Total
29739 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-3649 | 1 Moodle | 1 Moodle | 2025-04-03 | N/A |
| jumpto.php in Moodle 1.5.2 allows remote attackers to redirect users to other sites via the jump parameter. | ||||
| CVE-2000-0975 | 1 Anaconda Partners | 1 Foundation Directory | 2025-04-03 | N/A |
| Directory traversal vulnerability in apexec.pl in Anaconda Foundation Directory allows remote attackers to read arbitrary files via a .. (dot dot) attack. | ||||
| CVE-2004-0417 | 6 Cvs, Gentoo, Openbsd and 3 more | 6 Cvs, Linux, Openbsd and 3 more | 2025-04-03 | N/A |
| Integer overflow in the "Max-dotdot" CVS protocol command (serve_max_dotdot) for CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to cause a server crash, which could cause temporary data to remain undeleted and consume disk space. | ||||
| CVE-2005-3654 | 1 Bluecoat | 1 Webproxy | 2025-04-03 | N/A |
| Blue Coat Systems Inc. WinProxy before 6.1a allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number of packets with 0xFF characters to the Telnet port (TCP 23), which corrupts the heap. | ||||
| CVE-2004-0426 | 2 Andrew Tridgell, Redhat | 2 Rsync, Enterprise Linux | 2025-04-03 | N/A |
| rsync before 2.6.1 does not properly sanitize paths when running a read/write daemon without using chroot, which allows remote attackers to write files outside of the module's path. | ||||
| CVE-2005-3657 | 1 Mcafee | 2 Mcinsctl.dll, Virusscan Security Center | 2025-04-03 | N/A |
| The ActiveX control in MCINSCTL.DLL for McAfee VirusScan Security Center does not use the IObjectSafetySiteLock API to restrict access to required domains, which allows remote attackers to create or append to arbitrary files via the StartLog and AddLog methods in the MCINSTALL.McLog object. | ||||
| CVE-2004-0432 | 3 Gentoo, Proftpd Project, Trustix | 3 Linux, Proftpd, Secure Linux | 2025-04-03 | N/A |
| ProFTPD 1.2.9 treats the Allow and Deny directives for CIDR based ACL entries as if they were AllowAll, which could allow FTP clients to bypass intended access restrictions. | ||||
| CVE-2004-0447 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2025-04-03 | N/A |
| Unknown vulnerability in Linux before 2.4.26 for IA64 allows local users to cause a denial of service, with unknown impact. NOTE: due to a typo, this issue was accidentally assigned CVE-2004-0477. This is the proper candidate to use for the Linux local DoS. | ||||
| CVE-2004-0457 | 2 Oracle, Redhat | 2 Mysql, Enterprise Linux | 2025-04-03 | N/A |
| The mysqlhotcopy script in mysql 4.0.20 and earlier, when using the scp method from the mysql-server package, allows local users to overwrite arbitrary files via a symlink attack on temporary files. | ||||
| CVE-2005-3661 | 1 Dell | 1 Truemobile 2300 Wireless Broadband Router | 2025-04-03 | N/A |
| Dell TrueMobile 2300 Wireless Broadband Router running firmware 3.0.0.8 and 5.1.1.6, and possibly other versions, allows remote attackers to reset authentication credentials, then change configuration or firmware, via a direct request to apply.cgi with the Page parameter set to adv_password.asp. | ||||
| CVE-2004-0491 | 1 Redhat | 1 Enterprise Linux | 2025-04-03 | N/A |
| The linux-2.4.21-mlock.patch in Red Hat Enterprise Linux 3 does not properly maintain the mlock page count when one process unlocks pages that belong to another process, which allows local users to mlock more memory than specified by the rlimit. | ||||
| CVE-2001-0635 | 1 Redhat | 1 Linux | 2025-04-03 | N/A |
| Red Hat Linux 7.1 sets insecure permissions on swap files created during installation, which can allow a local attacker to gain additional privileges by reading sensitive information from the swap file, such as passwords. | ||||
| CVE-2004-0524 | 1 Thiago Melo De Paula | 1 Change Passwd | 2025-04-03 | N/A |
| Buffer overflow in the chpasswd command in the Change_passwd plugin before 4.0, as used in SquirrelMail, allows local users to gain root privileges via a long user name. | ||||
| CVE-2005-3664 | 2 F-secure, Kaspersky Lab | 3 F-secure Anti-virus, Kaspersky Anti-virus, Kaspersky Anti-virus Personal | 2025-04-03 | N/A |
| Heap-based buffer overflow in Kaspersky Anti-Virus Engine, as used in Kaspersky Personal 5.0.227, Anti-Virus On-Demand Scanner for Linux 5.0.5, and F-Secure Anti-Virus for Linux 4.50 allows remote attackers to execute arbitrary code via a crafted CHM file. | ||||
| CVE-2004-0543 | 1 Oracle | 2 Applications, E-business Suite | 2025-04-03 | N/A |
| Multiple SQL injection vulnerabilities in Oracle Applications 11.0 and Oracle E-Business Suite 11.5.1 through 11.5.8 allow remote attackers to execute arbitrary SQL procedures and queries. | ||||
| CVE-2002-2041 | 1 Qnx | 1 Rtos | 2025-04-03 | N/A |
| Multiple buffer overflows in realtime operating system (RTOS) 6.1.0 allows local users to execute arbitrary code via (1) a long ABLANG environment variable in phlocale or (2) a long -u option to pkg-installer. | ||||
| CVE-2005-3673 | 1 Checkpoint | 5 Check Point, Express, Firewall-1 and 2 more | 2025-04-03 | N/A |
| The Internet Key Exchange version 1 (IKEv1) implementation in Check Point products allows remote attackers to cause a denial of service via certain crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to. | ||||
| CVE-2002-2043 | 1 Cyrus | 1 Sasl | 2025-04-03 | N/A |
| SQL injection vulnerability in the LDAP and MySQL authentication patch for Cyrus SASL 1.5.24 and 1.5.27 allows remote attackers to execute arbitrary SQL commands and log in as arbitrary POP mail users via the password. | ||||
| CVE-2002-2051 | 1 Modlogan | 1 Modlogan | 2025-04-03 | N/A |
| The processor_web plugin for ModLogAn 0.5.0 through 0.7.11, when used with the splitby option, allows local users to overwrite arbitrary files via a symlink attack on files specified as hostnames in a log file. | ||||
| CVE-2002-2088 | 1 Mosix Project | 1 Clump Os | 2025-04-03 | N/A |
| The MOSIX Project clump/os 5.4 creates a default VNC account without a password, which allows remote attackers to gain root access. | ||||