Total
29099 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-1871 | 1 Sun | 2 Solaris, Sunos | 2024-09-17 | N/A |
| pkgadd in Sun Solaris 2.5.1 through 8 installs files setuid/setgid root if the pkgmap file contains a "?" (question mark) in the (1) mode, (2) owner, or (3) group fields, which allows attackers to elevate privileges. | ||||
| CVE-2005-2140 | 1 Fsboard | 1 Fsboard | 2024-09-17 | N/A |
| Directory traversal vulnerability in default.asp for FSboard 2.0 allows remote attackers to read arbitrary files via ".." sequences in the filename parameter. | ||||
| CVE-2022-25302 | 1 Opc Ua Stack Project | 1 Opc Ua Stack | 2024-09-17 | 7.5 High |
| All versions of package asneg/opcuastack are vulnerable to Denial of Service (DoS) due to a missing handler for failed casting when unvalidated data is forwarded to boost::get function in OpcUaNodeIdBase.h. Exploiting this vulnerability is possible when sending a specifically crafted OPC UA message with a special encoded NodeId. | ||||
| CVE-2000-1223 | 1 I-soft | 1 Quikstore | 2024-09-17 | N/A |
| quikstore.cgi in Quikstore Shopping Cart allows remote attackers to execute arbitrary commands via shell metacharacters in the URL portion of an HTTP GET request. | ||||
| CVE-2002-1964 | 1 Wesmo | 1 Phpeventcalendar | 2024-09-17 | N/A |
| Unknown vulnerability in WesMo phpEventCalendar 1.1 allows remote attackers to execute arbitrary commands via unknown attack vectors. | ||||
| CVE-2010-5257 | 1 Graphisoft | 1 Archicad | 2024-09-17 | N/A |
| Multiple untrusted search path vulnerabilities in ArchiCAD 13 and 14 allow local users to gain privileges via a Trojan horse (1) srcsrv.dll or (2) GSAutoTester.DLL file in the current working directory, as demonstrated by a directory that contains a .2df file. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2005-4775 | 1 Michael Scholz | 1 Contineo | 2024-09-17 | N/A |
| Michael Scholz and Sebastian Stein Contineo 2.0, when the admin account lacks an e-mail address attribute, displays the password hash in a warning upon page reload, which might allow remote attackers to view the hash. | ||||
| CVE-2005-1706 | 1 Mailscanner | 1 Mailscanner | 2024-09-17 | N/A |
| Unknown vulnerability in MailScanner 4.41.3 and earlier, related to "incomplete reporting of viruses in zip files," allows remote attackers to bypass virus detection. | ||||
| CVE-2012-2846 | 2 Google, Linux | 2 Chrome, Linux Kernel | 2024-09-17 | N/A |
| Google Chrome before 21.0.1180.57 on Linux does not properly isolate renderer processes, which allows remote attackers to cause a denial of service (cross-process interference) via unspecified vectors. | ||||
| CVE-2003-0537 | 1 Daiki Ueno | 1 Liece Emacs Irc Client | 2024-09-17 | N/A |
| The liece Emacs IRC client 2.0+0.20030527 and earlier creates temporary files insecurely, which could allow local users to overwrite arbitrary files as other users. | ||||
| CVE-2003-0671 | 1 Jeremy Elson | 1 Tcpflow | 2024-09-17 | N/A |
| Format string vulnerability in tcpflow, when used in a setuid context, allows local users to execute arbitrary code via the device name argument, as demonstrated in Sustworks IPNetSentryX and IPNetMonitorX the setuid program RunTCPFlow. | ||||
| CVE-2006-3417 | 1 Tor | 1 Tor | 2024-09-17 | N/A |
| Tor client before 0.1.1.20 prefers entry points based on is_fast or is_stable flags, which could allow remote attackers to be preferred over nodes that are identified as more trustworthy "entry guard" (is_guard) systems by directory authorities. | ||||
| CVE-2003-0954 | 1 Ibm | 1 Aix | 2024-09-17 | N/A |
| Buffer overflow in rcp for AIX 4.3.3, 5.1 and 5.2 allows local users to gain privileges. | ||||
| CVE-2006-6536 | 1 Cilem | 1 Cilem Haber | 2024-09-17 | N/A |
| Cross-site scripting (XSS) vulnerability in hata.asp in Cilem Haber Free Edition allows remote attackers to inject arbitrary web script or HTML via the hata parameter. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2001-1516 | 1 Hans Wolters | 1 Phpreview | 2024-09-17 | N/A |
| Cross-site scripting (XSS) vulnerability in phpReview 0.9.0 rc2 and earlier allows remote attackers to inject arbitrary web script or HTML via user-submitted reviews. | ||||
| CVE-2005-1856 | 1 Sukria | 1 Backup Manager | 2024-09-17 | N/A |
| The CD-burning feature in backup-manager 0.5.8 and earlier uses a fixed filename in a world-writable directory for logging, which allows local users to overwrite files via a symlink attack. | ||||
| CVE-2005-1632 | 1 Tavis Rudd | 1 Cheetah | 2024-09-17 | N/A |
| Cheetah 0.9.15 and 0.9.16 searches the /tmp directory for modules before using the paths in the PYTHONPATH variable, which allows local users to execute arbitrary code via a malicious module in /tmp/. | ||||
| CVE-2005-2308 | 1 Microsoft | 1 Ie | 2024-09-17 | N/A |
| The JPEG decoder in Microsoft Internet Explorer allows remote attackers to cause a denial of service (CPU consumption or crash) and possibly execute arbitrary code via certain crafted JPEG images, as demonstrated using (1) mov_fencepost.jpg, (2) cmp_fencepost.jpg, (3) oom_dos.jpg, or (4) random.jpg. | ||||
| CVE-2005-3173 | 1 Microsoft | 1 Windows 2000 | 2024-09-17 | N/A |
| Microsoft Windows 2000 before Update Rollup 1 for SP4 does not apply group policies if the user logs on using UPN credentials with a trailing dot, which prevents Windows 2000 from finding the correct domain controller and could allow the user to bypass intended restrictions. | ||||
| CVE-2007-3841 | 1 Pidgin | 1 Pidgin | 2024-09-17 | N/A |
| Unspecified vulnerability in Pidgin (formerly Gaim) 2.0.2 for Linux allows remote authenticated users, who are listed in a users list, to execute certain commands via unspecified vectors, aka ZD-00000035. NOTE: this information is based upon a vague advisory by a vulnerability information sales organization that does not coordinate with vendors or release actionable advisories. A CVE has been assigned for tracking purposes, but duplicates with other CVEs are difficult to determine. | ||||