozilla | 2 Firefox, Mozilla | 2024-02-04 | 5.1 MEDIUM | N/A |
| FireFox 1.0.1 and Mozilla before 1.7.6 do not sufficiently address all attack vectors for loading chrome files and hijacking drag and drop events, which allows remote attackers to execute arbitrary XUL code by tricking a user into dragging a scrollbar, a variant of CVE-2005-0527, aka "Firescrolling 2." | |||||
| CVE-2005-0489 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 4.9 MEDIUM | N/A |
| The /proc handling (proc/base.c) Linux kernel 2.4 before 2.4.17 allows local users to cause a denial of service via unknown vectors that cause an invalid access of free memory. | |||||
| CVE-2006-0608 | 1 Hinton Design | 1 Phphd | 2024-02-04 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Hinton Design phphd 1.0 allow remote attackers to execute arbitrary SQL commands via (1) the username parameter to check.php or (2) unknown attack vectors to scripts that display information from the database. | |||||
| CVE-2006-3332 | 1 Phpoutsourcing | 1 Zorum | 2024-02-04 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Zorum Forum 3.5 allows remote attackers to execute arbitrary SQL commands via the (1) offset, (2) tid, (3) fromid, (4) sortby, (5) fromfrommethod, and (6) fromfromlist parameters. | |||||
| CVE-2006-1758 | 1 Bill Shupp | 1 Vegadns | 2024-02-04 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Vegadns 0.99 allows remote attackers to execute arbitrary SQL commands via the cid parameter. | |||||
| CVE-2006-0339 | 1 Bitcomet | 1 Bitcomet | 2024-02-04 | 7.5 HIGH | N/A |
| Buffer overflow in BitComet Client 0.60 allows remote attackers to execute arbitrary code, when the publisher's name link is clicked, via a long publisher URI in a torrent file. | |||||
| CVE-2006-3316 | 1 Spiffyjr | 1 Phpraid | 2024-02-04 | 5.1 MEDIUM | N/A |
| Multiple PHP remote file inclusion vulnerabilities in phpRaid 3.0.5 allow remote attackers to execute arbitrary code via a URL in the phpraid_dir parameter to (1) logs.php and (2) users.php, a different set of vectors than CVE-2006-3116. | |||||
| CVE-2006-3567 | 1 Juniper | 1 Dx | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the web administration interface logging feature in Juniper Networks (Redline) DX 5.1.x, and possibly earlier versions, allows remote attackers to inject arbitrary web script or HTML via the username login field. | |||||
| CVE-2005-4686 | 1 Punbb | 1 Punbb | 2024-02-04 | 5.0 MEDIUM | N/A |
| PunBB 1.2.9, when used alone or with F-ART BLOG:CMS, includes config.php before calling the unregister_globals function, which allows attackers to obtain unspecified sensitive information. | |||||
| CVE-2005-4611 | 1 Phpfreebies.com | 1 Free Clickbank | 2024-02-04 | 7.5 HIGH | N/A |
| SQL injection vulnerability in search.php in Free ClickBank 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the keywords parameter. | |||||
| CVE-2005-3296 | 1 Hp | 1 Hp-ux | 2024-02-04 | 10.0 HIGH | N/A |
| The FTP server in HP-UX 10.20, B.11.00, and B.11.11, allows remote attackers to list arbitrary directories as root by running the LIST command before logging in. | |||||
| CVE-2005-2416 | 1 Astalavista It Engineering | 1 Contrexx | 2024-02-04 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Contrexx before 1.0.5 allow remote attackers to inject arbitrary web script or HTML via the (1) term parameter to the search module or (2) title in the blog aggregation module. | |||||
| CVE-2005-4789 | 1 Suse | 1 Suse Linux | 2024-02-04 | 2.1 LOW | N/A |
| resmgr in SUSE Linux 9.2 and 9.3, and possibly other distributions, does not properly enforce class-specific exclude rules in some situations, which allows local users to bypass intended access restrictions for USB devices that set their class ID at the interface level. | |||||
| CVE-2005-0437 | 1 Awstats | 1 Awstats | 2024-02-04 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in awstats.pl in AWStats 6.3 and 6.4 allows remote attackers to include arbitrary Perl modules via .. (dot dot) sequences in the loadplugin parameter. | |||||
| CVE-2006-0949 | 1 Raidenhttpd | 1 Raidenhttpd | 2024-02-04 | 5.0 MEDIUM | N/A |
| RaidenHTTPD 1.1.47 allows remote attackers to obtain source code of script files, including PHP, via crafted requests involving (1) "." (dot), (2) space, and (3) "/" (slash) characters. | |||||