Total
29739 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-4241 | 1 Mamboxchange | 1 Reporter | 2025-04-03 | N/A |
| PHP remote file inclusion vulnerability in processor/reporter.sql.php in the Reporter Mambo component (com_reporter) allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | ||||
| CVE-2006-3547 | 1 Vmware | 1 Player | 2025-04-03 | 5.5 Medium |
| EMC VMware Player allows user-assisted attackers to cause a denial of service (unrecoverable application failure) via a long value of the ide1:0.fileName parameter in the .vmx file of a virtual machine. NOTE: third parties have disputed this issue, saying that write access to the .vmx file enables other ways of stopping the virtual machine, so no privilege boundaries are crossed | ||||
| CVE-2006-4256 | 1 Horde | 1 Application Framework | 2025-04-03 | N/A |
| index.php in Horde Application Framework before 3.1.2 allows remote attackers to include web pages from other sites, which could be useful for phishing attacks, via a URL in the url parameter, aka "cross-site referencing." NOTE: some sources have referred to this issue as XSS, but it is different than classic XSS. | ||||
| CVE-2001-0833 | 1 Oracle | 1 Database Server | 2025-04-03 | N/A |
| Buffer overflow in otrcrep in Oracle 8.0.x through 9.0.1 allows local users to execute arbitrary code via a long ORACLE_HOME environment variable, aka the "Oracle Trace Collection Security Vulnerability." | ||||
| CVE-2006-4266 | 1 Symantec | 1 Norton Personal Firewall | 2025-04-03 | N/A |
| Symantec Norton Personal Firewall 2006 9.1.0.33, and possibly earlier, does not properly protect Norton registry keys, which allows local users to provide Trojan horse libraries to Norton by using RegSaveKey and RegRestoreKey to modify HKLM\SOFTWARE\Symantec\CCPD\SuiteOwners, as demonstrated using NISProd.dll. NOTE: in most cases, this attack would not cross privilege boundaries, because modifying the SuiteOwners key requires administrative privileges. However, this issue is a vulnerability because the product's functionality is intended to protect against privileged actions such as this. | ||||
| CVE-2001-0772 | 1 Hp | 1 Hp-ux | 2025-04-03 | N/A |
| Buffer overflows and other vulnerabilities in multiple Common Desktop Environment (CDE) modules in HP-UX 10.10 through 11.11 allow attackers to cause a denial of service and possibly gain additional privileges. | ||||
| CVE-2004-0887 | 2 Linux, Suse | 2 Linux Kernel, Suse Linux | 2025-04-03 | N/A |
| SUSE Linux Enterprise Server 9 on the S/390 platform does not properly handle a certain privileged instruction, which allows local users to gain root privileges. | ||||
| CVE-2006-4332 | 1 Wireshark | 1 Wireshark | 2025-04-03 | N/A |
| Unspecified vulnerability in the DHCP dissector in Wireshark (formerly Ethereal) 0.10.13 through 0.99.2, when run on Windows, allows remote attackers to cause a denial of service (crash) via unspecified vectors that trigger a bug in Glib. | ||||
| CVE-2001-0770 | 1 Steve Poulsen | 1 Guildftpd | 2025-04-03 | N/A |
| Buffer overflow in GuildFTPd Server 0.97 allows remote attacker to execute arbitrary code via a long SITE command. | ||||
| CVE-2001-0689 | 1 Trend Micro | 1 Virus Control System | 2025-04-03 | N/A |
| Vulnerability in TrendMicro Virus Control System 1.8 allows a remote attacker to view configuration files and change the configuration via a certain CGI program. | ||||
| CVE-1999-0389 | 1 Debian | 1 Debian Linux | 2025-04-03 | N/A |
| Buffer overflow in the bootp server in the Debian Linux netstd package. | ||||
| CVE-2006-4355 | 1 Drupal | 1 Drupal Easylinks Module | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in Drupal Easylinks Module (easylinks.module) 4.7 before 1.5.2.1 2006/08/19 12:02:27 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2001-0688 | 1 Transsoft | 1 Broker Ftp Server | 2025-04-03 | N/A |
| Broker FTP Server 5.9.5.0 allows a remote attacker to cause a denial of service by repeatedly issuing an invalid CD or CWD ("CD . .") command. | ||||
| CVE-2001-0605 | 1 Headlight Software | 1 Mygetright | 2025-04-03 | N/A |
| Headlight Software MyGetright prior to 1.0b allows a remote attacker to upload and/or overwrite arbitrary files via a malicious .dld (skins-data) file which contains long strings of random data. | ||||
| CVE-2006-4371 | 1 Alt-n | 1 Webadmin | 2025-04-03 | N/A |
| Multiple directory traversal vulnerabilities in Alt-N WebAdmin 3.2.3 and 3.2.4 running with MDaemon 9.0.5, and possibly earlier, allow remote authenticated global administrators to read arbitrary files via a .. (dot dot) in the file parameter to (1) logfile_view.wdm and (2) configfile_view.wdm. | ||||
| CVE-2006-4373 | 1 Derek Leung | 1 Pslash | 2025-04-03 | N/A |
| PHP remote file inclusion vulnerability in modules/visitors2/include/config.inc.php in pSlash 0.70 allows remote attackers to execute arbitrary PHP code via a URL in the lvc_include_dir parameter. | ||||
| CVE-2001-0604 | 1 Lotus | 1 Domino R5 Server | 2025-04-03 | N/A |
| Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a denial of service via URL requests (>8Kb) containing a large number of '/' characters. | ||||
| CVE-2001-0603 | 1 Lotus | 1 Domino R5 Server | 2025-04-03 | N/A |
| Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a denial of service via repeatedly sending large (> 10Kb) amounts of data to the DIIOP - CORBA service on TCP port 63148. | ||||
| CVE-2006-4386 | 1 Apple | 1 Quicktime | 2025-04-03 | N/A |
| Integer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted H.264 movie, a different issue than CVE-2006-4381. | ||||
| CVE-1999-1082 | 1 T. Hauck | 1 Jana Web Server | 2025-04-03 | N/A |
| Directory traversal vulnerability in Jana proxy web server 1.40 allows remote attackers to ready arbitrary files via a "......" (modified dot dot) attack. | ||||