ReportizFlow
Filtered by vendor
Subscriptions
Total
29887 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-0947 | 4 Arj Software Inc., Gentoo, Redhat and 1 more | 4 Unarj, Linux, Enterprise Linux and 1 more | 2025-04-03 | N/A |
| Buffer overflow in unarj before 2.63a-r2 allows remote attackers to execute arbitrary code via an arj archive that contains long filenames. | ||||
| CVE-2005-1667 | 1 Datatrac | 1 Activity Console | 2025-04-03 | N/A |
| DataTrac Activity Console 1.1 allows remote attackers to cause a denial of service via a long HTTP GET request. | ||||
| CVE-2005-1671 | 1 Yahoo | 1 Messenger | 2025-04-03 | N/A |
| The Logfile feature in Yahoo! Messenger 5.x through 6.0 can be activated by a YMSGR: URL and writes all output to a single ypager.log file, even when there are multiple users, and does not properly warn later users that the feature has been enabled, which allows local users to obtain sensitive information from other users. | ||||
| CVE-1999-0362 | 1 Ipswitch | 1 Ws Ftp Server | 2025-04-03 | N/A |
| WS_FTP server remote denial of service through cwd command. | ||||
| CVE-2005-1767 | 3 Novell, Redhat, Suse | 4 Linux Desktop, Open Enterprise Server, Enterprise Linux and 1 more | 2025-04-03 | N/A |
| traps.c in the Linux kernel 2.6.x and 2.4.x executes stack segment faults on an exception stack, which allows local users to cause a denial of service (oops and stack fault exception). | ||||
| CVE-2005-1805 | 1 Online Solutions For Educators | 1 Online Solutions For Educators | 2025-04-03 | N/A |
| SQL injection vulnerability in login.asp in an unknown product by Online Solutions for Educators (OS4E) allows remote attackers to execute arbitrary SQL commands via the password. | ||||
| CVE-2005-1809 | 1 Sony | 2 P900, P900 Firmware | 2025-04-03 | N/A |
| Sony Ericsson P900 Beamer allows remote attackers to cause a denial of service (panic) via an obexftp session with a long filename in an OBEX File Transfer or OBEX Object Push. | ||||
| CVE-2005-1829 | 1 Microsoft | 1 Internet Explorer | 2025-04-03 | N/A |
| Microsoft Internet Explorer 6 SP2 allows remote attackers to cause a denial of service (infinite loop and application crash) via two embedded files that call each other. | ||||
| CVE-2006-0703 | 1 Imagevue | 1 Imagevue | 2025-04-03 | N/A |
| Unspecified vulnerability in index.php in imageVue 16.1 has unknown impact, probably a cross-site scripting (XSS) vulnerability involving the query string that is not quoted when inserted into style and body tags, as demonstrated using a bgcol parameter. | ||||
| CVE-2006-0708 | 1 Nullsoft | 1 Winamp | 2025-04-03 | N/A |
| Multiple buffer overflows in NullSoft Winamp 5.13 and earlier allow remote attackers to execute arbitrary code via (1) an m3u file containing a long URL ending in .wma, (2) a pls file containing a File1 field with a long URL ending in .wma, or (3) an m3u file with a long filename, variants of CVE-2005-3188 and CVE-2006-0476. | ||||
| CVE-2006-0709 | 2 Metamail Corporation, Redhat | 2 Metamail, Enterprise Linux | 2025-04-03 | N/A |
| Buffer overflow in Metamail 2.7-50 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via e-mail messages with a long boundary attribute, a different vulnerability than CVE-2004-0105. | ||||
| CVE-2005-1833 | 1 Mybulletinboard | 1 Mybulletinboard | 2025-04-03 | N/A |
| Multiple SQL injection vulnerabilities in MyBulletinBoard (MyBB) 1.00 RC4 allow remote attackers to execute arbitrary SQL commands via the (1) eid parameter to calendar.php, (2) idsql parameter to online.php, (3) usersearch parameter to memberlist.php, (4) pid parameter to editpost.php, (5) fid parameter to forumdisplay.php, (6) tid parameter to newreply.php, (7) sid parameter to search.php, (8) tid or (9) pid parameter to showthread.php, (10) tid parameter to usercp2.php, (11) tid parameter to printthread.php, or (12) pid parameter to reputation.php. | ||||
| CVE-2005-1843 | 1 Adobe | 1 Version Cue | 2025-04-03 | N/A |
| VCNative for Adobe Version Cue 1.0 and 1.0.1, as used in Creative Suite 1.0 and 1.3, and when running on Mac OS X with Version Cue Workspace, allows local users to load arbitrary libraries and execute arbitrary code via the -lib command line argument. | ||||
| CVE-2005-1869 | 1 Appindex | 1 Mwchat | 2025-04-03 | N/A |
| PHP remote file inclusion vulnerability in start_lobby.php in MWChat 6.x allows remote attackers to execute arbitrary PHP code via the CONFIG[MWCHAT_Libs] parameter. | ||||
| CVE-2005-1874 | 1 Evan Wagner | 1 Dzip | 2025-04-03 | N/A |
| Directory traversal vulnerability in Dzip before 2.9 allows remote attackers to create arbitrary files via a filename containing a .. (dot dot) in a .dz archive. | ||||
| CVE-2005-1878 | 1 Giptables | 1 Giptables Firewall | 2025-04-03 | N/A |
| GIPTables Firewall 1.1 and earlier allows local users to overwrite arbitrary files via a symlink attack on the temp.ip.addresses temporary file. | ||||
| CVE-1999-0402 | 1 Gnu | 1 Wget | 2025-04-03 | N/A |
| wget 1.5.3 follows symlinks to change permissions of the target file instead of the symlink itself. | ||||
| CVE-2005-1910 | 1 Wwweb Concepts | 1 Events System | 2025-04-03 | N/A |
| SQL injection vulnerability in login.asp for WWWeb Concepts Events System 1.0 allows remote attackers to execute arbitrary SQL commands via the password. | ||||
| CVE-1999-0407 | 1 Microsoft | 1 Internet Information Server | 2025-04-03 | N/A |
| By default, IIS 4.0 has a virtual directory /IISADMPWD which contains files that can be used as proxies for brute force password attacks, or to identify valid users on the system. | ||||
| CVE-2006-0776 | 1 Teca Scripts | 1 Guestex | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in guestex.pl in Teca Scripts Guestex 1.0 allows remote attackers to inject arbitrary web script or HTML via the url parameter. | ||||