ReportizFlow
Filtered by vendor
Subscriptions
Total
29889 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-2814 | 1 Ishopcart | 1 Ishopcart | 2025-04-03 | N/A |
| Multiple buffer overflows in the (1) vGetPost and (2) main functions in easy-scart.c through easy-scart6.c in iShopCart allow remote attackers to execute arbitrary code by sending a large amount of data containing "Submit" in an sslinvoice action, and allow remote attackers to have an unknown impact via a large amount of posted data. | ||||
| CVE-2002-0988 | 1 Caldera | 2 Openunix, Unixware | 2025-04-03 | N/A |
| Buffer overflow in X server (Xsco) in OpenUNIX 8.0.0 and UnixWare 7.1.1, possibly related to XBM/xkbcomp capabilities. | ||||
| CVE-2005-1978 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2025-04-03 | N/A |
| COM+ in Microsoft Windows does not properly "create and use memory structures," which allows local users or remote attackers to execute arbitrary code. | ||||
| CVE-2002-1003 | 1 Mywebserver | 1 Mywebserver | 2025-04-03 | N/A |
| Buffer overflow in MyWebServer 1.02 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request. | ||||
| CVE-2002-1006 | 1 Bbc Education | 1 Betsie | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in BBC Education Text to Speech Internet Enhancer (Betsie) 1.5.11 and earlier allows remote attackers to execute arbitrary web script via parserl.pl. | ||||
| CVE-2006-2881 | 1 Dreamcost | 1 Dreamaccount | 2025-04-03 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in DreamAccount 3.1 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the da_path parameter in the (1) auth.cookie.inc.php, (2) auth.header.inc.php, or (3) auth.sessions.inc.php scripts. | ||||
| CVE-2006-2910 | 1 Cowon America | 1 Jetaudio | 2025-04-03 | N/A |
| Buffer overflow in jetAudio 6.2.6.8330 (Basic), and possibly other versions, allows user-assisted attackers to execute arbitrary code via an audio file (such as WMA) with long ID Tag values including (1) Title, (2) Author, and (3) Album, which triggers the overflow in the tooltip display string if the sound card driver is disabled or incorrectly installed. | ||||
| CVE-2004-0921 | 1 Apple | 3 Mac Os X, Mac Os X Server, Quicktime | 2025-04-03 | N/A |
| AFP Server on Mac OS X 10.3.x to 10.3.5, when a guest has mounted an AFP volume, allows the guest to "terminate authenticated user mounts" via modified SessionDestroy packets. | ||||
| CVE-2006-2961 | 1 Aclogic | 1 Cesarftp | 2025-04-03 | N/A |
| Stack-based buffer overflow in CesarFTP 0.99g and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long MKD command. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | ||||
| CVE-2006-2985 | 1 Integramod | 1 Integramod | 2025-04-03 | N/A |
| SQL injection vulnerability in index.php in IntegraMOD 1.4.0 and earlier allows remote attackers to execute arbitrary SQL commands via double-encoded "'" characters in the STYLE_URL parameter. | ||||
| CVE-2002-1021 | 1 Working Resources Inc. | 1 Badblue | 2025-04-03 | N/A |
| BadBlue server allows remote attackers to read restricted files, such as EXT.INI, via an HTTP request that contains a hex-encoded null byte. | ||||
| CVE-2006-2991 | 1 Ringlink | 1 Ringlink | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Ringlink 3.2 allow remote attackers to inject arbitrary web script or HTML via a JavaScript URI in the SRC attribute of an IMG element, and possibly other manipulations, in the ringid parameter in (1) next.cgi, (2) stats.cgi, or (3) list.cgi. | ||||
| CVE-2002-1044 | 1 Ultrafunk | 1 Popcorn | 2025-04-03 | N/A |
| Buffer overflow in Ultrafunk Popcorn 1.20 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long Subject field. | ||||
| CVE-2000-0700 | 1 Cisco | 4 Gigabit Switch Router 12008, Gigabit Switch Router 12012, Gigabit Switch Router 12016 and 1 more | 2025-04-03 | N/A |
| Cisco Gigabit Switch Routers (GSR) with Fast Ethernet / Gigabit Ethernet cards, from IOS versions 11.2(15)GS1A up to 11.2(19)GS0.2 and some versions of 12.0, do not properly handle line card failures, which allows remote attackers to bypass ACLs or force the interface to stop forwarding packets. | ||||
| CVE-2006-3023 | 1 Uapplication | 1 Uphotogallery | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in thumbnails.asp in Uapplication Uphotogallery 1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) s and (2) block parameters. | ||||
| CVE-2000-0003 | 1 Sco | 1 Unixware | 2025-04-03 | N/A |
| Buffer overflow in UnixWare rtpm program allows local users to gain privileges via a long environmental variable. | ||||
| CVE-2006-3053 | 1 Phorum | 1 Phorum | 2025-04-03 | N/A |
| PHP remote file inclusion vulnerability in common.php in PHORUM 5.1.13 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the PHORUM[http_path] parameter. NOTE: this issue has been disputed by the vendor, who states "common.php is checked on the very first line of non-comment code that it is not being called directly. It has been this way in all 5.x version of Phorum." CVE analysis concurs with the vendor | ||||
| CVE-2004-0924 | 2 Apple, Easy Software Products | 3 Mac Os X, Mac Os X Server, Cups | 2025-04-03 | N/A |
| NetInfo Manager on Mac OS X 10.3.x through 10.3.5, after an initial root login, reports the root account as being disabled, even when it has not. | ||||
| CVE-2002-1054 | 1 Pablo Software Solutions | 1 Pablo Ftp Server | 2025-04-03 | N/A |
| Directory traversal vulnerability in Pablo FTP server 1.0 build 9 and earlier allows remote authenticated users to list arbitrary directories via "..\" (dot-dot backslash) sequences in a LIST command. | ||||
| CVE-2006-3055 | 1 Vbzoom | 1 Vbzoom | 2025-04-03 | N/A |
| Multiple SQL injection vulnerabilities in VBZooM 1.02 allow remote attackers to execute arbitrary SQL commands via the (1) QuranID, (2) ShowByQuranID, or (3) Action parameters to meaning.php. | ||||