Total
29527 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-0072 | 1 Microsoft | 1 Internet Explorer | 2024-02-14 | 4.3 MEDIUM | N/A |
| Microsoft Internet Explorer 6.0 through 8.0 beta2 allows remote attackers to cause a denial of service (application crash) via an onload=screen[""] attribute value in a BODY element. | |||||
| CVE-2003-0431 | 1 Ethereal Group | 1 Ethereal | 2024-02-14 | 10.0 HIGH | N/A |
| The tvb_get_nstringz0 function in Ethereal 0.9.12 and earlier does not properly handle a zero-length buffer size, with unknown consequences. | |||||
| CVE-2004-0504 | 2 Ethereal Group, Sgi | 2 Ethereal, Propack | 2024-02-14 | 5.0 MEDIUM | N/A |
| Ethereal 0.10.3 allows remote attackers to cause a denial of service (crash) via certain SIP messages between Hotsip servers and clients. | |||||
| CVE-2006-4893 | 1 Phpbb Xs | 1 Phpbb Xs | 2024-02-14 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in bb_usage_stats/includes/bb_usage_stats.php in phpBB XS 0.58 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter, a different vector than CVE-2006-4780. | |||||
| CVE-2005-0007 | 1 Ethereal Group | 1 Ethereal | 2024-02-14 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in the DLSw dissector in Ethereal 0.10.6 through 0.10.8 allows remote attackers to cause a denial of service (application crash from assertion). | |||||
| CVE-2005-3247 | 1 Ethereal Group | 1 Ethereal | 2024-02-14 | 5.0 MEDIUM | N/A |
| The SigComp UDVM in Ethereal 0.10.12 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors. | |||||
| CVE-2006-5154 | 1 Deluxebb | 1 Deluxebb | 2024-02-14 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in cp/sig.php in DeluxeBB 1.09 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the templatefolder parameter. | |||||
| CVE-2005-2166 | 1 Frozenplague.net | 1 Plague News System | 2024-02-14 | 5.0 MEDIUM | N/A |
| SQL injection vulnerability in index.php in Plague News System 0.6 and earlier allows remote attackers to execute arbitrary SQL commands via the cid parameter. | |||||
| CVE-2005-3514 | 1 Chipmunk Scripts | 1 Chipmunk Forum | 2024-02-14 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Chipmunk Forum script allow remote attackers to inject arbitrary web script or HTML via the forumID parameter to (1) newtopic.php, (2) quote.php, (3) index.php, and (4) reply.php. | |||||
| CVE-2007-2457 | 1 Pixaria | 1 Pixaria Gallery | 2024-02-14 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in resources/includes/class.Smarty.php in Pixaria Gallery before 1.4.3 allows remote attackers to execute arbitrary PHP code via a URL in the cfg[sys][base_path] parameter. | |||||
| CVE-2005-2373 | 1 Whitsoft Development | 1 Slimftpd | 2024-02-14 | 7.2 HIGH | N/A |
| Buffer overflow in SlimFTPd 3.15 and 3.16 allows remote authenticated users to execute arbitrary code via a long directory name to (1) LIST, (2) DELE or (3) RNFR commands. | |||||
| CVE-2005-3924 | 1 Randshop | 1 Randshop | 2024-02-14 | 7.5 HIGH | N/A |
| SQL injection vulnerability in themes/kategorie/index.php in Randshop allows remote attackers to execute arbitrary SQL commands via the (1) kategorieid and (2) katid parameters. | |||||
| CVE-2005-0832 | 1 Php-post | 1 Php-post Web Forum | 2024-02-14 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in PHP-Post before 0.33 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | |||||
| CVE-2005-2491 | 1 Pcre | 1 Pcre | 2024-02-14 | 7.5 HIGH | N/A |
| Integer overflow in pcre_compile.c in Perl Compatible Regular Expressions (PCRE) before 6.2, as used in multiple products such as Python, Ethereal, and PHP, allows attackers to execute arbitrary code via quantifier values in regular expressions, which leads to a heap-based buffer overflow. | |||||
| CVE-2006-6066 | 1 Dragon Internet | 1 Events Listing | 2024-02-14 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Dragon Calendar / Events Listing 2.x allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameter to (a) admin_login.asp, the (3) ID parameter to (b) event_searchdetail.asp, or the (4) VenueID parameter to (c) venue_detail.asp. | |||||
| CVE-2006-6082 | 1 Creascripts | 1 Creadirectory | 2024-02-14 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in CreaScripts Creadirectory allow remote attackers to inject arbitrary web script or HTML via the (1) cat parameter to addlisting.asp or the (2) search parameter to search.asp. | |||||
| CVE-2007-1324 | 1 Snapgear | 6 560, 580, 585 and 3 more | 2024-02-14 | 5.0 MEDIUM | N/A |
| SnapGear 560, 585, 580, 640, 710, and 720 appliances before the 3.1.4u5 firmware allow remote attackers to cause a denial of service (complete packet loss) via a packet flood, a different vulnerability than CVE-2006-4613. | |||||
| CVE-2005-3968 | 1 Phpx | 1 Phpx | 2024-02-14 | 7.5 HIGH | N/A |
| SQL injection vulnerability in auth.inc.php in PHPX 3.5.9 and earlier allows remote attackers to execute arbitrary SQL commands, bypass authentication, and upload arbitrary PHP code via the username parameter. | |||||
| CVE-2005-3515 | 1 Chipmunk Scripts | 1 Chipmunk Topsites | 2024-02-14 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in recommend.php in Chipmunk Topsites script allows remote attackers to inject arbitrary web script or HTML via the ID parameter. | |||||
| CVE-2005-1469 | 1 Ethereal Group | 1 Ethereal | 2024-02-14 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in the GSM dissector in Ethereal before 0.10.11 allows remote attackers to cause the dissector to access an invalid pointer. | |||||