Total
29737 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2003-1296 | 1 Efs Software | 1 Efs Web Server | 2025-04-03 | N/A |
| Easy File Sharing (EFS) Web Server 1.2 allows remote authenticated users to cause a denial of service via (1) an "empty symbol" in the Title field or (2) certain data in the Your Message field, possibly a long argument. | ||||
| CVE-2004-0985 | 1 Microsoft | 1 Ie | 2025-04-03 | N/A |
| Internet Explorer 6.x on Windows XP SP2 allows remote attackers to execute arbitrary code, as demonstrated using a document with a draggable file type such as .xml, .doc, .py, .cdf, .css, .pdf, or .ppt, and using ADODB.Connection and ADODB.recordset to write to a .hta file that is interpreted in the Local Zone by HTML Help. | ||||
| CVE-2004-2202 | 1 Duware | 1 Duclassified | 2025-04-03 | N/A |
| Multiple SQL injection vulnerabilities in DUware DUclassified 4.0 through 4.2 allows remote attackers to bypass authentication and execute other commands on the server's underlying database via the (1) cat_id or (2) sub_id parameters in adDetail.asp, or (2) the password parameter in the login form. | ||||
| CVE-2003-1305 | 1 Microsoft | 1 Internet Explorer | 2025-04-03 | N/A |
| Microsoft Internet Explorer allows remote attackers to cause a denial of service (resource consumption) via a Javascript src attribute that recursively loads the current web page. | ||||
| CVE-2004-0987 | 2 Yard Radius, Yard Radius Project | 2 Yard Radius, Yard Radius | 2025-04-03 | N/A |
| Buffer overflow in the process_menu function in yardradius 1.0.20 allows remote attackers to execute arbitrary code. | ||||
| CVE-2005-0292 | 1 Php Gift Registry | 1 Phpgiftreg | 2025-04-03 | N/A |
| Multiple SQL injection vulnerabilities in index.php in PHP Gift Registry (phpGiftReg) 1.4.0, and possibly other versions before 1.5.0b1, allow remote attackers to execute arbitrary SQL commands via the (1) messageid, (2) shopper, (3) shopfor, or (4) itemid parameters. | ||||
| CVE-2004-0992 | 1 Proxytunnel | 1 Proxytunnel | 2025-04-03 | N/A |
| Format string vulnerability in the -a option (daemon mode) in Proxytunnel before 1.2.3 allows remote attackers to execute arbitrary code via format string specifiers in an invalid proxy answer. | ||||
| CVE-2004-2212 | 1 Alivesites | 1 Alivesites Forum | 2025-04-03 | N/A |
| SQL injection vulnerability in forum.asp in AliveSites Forums 2.0 allows remote attackers to execute arbitrary SQL commands via the forum_id parameter. | ||||
| CVE-2003-1316 | 1 Endonesia | 1 Endonesia | 2025-04-03 | N/A |
| mod.php in eNdonesia 8.2 allows remote attackers to obtain sensitive information via a ' (quote) value in the lng parameter, which reveals the path in an error message. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2004-0996 | 4 Cscope, Debian, Gentoo and 1 more | 4 Cscope, Debian Linux, Linux and 1 more | 2025-04-03 | N/A |
| main.c in cscope 15-4 and 15-5 creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack. | ||||
| CVE-2004-2218 | 1 Phpmywebhosting | 1 Phpmywebhosting | 2025-04-03 | N/A |
| SQL injection vulnerability in pmwh.php in PHPMyWebHosting 0.3.4 and earlier allows remote attackers to modify SQL statements via the password parameter. | ||||
| CVE-2005-0299 | 1 Gforge | 1 Gforge | 2025-04-03 | N/A |
| Directory traversal vulnerability in GForge 3.3 and earlier allows remote attackers to list arbitrary directories via a .. (dot dot) in the (1) dir parameter to controller.php or (2) dir_name parameter to controlleroo.php. | ||||
| CVE-2005-1003 | 1 Profitcode | 1 Payprocart | 2025-04-03 | N/A |
| Directory traversal vulnerability in index.php for ProfitCode PayProCart 3.0 allows remote attackers to include arbitrary PHP files via .. (dot dot) sequences in the modID parameter. | ||||
| CVE-2004-0997 | 1 Linux | 1 Linux Kernel | 2025-04-03 | N/A |
| Unspecified vulnerability in the ptrace MIPS assembly code in Linux kernel 2.4 before 2.4.17 allows local users to gain privileges via unknown vectors. | ||||
| CVE-2005-0306 | 1 Mercuryboard | 1 Mercuryboard | 2025-04-03 | N/A |
| MercuryBoard 1.1.1 allows remote attackers to gain sensitive information via an HTTP request with the n parameter set to 0, which causes a divide-by-zero error and reveals the path in the resulting error message. | ||||
| CVE-2004-0999 | 1 Zgv | 1 Zgv Image Viewer | 2025-04-03 | N/A |
| zgv 5.5.3 allows remote attackers to cause a denial of service (application crash via segmentation fault) via crafted multiple-image (animated) GIF images. | ||||
| CVE-2004-2220 | 1 F-secure | 1 F-secure Anti-virus | 2025-04-03 | N/A |
| F-Secure Anti-Virus for Microsoft Exchange 6.30 and 6.31 does not properly detect certain password-protected files in a ZIP file, which allows remote attackers to bypass anti-virus protection. | ||||
| CVE-2005-0311 | 1 Ingate | 1 Ingate Firewall | 2025-04-03 | N/A |
| Ingate Firewall 4.1.3 and earlier does not terminate the PPTP session for an active user when the administrator disables that user from a resource, which could allow remote authenticated users to retain unauthorized access to resources. | ||||
| CVE-2004-1000 | 1 Debian | 1 Lintian | 2025-04-03 | N/A |
| lintian 1.23 and earlier removes the working directory even if it was not created by lintian, which may allow local users to delete arbitrary files or directories via a symlink attack. | ||||
| CVE-2005-1010 | 1 Comersus Open Technologies | 1 Comersus Cart | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in Comersus Cart 6 allows remote attackers to inject arbitrary web script or HTML via the account username. | ||||