ReportizFlow
Filtered by vendor
Subscriptions
Total
29889 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2003-0393 | 1 Privacyware | 1 Privatefirewall | 2025-04-03 | N/A |
| Privacyware Privatefirewall 3.0 does not block certain incoming packets when in "Filter Internet Traffic" or Deny Internet Traffic" modes, which allows remote attackers to identify running services via FIN scans or Xmas scans. | ||||
| CVE-1999-0683 | 1 Network Associates | 1 Gauntlet Firewall | 2025-04-03 | N/A |
| Denial of service in Gauntlet Firewall via a malformed ICMP packet. | ||||
| CVE-1999-0678 | 2 Apache, Debian | 2 Http Server, Debian Linux | 2025-04-03 | N/A |
| A default configuration of Apache on Debian GNU/Linux sets the ServerRoot to /usr/doc, which allows remote users to read documentation files for the entire server. | ||||
| CVE-2006-2088 | 1 Devsyn | 1 Open Bulletin Board | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Devsyn Open Bulletin Board (OpenBB) 1.0.6 allow remote attackers to inject arbitrary web script or HTML via (1) the FID parameter in board.php and (2) the TID parameter in read.php. NOTE: the SQL injection issues are already covered by CVE-2005-1612 (read.php) and CVE-2005-2566 (board.php). | ||||
| CVE-2005-0195 | 1 Cisco | 1 Ios | 2025-04-03 | N/A |
| Cisco IOS 12.0S through 12.3YH allows remote attackers to cause a denial of service (device restart) via a crafted IPv6 packet. | ||||
| CVE-1999-0712 | 1 Caldera | 2 Coas, Openlinux | 2025-04-03 | N/A |
| A vulnerability in Caldera Open Administration System (COAS) allows the /etc/shadow password file to be made world-readable. | ||||
| CVE-2003-0405 | 1 Vignette | 3 Content Suite, Storyserver, Vignette | 2025-04-03 | N/A |
| Vignette StoryServer 5 and Vignette V/6 allows remote attackers to execute arbitrary TCL code via (1) an HTTP query or cookie which is processed in the NEEDS command, or (2) an HTTP Referrer that is processed in the VALID_PATHS command. | ||||
| CVE-2003-0412 | 1 Sun | 1 One Application Server | 2025-04-03 | N/A |
| Sun ONE Application Server 7.0 for Windows 2000/XP does not log the complete URI of a long HTTP request, which could allow remote attackers to hide malicious activities. | ||||
| CVE-2003-0414 | 1 Sun | 1 One Application Server | 2025-04-03 | N/A |
| The installation of Sun ONE Application Server 7.0 for Windows 2000/XP creates a statefile with world-readable permissions, which allows local users to gain privileges by reading a plaintext password in the statefile. | ||||
| CVE-2006-2091 | 1 Vwar | 1 Virtual War | 2025-04-03 | N/A |
| admin.php in Virtual War (VWar) 1.5 and versions before 1.2 allows remote attackers to obtain sensitive information via an invalid vwar_root parameter, which reveals the path in an error message. | ||||
| CVE-2000-1073 | 1 Netscape | 1 Iplanet Ical | 2025-04-03 | N/A |
| csstart program in iCal 2.1 Patch 2 searches for the cshttpd program in the current working directory, which allows local users to gain root privileges by creating a Trojan Horse cshttpd program in a directory and calling csstart from that directory. | ||||
| CVE-2003-0417 | 1 Super-m | 1 Son Hserver | 2025-04-03 | N/A |
| Directory traversal vulnerability in Son hServer 0.2 allows remote attackers to read arbitrary files via ".|." (modified dot-dot) sequences. | ||||
| CVE-2003-0418 | 1 Linux | 1 Linux Kernel | 2025-04-03 | N/A |
| The Linux 2.0 kernel IP stack does not properly calculate the size of an ICMP citation, which causes it to include portions of unauthorized memory in ICMP error responses. | ||||
| CVE-1999-0727 | 1 Openbsd | 1 Openbsd | 2025-04-03 | N/A |
| A kernel leak in the OpenBSD kernel allows IPsec packets to be sent unencrypted. | ||||
| CVE-2006-2101 | 1 Winiso Computing | 1 Winiso | 2025-04-03 | N/A |
| Directory traversal vulnerability in WinISO 5.3 allows remote attackers to write arbitrary files via a .. (dot dot) in a filename in an ISO image. | ||||
| CVE-2003-0426 | 1 Apple | 1 Darwin Streaming Server | 2025-04-03 | N/A |
| The installation of Apple QuickTime / Darwin Streaming Server before 4.1.3f starts the administration server with a "Setup Assistant" page that allows remote attackers to set the administrator password and gain privileges before the real administrator. | ||||
| CVE-2005-1109 | 1 Junkbuster | 1 Internet Junkbuster | 2025-04-03 | N/A |
| The filtering of URLs in JunkBuster before 2.0.2-r3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via heap corruption. | ||||
| CVE-2004-0216 | 1 Microsoft | 2 Ie, Internet Explorer | 2025-04-03 | N/A |
| Integer overflow in the Install Engine (inseng.dll) for Internet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via a malicious website or HTML email with a long .CAB file name, which triggers the integer overflow when calculating a buffer length and leads to a heap-based buffer overflow. | ||||
| CVE-2005-1509 | 1 Pwsphp | 1 Pwsphp | 2025-04-03 | N/A |
| SQL injection vulnerability in profil.php in PwsPHP 1.2.2 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2005-1512 | 1 Pwsphp | 1 Pwsphp | 2025-04-03 | N/A |
| The Admin panel in PwsPHP 1.2.2 does not properly verify uploaded picture files, which allows remote attackers to upload and possibly execute arbitrary files. | ||||