Total
29527 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-38696 | 1 Softvibe | 1 Saraban | 2024-02-14 | 5.0 MEDIUM | 7.5 HIGH |
| SoftVibe SARABAN for INFOMA 1.1 has Incorrect Access Control vulnerability, that allows attackers to access signature files on the application without any authentication. | |||||
| CVE-2000-0274 | 1 Bray Systems | 1 Linux Trustees | 2024-02-14 | 2.1 LOW | N/A |
| The Linux trustees kernel patch allows attackers to cause a denial of service by accessing a file or directory with a long name. | |||||
| CVE-2004-1140 | 1 Ethereal Group | 1 Ethereal | 2024-02-14 | 5.0 MEDIUM | N/A |
| Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (application hang) and possibly fill available disk space via an invalid RTP timestamp. | |||||
| CVE-2007-0811 | 1 Microsoft | 1 Ie | 2024-02-14 | 4.3 MEDIUM | N/A |
| Microsoft Internet Explorer 6.0 SP1 on Windows 2000, and 6.0 SP2 on Windows XP, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an HTML document containing a certain JavaScript for loop with an empty loop body, possibly involving getElementById. | |||||
| CVE-2006-5810 | 1 Xoops | 1 Xoops | 2024-02-14 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in modules/wfdownloads/newlist.php in XOOPS 1.0 allows remote attackers to inject arbitrary web script or HTML via the newdownloadshowdays parameter. | |||||
| CVE-2004-1334 | 2 Linux, Redhat | 3 Linux Kernel, Fedora Core, Linux | 2024-02-14 | 2.1 LOW | N/A |
| Integer overflow in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (kernel crash) via a cmsg_len that contains a -1, which leads to a buffer overflow. | |||||
| CVE-2005-2210 | 1 Tonec Inc. | 1 Internet Download Manager | 2024-02-14 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in Internet Download Manager 4.05 allows remote attackers to execute arbitrary code via a long URL. | |||||
| CVE-2006-1956 | 2 Joomla, Mambo | 2 Joomla, Mambo | 2024-02-14 | 5.0 MEDIUM | N/A |
| The com_rss option (rss.php) in (1) Mambo and (2) Joomla! allows remote attackers to obtain sensitive information via an invalid feed parameter, which reveals the path in an error message. | |||||
| CVE-2005-0704 | 1 Ethereal Group | 1 Ethereal | 2024-02-14 | 7.5 HIGH | N/A |
| Buffer overflow in the Etheric dissector in Ethereal 0.10.7 through 0.10.9 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code. | |||||
| CVE-2004-2364 | 1 Phpx | 1 Phpx | 2024-02-14 | 5.0 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in PHPX 3.0 through 3.2.6 allows remote attackers to execute arbitrary commands via URLs that are automatically executed on behalf of the administrator, as demonstrated using (1) admin/page.php, (2) admin/news.php, (3) admin/user.php, (4) admin/images.php, (5) admin/page.php, or (6) admin/forums.php. | |||||
| CVE-2002-1934 | 1 Pingtel | 1 Xpressa | 2024-02-14 | 5.0 MEDIUM | N/A |
| Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 2.0.1 leaks sensitive information during boot-up, which allows attackers to obtain the MD5 hash of the Admin password, MD5 hash of the physical password, and other registration information. | |||||
| CVE-2006-6084 | 1 Unverse.net | 1 Abitwhizzy | 2024-02-14 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in abitwhizzy.php in aBitWhizzy allows remote attackers to read arbitrary files via a .. (dot dot) in the f parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2006-3957 | 1 Bosdev | 1 Bosdates | 2024-02-14 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in payment.php in BosDev BosDates allows remote attackers to execute arbitrary PHP code via a URL in the insPath parameter. | |||||
| CVE-2001-0947 | 1 Valicert | 1 Enterprise Validation Authority | 2024-02-14 | 7.5 HIGH | N/A |
| Forms.exe CGI program in ValiCert Enterprise Validation Authority (EVA) 3.3 through 4.2.1 allows remote attackers to determine the real pathname of the server by requesting an invalid extension, which produces an error page that includes the path. | |||||
| CVE-2006-1381 | 1 Trend Micro | 1 Officescan | 2024-02-14 | 10.0 HIGH | N/A |
| Trend Micro OfficeScan 5.5, and probably other versions before 6.5, uses insecure DACLs for critical files, which allows local users to gain SYSTEM privileges by modifying tmlisten.exe. | |||||
| CVE-2005-0699 | 4 Altlinux, Conectiva, Ethereal Group and 1 more | 6 Alt Linux, Linux, Ethereal and 3 more | 2024-02-14 | 7.5 HIGH | N/A |
| Multiple buffer overflows in the dissect_a11_radius function in the CDMA A11 (3G-A11) dissector (packet-3g-a11.c) for Ethereal 0.10.9 and earlier allow remote attackers to execute arbitrary code via RADIUS authentication packets with large length values. | |||||
| CVE-2006-1207 | 1 Sergey Korostel | 1 Php Upload Center | 2024-02-14 | 5.0 MEDIUM | N/A |
| PHP Upload Center stores password hashes under the web root with insufficient access control, which allows remote attackers to download each password hash via a direct request for the upload/users/[USERNAME] file. | |||||
| CVE-2006-6132 | 1 Softacid | 1 Link Exchange Lite | 2024-02-14 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Link Exchange Lite allow remote attackers to execute arbitrary SQL commands via (1) the search engine field to search.asp and (2) psearch parameter to linkslist.asp. | |||||
| CVE-2006-5236 | 1 4homepages | 1 4images | 2024-02-14 | 7.5 HIGH | N/A |
| SQL injection vulnerability in search.php in 4images 1.7.x allows remote authenticated users to execute arbitrary SQL commands via the search_user parameter. | |||||
| CVE-2006-3250 | 1 Microsoft | 1 Windows Live Messenger | 2024-02-14 | 5.1 MEDIUM | N/A |
| Heap-based buffer overflow in Windows Live Messenger 8.0 allows user-assisted attackers to execute arbitrary code via a crafted Contact List (.ctt) file, which triggers the overflow when it is imported by the user. | |||||