Total
29739 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-0690 | 1 Mcafee | 1 Epolicy Orchestrator | 2025-04-03 | N/A |
| Format string vulnerability in McAfee Security ePolicy Orchestrator (ePO) 2.5.1 allows remote attackers to execute arbitrary code via an HTTP GET request with a URI containing format strings. | ||||
| CVE-2005-2945 | 1 Arc | 1 Arc | 2025-04-03 | N/A |
| arc 5.21j and earlier create temporary files with world-readable permissions, which allows local users to read sensitive information from files created by (1) arc (arc.c) or (2) marc (marc.c). | ||||
| CVE-2005-2973 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2025-04-03 | N/A |
| The udp_v6_get_port function in udp.c in Linux 2.6 before 2.6.14-rc5, when running IPv6, allows local users to cause a denial of service (infinite loop and crash). | ||||
| CVE-2006-0607 | 1 Hinton Design | 1 Phphd | 2025-04-03 | N/A |
| check.php in Hinton Design phphd 1.0 does not check passwords when certain cookies are provided, which allows remote attackers to bypass authentication. | ||||
| CVE-2006-0611 | 1 Atmail | 1 Atmail | 2025-04-03 | N/A |
| Directory traversal vulnerability in compose.pl in @Mail 4.3 and earlier for Windows allows remote attackers to upload arbitrary files to arbitrary locations via a .. (dot dot) in the unique parameter. | ||||
| CVE-2005-2986 | 1 Ahnlab | 3 V3 Virusblock 2005, V3net, V3pro 2004 | 2025-04-03 | N/A |
| The v3flt2k.sys driver in AhnLab V3Pro 2004 Build 6.0.0.383, V3 VirusBlock 2005 Build 6.0.0.383, V3Net for Windows Server 6.0 Build 6.0.0.383 does not properly validate the source of the DeviceIoControl commands, which allows remote attackers to gain privileges. | ||||
| CVE-2002-0691 | 1 Microsoft | 1 Internet Explorer | 2025-04-03 | N/A |
| Microsoft Internet Explorer 5.01 and 5.5 allows remote attackers to execute scripts in the Local Computer zone via a URL that references a local HTML resource file, a variant of "Cross-Site Scripting in Local HTML Resource" as identified by CAN-2002-0189. | ||||
| CVE-2005-3002 | 1 Xclusive-software | 1 Mccs | 2025-04-03 | N/A |
| Multi-Computer Control System (MCCS) 1.0 allows remote attackers to cause a denial of service via a malformed UDP packet. | ||||
| CVE-2005-3016 | 1 Francisco Burzi | 1 Php-nuke | 2025-04-03 | N/A |
| Multiple unspecified vulnerabilities in the WYSIWYG editor in PHP-Nuke before 7.9 Final have unknown impact and attack vectors. | ||||
| CVE-2005-3017 | 1 Content2web | 1 Content2web | 2025-04-03 | N/A |
| PHP file inclusion vulnerability in index.php in Content2Web 1.0.1 allows remote attackers to include arbitrary files via the show parameter, which can lead to resultant errors such as path disclosure, SQL error messages, and cross-site scripting (XSS). | ||||
| CVE-2006-0618 | 1 Qnx | 1 Neutrino Rtos | 2025-04-03 | N/A |
| Format string vulnerability in fontsleuth in QNX Neutrino RTOS 6.3.0 allows local users to execute arbitrary code via format string specifiers in the zeroth argument (program name). | ||||
| CVE-2005-3022 | 1 Jelsoft | 1 Vbulletin | 2025-04-03 | N/A |
| Multiple SQL injection vulnerabilities in vBulletin 3.0.9 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) announcement parameter to announcement.php, (2) userid parameter to user.php, (3) calendar parameter to admincalendar.php, (4) cronid parameter to cronlog.php, (5) usergroupid parameter to email.php, (6) help parameter to help.php, (7) rvt parameter to language.php, (8) keep parameter to phrase.php, or (9) updateprofilepic parameter to usertools.php. | ||||
| CVE-2006-0624 | 1 Webeveyn | 1 Whomp Real Estate Manager Xp 2005 | 2025-04-03 | N/A |
| SQL injection vulnerability in check.asp in Whomp Real Estate Manager XP 2005 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters. | ||||
| CVE-2002-0700 | 1 Microsoft | 1 Content Management Server | 2025-04-03 | N/A |
| Buffer overflow in a system function that performs user authentication for Microsoft Content Management Server (MCMS) 2001 allows attackers to execute code in the Local System context by authenticating to a web page that calls the function, aka "Unchecked Buffer in MDAC Function Could Enable SQL Server Compromise." | ||||
| CVE-2005-3027 | 1 Sybari | 1 Antigen | 2025-04-03 | N/A |
| Sybari Antigen 8.0 SR2 does not properly filter SMTP messages, which allows remote attackers to bypass custom filter rules and send file attachments of arbitrary file types via a message with a subject of "Antigen forwarded attachment". | ||||
| CVE-2006-0642 | 1 Trend Micro | 3 Interscan Messaging Security Suite, Interscan Web Security Suite, Serverprotect | 2025-04-03 | N/A |
| Trend Micro ServerProtect 5.58, and possibly InterScan Messaging Security Suite and InterScan Web Security Suite, have a default configuration setting of "Do not scan compressed files when Extracted file count exceeds 500 files," which may be too low in certain circumstances, which allows remote attackers to bypass anti-virus checks by sending compressed archives containing many small files. NOTE: since this is related to a configuration setting that has an operational impact that might vary depending on the environment, and the product is claimed to report a message when the compressed file exceeds specified limits, perhaps this should not be included in CVE. | ||||
| CVE-2006-1276 | 1 Himpfen Consulting | 1 Php Simplenews | 2025-04-03 | N/A |
| admin.php in Himpfen Consulting Company PHP SimpleNEWS 1.0.0 allows remote attackers to bypass authentication by setting the admin parameter in a cookie. | ||||
| CVE-2002-0701 | 2 Freebsd, Openbsd | 2 Freebsd, Openbsd | 2025-04-03 | N/A |
| ktrace in BSD-based operating systems allows the owner of a process with special privileges to trace the process after its privileges have been lowered, which may allow the owner to obtain sensitive information that the process obtained while it was running with the extra privileges. | ||||
| CVE-2006-1284 | 1 Symantec | 2 Ghost Solutions Suite, Norton Ghost | 2025-04-03 | N/A |
| The installation of SQLAnywhere in Symantec Ghost 8.0 and 8.2, as used in Symantec Ghost Solutions Suite (SGSS) 1.0, includes a default administrator login account and password, which allows local users to gain privileges or modify tasks. | ||||
| CVE-2005-3064 | 1 Multitheftauto | 1 Multitheftauto | 2025-04-03 | N/A |
| MultiTheftAuto 0.5 patch 1 and earlier does not properly verify client privileges when running command 40, which allows remote attackers to change or delete the message of the day (motd.txt). | ||||