ReportizFlow
Filtered by vendor
Subscriptions
Total
29885 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-1999-1168 | 1 Iss | 1 Internet Security Scanner | 2025-04-03 | N/A |
| install.iss installation script for Internet Security Scanner (ISS) for Linux, version 5.3, allows local users to change the permissions of arbitrary files via a symlink attack on a temporary file. | ||||
| CVE-2006-3334 | 1 Greg Roelofs | 1 Libpng | 2025-04-03 | N/A |
| Buffer overflow in the png_decompress_chunk function in pngrutil.c in libpng before 1.2.12 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors related to "chunk error processing," possibly involving the "chunk_name". | ||||
| CVE-2006-3349 | 1 Sms Script | 1 Sms Script | 2025-04-03 | N/A |
| Multiple SQL injection vulnerabilities in SmS Script allow remote attackers to execute arbitrary SQL commands via the CatID parameter in (1) cat.php and (2) add.php. | ||||
| CVE-2006-2154 | 1 Emc | 1 Retrospect | 2025-04-03 | N/A |
| EMC Retrospect for Windows 6.5 before 6.5.382, 7.0 before 7.0.344, and 7.5 before 7.5.1.105 does not drop privileges before opening files, which allows local users to execute arbitrary code via the File>Open dialog. | ||||
| CVE-1999-1215 | 1 Novell | 1 Netware | 2025-04-03 | N/A |
| LOGIN.EXE program in Novell Netware 4.0 and 4.01 temporarily writes user name and password information to disk, which could allow local users to gain privileges. | ||||
| CVE-2005-3318 | 1 Jed Wing | 1 Chm Lib | 2025-04-03 | N/A |
| Buffer overflow in the _chm_decompress_block function in CHM lib (chmlib) before 0.37, as used in products such as KchmViewer, allows attackers to execute arbitrary code, a different vulnerability than CVE-2005-2930. | ||||
| CVE-2001-0106 | 1 Hp | 1 Hp-ux | 2025-04-03 | N/A |
| Vulnerability in inetd server in HP-UX 11.04 and earlier allows attackers to cause a denial of service when the "swait" state is used by a server. | ||||
| CVE-2006-3374 | 1 Randshop | 1 Randshop | 2025-04-03 | N/A |
| PHP remote file inclusion vulnerability in index.php in Randshop 1.2 and earlier, including 0.9.3, allows remote attackers to execute arbitrary PHP code via a URL in the incl parameter. | ||||
| CVE-1999-1233 | 1 Microsoft | 1 Internet Information Server | 2025-04-03 | N/A |
| IIS 4.0 does not properly restrict access for the initial session request from a user's IP address if the address does not resolve to a DNS domain, aka the "Domain Resolution" vulnerability. | ||||
| CVE-1999-1239 | 1 Hp | 1 Hp-ux | 2025-04-03 | N/A |
| HP-UX 9.x does not properly enable the Xauthority mechanism in certain conditions, which could allow local users to access the X display even when they have not explicitly been authorized to do so. | ||||
| CVE-2006-3379 | 1 Hiki Wiki | 1 Hiki Wiki | 2025-04-03 | N/A |
| Algorithmic complexity vulnerability in Hiki Wiki 0.6.0 through 0.6.5 and 0.8.0 through 0.8.5 allows remote attackers to cause a denial of service (CPU consumption) by performing a diff between large, crafted pages that trigger the worst case. | ||||
| CVE-2006-2250 | 1 Cutephp | 1 Cutenews | 2025-04-03 | N/A |
| CuteNews 1.4.1 allows remote attackers to obtain sensitive information via a direct request to (1) /inc/show.inc.php or (2) /inc/functions.inc.php, which reveal the path in an error message. | ||||
| CVE-1999-1306 | 1 Cisco | 1 Ios | 2025-04-03 | N/A |
| Cisco IOS 9.1 and earlier does not properly handle extended IP access lists when the IP route cache is enabled and the "established" keyword is set, which could allow attackers to bypass filters. | ||||
| CVE-2006-3415 | 1 Tor | 1 Tor | 2025-04-03 | N/A |
| Tor before 0.1.1.20 uses improper logic to validate the "OR" destination, which allows remote attackers to perform a man-in-the-middle (MITM) attack via unspecified vectors. | ||||
| CVE-2005-3428 | 1 Rockliffe | 1 Mailsite Express | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in Rockliffe MailSite Express before 6.1.22 allows remote attackers to inject arbitrary web script or HTML via a message body. | ||||
| CVE-2006-3420 | 1 Mybulletinboard | 1 Mybulletinboard | 2025-04-03 | N/A |
| Cross-site request forgery (CSRF) vulnerability in editpost.php in MyBulletinBoard (MyBB) before 1.1.5 allows remote attackers to perform unauthorized actions as a logged in user and delete arbitrary forum posts via a bbcode IMG tag with a modified delete parameter in a deletepost action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2006-2391 | 1 Emc | 1 Retrospect Client | 2025-04-03 | N/A |
| Buffer overflow in EMC Retrospect Client 5.1 through 7.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted packet to port 497. | ||||
| CVE-2006-2413 | 1 Gnunet | 1 Gnunet | 2025-04-03 | N/A |
| GNUnet before SVN revision 2781 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via an empty UDP datagram, possibly involving FIONREAD errors. | ||||
| CVE-1999-1447 | 1 Microsoft | 1 Internet Explorer | 2025-04-03 | N/A |
| Internet Explorer 4.0 allows remote attackers to cause a denial of service (crash) via HTML code that contains a long CLASSID parameter in an OBJECT tag. | ||||
| CVE-1999-1475 | 1 Proftpd Project | 1 Proftpd | 2025-04-03 | N/A |
| ProFTPd 1.2 compiled with the mod_sqlpw module records user passwords in the wtmp log file, which allows local users to obtain the passwords and gain privileges by reading wtmp, e.g. via the last command. | ||||