Total
29739 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-1493 | 1 Nikolay Avrionov | 1 Explorer Xp | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in dir.php in Explorer XP allows remote attackers to inject arbitrary web script or HTML via the chemin parameter. NOTE: it is possible that this issue is resultant from CVE-2006-1492. | ||||
| CVE-2006-1507 | 1 Phpkit | 1 Phpkit | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in PHPKIT 1.6.03 allows remote attackers to inject arbitrary web script or HTML via the error parameter to include.php, possibly due to a problem in login/login.php. | ||||
| CVE-2004-0083 | 3 Openbsd, Redhat, Xfree86 Project | 4 Openbsd, Enterprise Linux, Linux and 1 more | 2025-04-03 | N/A |
| Buffer overflow in ReadFontAlias from dirfile.c of XFree86 4.1.0 through 4.3.0 allows local users and remote attackers to execute arbitrary code via a font alias file (font.alias) with a long token, a different vulnerability than CVE-2004-0084 and CVE-2004-0106. | ||||
| CVE-2004-0106 | 3 Openbsd, Redhat, Xfree86 Project | 4 Openbsd, Enterprise Linux, Linux and 1 more | 2025-04-03 | N/A |
| Multiple unknown vulnerabilities in XFree86 4.1.0 to 4.3.0, related to improper handling of font files, a different set of vulnerabilities than CVE-2004-0083 and CVE-2004-0084. | ||||
| CVE-2005-3556 | 1 Tincan | 1 Phplist | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in PHPlist 2.10.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) listname parameter in (a) admin/editlist.php, (2) title parameter in (b) admin/spageedit.php, (3) title field in (c) admin/template.php, (4) filter, (5) delete, and (6) start parameters in (d) admin/eventlog.php, (7) id parameter in (e) admin/configure.php, (8) find parameter in (f) admin/users.php, (9) start parameter in (g) admin/admin.php, and (10) action parameter in (h) admin/fckphplist.php. | ||||
| CVE-2004-0125 | 1 Freebsd | 1 Freebsd | 2025-04-03 | N/A |
| The jail system call in FreeBSD 4.x before 4.10-RELEASE does not verify that an attempt to manipulate routing tables originated from a non-jailed process, which could allow local users to modify the routing table. | ||||
| CVE-2004-0152 | 1 Emil | 1 Emil | 2025-04-03 | N/A |
| Multiple stack-based buffer overflows in (1) the encode_mime function, (2) the encode_uuencode function, (3) or the decode_uuencode function for emil 2.1.0 and earlier allow remote attackers to execute arbitrary code via e-mail messages containing attachments with filenames. | ||||
| CVE-2004-0172 | 1 Juan Cespedes | 1 Ltrace | 2025-04-03 | N/A |
| Heap-based buffer overflow in the search_for_command function of ltrace 0.3.10, if it is installed setuid, could allow local users to execute arbitrary code via a long filename. NOTE: It is unclear whether there are any packages that install ltrace as a setuid program, so this candidate might be REJECTed. | ||||
| CVE-2001-0558 | 1 T. Hauck | 1 Jana Web Server | 2025-04-03 | N/A |
| T. Hauck Jana Webserver 2.01 beta 1 and earlier allows a remote attacker to create a denial of service via a URL request which includes a MS-DOS device name (i.e. GET /aux HTTP/1.0). | ||||
| CVE-2005-3581 | 1 Gdal | 1 Gdal | 2025-04-03 | N/A |
| GDAL before 1.3.0-r1 allows local users in the portage group to increase privileges via a shared object in the Portage temporary build directory, which is added to the search path allowing objects in it to be loaded at runtime. | ||||
| CVE-2005-3585 | 1 Phpwebthings | 1 Phpwebthings | 2025-04-03 | N/A |
| SQL injection vulnerability in forum.php in PhpWebThings 1.4.4 allows remote attackers to execute arbitrary SQL commands via the forum parameter. | ||||
| CVE-2005-3594 | 1 E107 | 1 E107 | 2025-04-03 | N/A |
| game_score.php in e107 allows remote attackers to insert high scores via HTTP POST methods utilizing the $player_name, $player_score, and $game_name variables. | ||||
| CVE-2001-0585 | 1 Gordano | 1 Ntmail | 2025-04-03 | N/A |
| Gordano NTMail 6.0.3c allows a remote attacker to create a denial of service via a long (>= 255 characters) URL request to port 8000 or port 9000. | ||||
| CVE-2004-0259 | 1 Joe Lumbroso Acks | 1 Formmail.php | 2025-04-03 | N/A |
| The check_referer() function in Formmail.php 5.0 and earlier allows remote attackers to bypass access restrictions via an empty or spoofed HTTP Referer, as demonstrated using an application on the same web server that contains a cross-site scripting (XSS) issue. | ||||
| CVE-2006-0777 | 1 Teca Scripts | 1 Guestex | 2025-04-03 | N/A |
| Unspecified vulnerability in guestex.pl in Teca Scripts Guestex 1.0 allows remote attackers to execute arbitrary shell commands via the email parameter, possibly involving shell metacharacters. | ||||
| CVE-2006-1527 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2025-04-03 | N/A |
| The SCTP-netfilter code in Linux kernel before 2.6.16.13 allows remote attackers to trigger a denial of service (infinite loop) via unknown vectors that cause an invalid SCTP chunk size to be processed by the for_each_sctp_chunk function. | ||||
| CVE-2001-0587 | 1 Sco | 1 Openserver | 2025-04-03 | N/A |
| deliver program in MMDF 2.43.3b in SCO OpenServer 5.0.6 can allow a local attacker to gain additional privileges via a buffer overflow in the first argument to the command. | ||||
| CVE-2006-3022 | 1 Fipsasp | 1 Fipsgallery | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in zoom.php in fipsGallery 1.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the path parameter. | ||||
| CVE-2004-0291 | 1 Yabb | 1 Yabb | 2025-04-03 | N/A |
| SQL injection vulnerability in post.php for YaBB SE 1.5.4 and 1.5.5 allows remote attackers to obtain hashed passwords via the quote parameter. | ||||
| CVE-2004-0315 | 1 Avirt | 1 Voice | 2025-04-03 | N/A |
| Buffer overflow in Avirt Voice 4.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long GET request on port 1080. | ||||