Total
254920 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-1655 | 1 Mpg123 | 1 Mpg123 | 2024-02-04 | 6.5 MEDIUM | N/A |
| Multiple buffer overflows in mpg123 0.59r allow user-assisted attackers to trigger a segmentation fault and possibly have other impacts via a certain MP3 file, as demonstrated by mpg1DoS3. NOTE: this issue might be related to CVE-2004-0991, but it is not clear. | |||||
| CVE-2005-0770 | 1 Datarescue | 1 Ida Pro | 2024-02-04 | 7.5 HIGH | N/A |
| Format string vulnerability in DataRescue Interactive Disassembler and Debugger (IDA) Pro 4.7.0.830 allows remote attackers or local users to cause a denial of service (CPU consumption or application crash) and possibly execute arbitrary code via format string specifiers in a dynamic link library (DLL) name. | |||||
| CVE-2005-1012 | 1 Iatek | 1 Siteenable | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Iatek SiteEnable allows remote attackers to inject arbitrary web script or HTML via (1) the contenttype parameter to content.asp, (2) the title, or (3) the description. | |||||
| CVE-2005-1683 | 1 Microsoft | 1 Word | 2024-02-04 | 2.6 LOW | N/A |
| Buffer overflow in winword.exe 10.2627.6714 and earlier in Microsoft Word for the Macintosh, before SP3 for Word 2002, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted mcw file. | |||||
| CVE-2006-0013 | 1 Microsoft | 2 Windows 2003 Server, Windows Xp | 2024-02-04 | 6.5 MEDIUM | N/A |
| Buffer overflow in the Web Client service (WebClnt.dll) for Microsoft Windows XP SP1 and SP2, and Server 2003 up to SP1, allows remote authenticated users or Guests to execute arbitrary code via crafted RPC requests, a different vulnerability than CVE-2005-1207. | |||||
| CVE-2006-4599 | 1 Autentificator | 1 Autentificator | 2024-02-04 | 7.5 HIGH | N/A |
| SQL injection vulnerability in aut_verifica.inc.php in Autentificator 2.01 allows remote attackers to execute arbitrary SQL commands via the user parameter. | |||||
| CVE-2005-4571 | 1 Myezshop | 1 Myezshop Shopping Cart | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in myEZshop Shopping Cart allows remote attackers to inject arbitrary web script or HTML via the Keyword parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2005-3306 | 1 Flatnuke | 1 Flatnuke | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php for FlatNuke 2.5.6 allows remote attackers to inject arbitrary web script or HTML via the user parameter in a profile operation, a different vulnerability than CVE-2005-2814. NOTE: it is possible that this XSS is a resultant vulnerability of CVE-2005-3307. | |||||
| CVE-2004-2508 | 1 Linksys | 1 Wvc11b | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in main.cgi in Linksys WVC11B Wireless-B Internet Video Camera allows remote attackers to inject arbitrary web script or HTML via the next_file parameter. | |||||
| CVE-2005-1055 | 1 Towerblog | 1 Towerblog | 2024-02-04 | 7.5 HIGH | N/A |
| TowerBlog 0.6 and earlier stores the login data file under the web root, which allows remote attackers to obtain the MD5 checksums of the username and password via a direct request to the _dat/login file. | |||||
| CVE-2006-4738 | 1 Jetbox | 1 Jetbox Cms | 2024-02-04 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in phpthumb.php in Jetbox CMS allows remote attackers to execute arbitrary PHP code via a URL in the includes_path parameter. NOTE: The relative_script_path vector is already covered by CVE-2006-2270. | |||||
| CVE-2006-1335 | 1 Gnome | 1 Screensaver | 2024-02-04 | 3.7 LOW | N/A |
| gnome screensaver before 2.14, when running on an X server with AllowDeactivateGrabs and AllowClosedownGrabs enabled, allows attackers with physical access to cause the screensaver to crash and access the session via the Ctl+Alt+Keypad-Multiply keyboard sequence, which removes the grab from gnome. | |||||
| CVE-2005-1294 | 1 Nokia | 1 Affix | 2024-02-04 | 7.2 HIGH | N/A |
| The affix_sock_register in the Affix Bluetooth Protocol Stack for Linux might allow local users to gain privileges via a socket call with a negative protocol value, which is used as an array index. | |||||
| CVE-2006-2129 | 1 Deltascripts | 1 Pro Publish | 2024-02-04 | 5.5 MEDIUM | N/A |
| Direct static code injection vulnerability in Pro Publish 2.0 allows remote authenticated administrators to execute arbitrary PHP code by editing certain settings, which are stored in set_inc.php. | |||||
| CVE-2006-1010 | 1 Crossfire | 1 Crossfire | 2024-02-04 | 6.4 MEDIUM | N/A |
| Buffer overflow in socket/request.c in CrossFire before 1.9.0, when oldsocketmode is enabled, allows remote attackers to cause a denial of service (segmentation fault) and possibly execute code by sending the server a large request. | |||||
| CVE-2006-2781 | 1 Mozilla | 2 Seamonkey, Thunderbird | 2024-02-04 | 6.4 MEDIUM | N/A |
| Double free vulnerability in nsVCard.cpp in Mozilla Thunderbird before 1.5.0.4 and SeaMonkey before 1.0.2 allows remote attackers to cause a denial of service (hang) and possibly execute arbitrary code via a VCard that contains invalid base64 characters. | |||||
| CVE-2005-0196 | 1 Cisco | 1 Ios | 2024-02-04 | 5.0 MEDIUM | N/A |
| Cisco IOS 12.0 through 12.3YL, with BGP enabled and running the bgp log-neighbor-changes command, allows remote attackers to cause a denial of service (device reload) via a malformed BGP packet. | |||||
| CVE-2006-0862 | 1 Infovista | 1 Portalse | 2024-02-04 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in InfoVista PortalSE 2.0 Build 20087 on Solaris 8 without the IV00038969 hotfix allows remote attackers to read arbitrary files via a crafted URL. | |||||
| CVE-2005-1410 | 2 Postgresql, Trustix | 2 Postgresql, Secure Linux | 2024-02-04 | 2.1 LOW | N/A |
| The tsearch2 module in PostgreSQL 7.4 through 8.0.x declares the (1) dex_init, (2) snb_en_init, (3) snb_ru_init, (4) spell_init, and (5) syn_init functions as "internal" even when they do not take an internal argument, which allows attackers to cause a denial of service (application crash) and possibly have other impacts via SQL commands that call other functions that accept internal arguments. | |||||
| CVE-2005-3190 | 1 Broadcom | 1 Igateway | 2024-02-04 | 7.5 HIGH | N/A |
| Buffer overflow in Computer Associates (CA) iGateway 3.0 and 4.0 before 4.0.050623, when running in debug mode, allows remote attackers to execute arbitrary code via HTTP GET requests. | |||||