Total
29739 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-1667 | 1 Gearbox Software | 1 Halo Combat Evolved | 2025-04-03 | N/A |
| Off-by-one error in Halo Combat Evolved 1.04 and earlier allows remote attackers to cause a denial of service (server crash) via a long client response. | ||||
| CVE-2005-4142 | 1 Lyris Technologies Inc | 1 Listmanager | 2025-04-03 | N/A |
| The web interface for subscribing new users in Lyris ListManager 5.0 through 8.8b, in combination with a line wrap feature, allows remote attackers to execute arbitrary list administration commands via LFCR (%0A%0D) sequences in the pw parameter. NOTE: it is not clear whether this is a variant of a CRLF injection vulnerability. | ||||
| CVE-2001-1162 | 3 Hp, Redhat, Samba | 3 Cifs-9000 Server, Linux, Samba | 2025-04-03 | N/A |
| Directory traversal vulnerability in the %m macro in the smb.conf configuration file in Samba before 2.2.0a allows remote attackers to overwrite certain files via a .. in a NETBIOS name, which is used as the name for a .log file. | ||||
| CVE-2004-1671 | 1 Icewarp | 1 Web Mail | 2025-04-03 | N/A |
| Merak Mail Server 7.4.5 with Icewarp Web Mail 5.2.7 and possibly other versions allows remote attackers to gain sensitive information via a direct request to (1) accountsettings_add.html or (2) topmenu.html. | ||||
| CVE-2005-4151 | 1 Pgp | 1 Desktop | 2025-04-03 | N/A |
| The Wipe Free Space utility in PGP Desktop Home 8.0 and Desktop Professional 9.0.3 Build 2932 and earlier does not clear file slack space in the last cluster for the file, which allows local users to access the previous contents of the disk. | ||||
| CVE-2004-1676 | 1 Gadu-gadu | 1 Gadu-gadu Instant Messenger | 2025-04-03 | N/A |
| Heap-based buffer overflow in the image sending feature in Gadu-Gadu 6.0 build 149 allows remote attackers to execute arbitrary code via a crafted GG_MSG_IMAGE_REPLY message. | ||||
| CVE-2004-1690 | 1 Rhinosoft | 1 Dns4me | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in the Web Server in DNS4Me 3.0.0.4 allows remote attackers to execute arbitrary web script or HTML via the URL. | ||||
| CVE-2004-1702 | 1 Gnu | 1 Cfengine | 2025-04-03 | N/A |
| The AuthenticationDialogue function in cfservd for Cfengine 2.0.0 to 2.1.7p1 does not properly check the return value of the ReceiveTransaction function, which leads to a failed malloc call and triggers to a null dereference, which allows remote attackers to cause a denial of service (crash). | ||||
| CVE-2005-4163 | 1 Milky | 1 Captcha Php | 2025-04-03 | N/A |
| Directory traversal vulnerability in captcha.php in Captcha PHP 0.9 allows remote attackers to read arbitrary files via the _tcf parameter. | ||||
| CVE-2001-1168 | 1 Phpmyexplorer | 2 Phpmyexplorer Classic, Phpmyexplorer Multiuser | 2025-04-03 | N/A |
| Directory traversal vulnerability in index.php in PhpMyExplorer before 1.2.1 allows remote attackers to read arbitrary files via a ..%2F (modified dot dot) in the chemin parameter. | ||||
| CVE-2001-1169 | 1 Bell Communications Research | 1 S Key | 2025-04-03 | N/A |
| keyinit in S/Key does not require authentication to initialize a one-time password sequence, which allows an attacker who has gained privileges to a user account to create new one-time passwords for use in other activities that may use S/Key authentication, such as sudo. | ||||
| CVE-2003-0144 | 4 Bsd, Freebsd, Lprold and 1 more | 4 Lpr, Freebsd, Lprold and 1 more | 2025-04-03 | N/A |
| Buffer overflow in the lprm command in the lprold lpr package on SuSE 7.1 through 7.3, OpenBSD 3.2 and earlier, and possibly other operating systems, allows local users to gain root privileges via long command line arguments such as (1) request ID or (2) user name. | ||||
| CVE-2003-0151 | 1 Bea | 1 Weblogic Server | 2025-04-03 | N/A |
| BEA WebLogic Server and Express 6.0 through 7.0 does not properly restrict access to certain internal servlets that perform administrative functions, which allows remote attackers to read arbitrary files or execute arbitrary code. | ||||
| CVE-2006-4479 | 1 Visualshapers | 1 Ezcontents | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in loginreq2.php in Visual Shapers ezContents 2.0.3 allows remote attackers to inject arbitrary web script or HTML via the subgroupname parameter. | ||||
| CVE-2001-1170 | 1 Amtote International | 1 Homebet | 2025-04-03 | N/A |
| AmTote International homebet program stores the homebet.log file in the homebet/ virtual directory, which allows remote attackers to steal account and PIN numbers. | ||||
| CVE-2002-0947 | 1 Oracle | 2 Application Server, Reports | 2025-04-03 | N/A |
| Buffer overflow in rwcgi60 CGI program for Oracle Reports Server 6.0.8.18.0 and earlier, as used in Oracle9iAS and other products, allows remote attackers to execute arbitrary code via a long database name parameter. | ||||
| CVE-2004-1717 | 1 Gv | 1 Gv | 2025-04-03 | N/A |
| Multiple buffer overflows in the psscan function in ps.c for gv (ghostview) allow remote attackers to execute arbitrary code via a Postscript file with a long (1) BoundingBox, (2) comment, (3) Orientation, (4) PageOrder, or (5) Pages value. | ||||
| CVE-2005-4165 | 1 Asp-dev | 1 Asp Resources Forum | 2025-04-03 | N/A |
| Multiple SQL injection vulnerabilities in ASP-DEV ASP Resources Forum allow remote attackers to execute arbitrary SQL commands via the (1) forum_id parameter to forum.asp, (2) unspecified parameters to register.asp, and (3) the "Search For" field in search.asp. | ||||
| CVE-2001-1181 | 1 Hp | 1 Hp-ux | 2025-04-03 | N/A |
| Dynamically Loadable Kernel Module (dlkm) static kernel symbol table in HP-UX 11.11 is not properly configured, which allows local users to gain privileges. | ||||
| CVE-2001-1182 | 1 Hp | 1 Hp-ux | 2025-04-03 | N/A |
| Vulnerability in login in HP-UX 11.00, 11.11, and 10.20 allows restricted shell users to bypass certain security checks and gain privileges. | ||||