Total
254753 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-1450 | 1 S9y | 1 Serendipity | 2024-02-04 | 7.5 HIGH | N/A |
| Unknown vulnerability in "the function used to validate path-names for uploading media" in Serendipity before 0.8 has unknown impact. | |||||
| CVE-2005-4436 | 1 Extended Interior Gateway Routing Protocol | 1 Extended Interior Gateway Routing Protocol | 2024-02-04 | 7.8 HIGH | N/A |
| Extended Interior Gateway Routing Protocol (EIGRP) 1.2, as implemented in Cisco IOS after 12.3(2), 12.3(3)B, and 12.3(2)T and other products, allows remote attackers to cause a denial of service by sending a "spoofed neighbor announcement" with (1) mismatched k values or (2) "goodbye message" Type-Length-Value (TLV). | |||||
| CVE-2005-1026 | 2 Dlman Pro, Linkz Pro | 2 Dlman Pro, Linkz Pro | 2024-02-04 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in SnailSource phpBB 2.0.x mods allow remote attackers to execute arbitrary SQL commands via the (1) file_id parameter to dlman.php in DLMan Pro or (2) id parameter to links.php in Linkz Pro (aka LinksLinks Pro). | |||||
| CVE-2005-4439 | 1 Elog | 1 Elogd | 2024-02-04 | 7.8 HIGH | N/A |
| Buffer overflow in ELOG elogd 2.6.0-beta4 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a URL with a long (1) cmd or (2) mode parameter. | |||||
| CVE-2006-2947 | 1 Dmx Forum | 1 Dmx Forum | 2024-02-04 | 5.0 MEDIUM | N/A |
| Dmx Forum 2.1a allows remote attackers to obtain username and password information via a direct request to pops/edit.php with a modified membre parameter. | |||||
| CVE-2005-2411 | 1 Tdiary | 1 Tdiary | 2024-02-04 | 5.1 MEDIUM | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in tDiary 2.1.1, and tDiary 2.0.1 and earlier, allows remote attackers to conduct actions as another user, and execute commands on the server, via a URL that is activated by the user. | |||||
| CVE-2005-2565 | 1 Gravity Board X Development Team | 1 Gravity Board X | 2024-02-04 | 5.0 MEDIUM | N/A |
| Gravity Board X (GBX) 1.1 allows remote attackers to obtain sensitive information via (1) a 1 in the perm parameter to deletethread.php or a direct request to (2) ban.php, (3) addnews.php, (4) banned.php, (5) boardstats.php, (6) adminform.php, (7) /forms/admininfo.php, (8) /forms/announcements.php, (9) forms/banform.php, or (10) other pages in the /forms directory, which reveal the path in an error message. | |||||
| CVE-2005-3390 | 1 Php | 1 Php | 2024-02-04 | 7.5 HIGH | N/A |
| The RFC1867 file upload feature in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5, when register_globals is enabled, allows remote attackers to modify the GLOBALS array and bypass security protections of PHP applications via a multipart/form-data POST request with a "GLOBALS" fileupload field. | |||||
| CVE-2005-4005 | 1 Php Fusion | 1 Php Fusion | 2024-02-04 | 7.5 HIGH | N/A |
| SQL injection vulnerability in messages.php in PHP-Fusion 6.00.109 allows remote attackers to obtain path information and possibly execute arbitrary SQL commands via the srch_text parameter in a Search and Sort option to messages.php. | |||||
| CVE-2005-0865 | 1 Securecomputing | 1 Samsung Adsl Modem | 2024-02-04 | 7.5 HIGH | N/A |
| Samsung ADSL Modem SMDK8947v1.2 uses default passwords for the (1) root, (2) admin, or (3) user users, which allows remote attackers to gain privileges via Telnet or an HTTP request to adsl.cgi. | |||||
| CVE-2006-4442 | 1 Clemens Wacha | 1 Php Iaddressbook | 2024-02-04 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in PHP iAddressBook before 0.95 allows remote attackers to inject arbitrary web script or HTML via the cat_name parameter, related to adding a category. (categories field). NOTE: some details are obtained from third party information. | |||||
| CVE-2005-4250 | 1 Mcgallery | 1 Mcgallery Pro | 2024-02-04 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in mcGallery PRO 2.2 and earlier allows remote attackers to read arbitrary files via the language parameter. | |||||
| CVE-2006-3497 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-02-04 | 5.1 MEDIUM | N/A |
| Unspecified vulnerability in the "compression state handling" in Bom for Apple Mac OS X 10.3.9 and 10.4.7 allows user-assisted attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted Zip archive. | |||||
| CVE-2006-4320 | 1 Opensef Project | 1 Opensef | 2024-02-04 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in sef.php in the OpenSEF 2.0.0 component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | |||||
| CVE-2005-2340 | 1 Apple | 1 Quicktime | 2024-02-04 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via a crafted (1) QuickTime Image File (QTIF), (2) PICT, or (3) JPEG format image with a long data field. | |||||
| CVE-2005-0074 | 1 Xpcd | 1 Xpcd | 2024-02-04 | 7.2 HIGH | N/A |
| Buffer overflow in pcdsvgaview in xpcd 2.08 allows local users to execute arbitrary code. | |||||
| CVE-2005-1803 | 1 Net Portal Dynamic System | 1 Net Portal Dynamic System | 2024-02-04 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Net Portal Dynamic System (NPDS) 5.0 allow remote attackers to inject arbitrary web script or HTML via the language parameter to (1) admin.php, or (2) powerpack_f.php, (3) the sitename parameter to sdv_infos.php, (4) the categories parameter to faq.php, (5) the lettre parameter to the glossaire module, (6) the title parameter to reviews.php, or (7) the image_subject parameter to reply.php. | |||||
| CVE-2005-1923 | 1 Clam Anti-virus | 1 Clamav | 2024-02-04 | 2.6 LOW | N/A |
| The ENSURE_BITS macro in mszipd.c for Clam AntiVirus (ClamAV) 0.83, and other versions vefore 0.86, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a cabinet (CAB) file with the cffile_FolderOffset field set to 0xff, which causes a zero-length read. | |||||
| CVE-2005-1041 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 2.1 LOW | N/A |
| The fib_seq_start function in fib_hash.c in Linux kernel allows local users to cause a denial of service (system crash) via /proc/net/route. | |||||
| CVE-2006-1814 | 1 Netbsd | 1 Netbsd | 2024-02-04 | 2.1 LOW | N/A |
| NetBSD 1.6, 2.0, 2.1 and 3.0 allows local users to cause a denial of service (memory exhaustion) by using the sysctl system call to lock a large buffer into physical memory. | |||||