Total
29527 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-0536 | 1 Mediawiki | 1 Mediawiki | 2011-03-08 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in MediaWiki 1.3.x before 1.3.11 and 1.4 beta before 1.4 rc1 allows remote attackers to delete arbitrary files or determine file existence via a parameter related to image deletion. | |||||
| CVE-2005-0773 | 1 Symantec Veritas | 1 Backup Exec | 2011-03-08 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in VERITAS Backup Exec Remote Agent 9.0 through 10.0 for Windows, and 9.0.4019 through 9.1.307 for Netware allows remote attackers to execute arbitrary code via a CONNECT_CLIENT_AUTH request with authentication method type 3 (Windows credentials) and a long password argument. | |||||
| CVE-2005-0933 | 1 Coinsoft Technologies | 1 Phpcoin | 2011-03-08 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in auxpage.php for phpCOIN 1.2.1b and earlier allows remote attackers to read arbitrary files via the page parameter. | |||||
| CVE-2005-0111 | 1 Mysql | 1 Maxdb | 2011-03-08 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the websql CGI program in MySQL MaxDB 7.5.00 allows remote attackers to execute arbitrary code via a long password parameter. | |||||
| CVE-2004-2574 | 1 Phpgroupware | 1 Phpgroupware | 2011-03-08 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in phpGroupWare 0.9.14.005 and earlier allows remote attackers to inject arbitrary web script or HTML via the date parameter in a calendar.uicalendar.planner menuaction. | |||||
| CVE-2005-0081 | 1 Mysql | 1 Maxdb | 2011-03-08 | 5.0 MEDIUM | N/A |
| MySQL MaxDB 7.5.0.0, and other versions before 7.5.0.21, allows remote attackers to cause a denial of service (crash) via an HTTP request with invalid headers. | |||||
| CVE-2005-0134 | 1 Sco | 1 Unixware | 2011-03-08 | 4.6 MEDIUM | N/A |
| The X server in SCO UnixWare 7.1.1, 7.1.3, and 7.1.4 does not properly create socket directories in /tmp, which could allow attackers to hijack local sockets. | |||||
| CVE-2004-2575 | 1 Phpgroupware | 1 Phpgroupware | 2011-03-08 | 5.0 MEDIUM | N/A |
| phpGroupWare 0.9.14.005 and earlier allow remote attackers to obtain sensitive information via a direct request to (1) hook_admin.inc.php, (2) hook_home.inc.php, (3) class.holidaycalc.inc.php, and (4) setup.inc.php.sample, which reveals the path in an error message. | |||||
| CVE-2005-0082 | 1 Mysql | 1 Maxdb | 2011-03-08 | 5.0 MEDIUM | N/A |
| The sapdbwa_GetUserData function in MySQL MaxDB 7.5.0.0, and other versions before 7.5.0.21, allows remote attackers to cause a denial of service (crash) via invalid parameters to the WebDAV handler code, which triggers a null dereference that causes the SAP DB Web Agent to crash. | |||||
| CVE-2004-2568 | 1 Recipants | 1 Recipants | 2011-03-08 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in ReciPants 1.1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) user id, (2) recipe id, (3) category id, and (4) other ID number fields. | |||||
| CVE-2005-0035 | 1 Adobe | 1 Acrobat Reader | 2011-03-08 | 5.1 MEDIUM | N/A |
| The Acrobat web control in Adobe Acrobat and Acrobat Reader 7.0 and earlier, when used with Internet Explorer, allows remote attackers to determine the existence of arbitrary files via the LoadFile ActiveX method. | |||||
| CVE-2003-1232 | 1 Gnu | 1 Emacs | 2011-03-08 | 5.1 MEDIUM | N/A |
| Emacs 21.2.1 does not prompt or warn the user before executing Lisp code in the local variables section of a text file, which allows user-assisted attackers to execute arbitrary commands, as demonstrated using the mode-name variable. | |||||
| CVE-2003-0502 | 1 Apple | 1 Darwin Streaming Server | 2011-03-08 | 10.0 HIGH | N/A |
| Apple QuickTime / Darwin Streaming Server before 4.1.3g allows remote attackers to cause a denial of service (crash) via a .. (dot dot) sequence followed by an MS-DOS device name (e.g. AUX) in a request to HTTP port 1220, a different vulnerability than CVE-2003-0421. | |||||
| CVE-2003-0379 | 1 Apple | 1 Afp Server | 2011-03-08 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in Apple File Service (AFP Server) for Mac OS X Server, when sharing files on a UFS or re-shared NFS volume, allows remote attackers to overwrite arbitrary files. | |||||
| CVE-2002-2002 | 1 Compaq | 1 Tru64 | 2011-03-08 | 7.5 HIGH | N/A |
| Buffer overflow in libc in Compaq Tru64 4.0F, 5.0, 5.1 and 5.1A allows attackers to execute arbitrary code via long (1) LANG and (2) LOCPATH environment variables. | |||||
| CVE-2002-2005 | 1 Sun | 1 Java Web Start | 2011-03-08 | 7.5 HIGH | N/A |
| Unknown vulnerability in Java web start 1.0.1_01, 1.0.1, 1.0 and 1.0.1.01 (HP-UX 11.x only) allows attackers to gain access to restricted resources via unknown attack vectors. | |||||
| CVE-2002-1617 | 1 Hp | 1 Tru64 | 2011-03-08 | 7.2 HIGH | N/A |
| Multiple buffer overflows in HP Tru64 UNIX 5.x allow local users to execute arbitrary code via (1) a long -contextDir argument to dtaction, (2) a long -p argument to dtprintinfo, (3) a long -customization argument to dxterm, or (4) a long DISPLAY environment variable to dtterm. | |||||
| CVE-2002-1581 | 2 Debian, Mailreader.com | 2 Debian Linux, Mailreader.com | 2011-03-08 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in nph-mr.cgi in Mailreader.com 2.3.20 through 2.3.31 allows remote attackers to view arbitrary files via .. (dot dot) sequences and a null byte (%00) in the configLanguage parameter. | |||||
| CVE-2002-1041 | 1 Ibm | 1 Aix | 2011-03-08 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in DCE (1) SMIT panels and (2) configuration commands, possibly related to relative pathnames. | |||||
| CVE-2002-0538 | 1 Symantec | 4 Enterprise Firewall, Gateway Security, Raptor Firewall and 1 more | 2011-03-08 | 7.5 HIGH | N/A |
| FTP proxy in Symantec Raptor Firewall 6.5.3 and Enterprise 7.0 rewrites an FTP server's "FTP PORT" responses in a way that allows remote attackers to redirect FTP data connections to arbitrary ports, a variant of the "FTP bounce" vulnerability. | |||||