Total
29099 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-4156 | 1 Mambo | 1 Mambo Open Source 4.5 | 2024-09-17 | N/A |
| Unspecified vulnerability in Mambo 4.5 (1.0.0) through 4.5 (1.0.9), with magic_quotes_gpc disabled, allows remote attackers to read arbitrary files and possibly cause a denial of service via a query string that ends with a NULL character. | ||||
| CVE-2005-0107 | 1 Debian | 1 Bsmtpd | 2024-09-17 | N/A |
| bsmtpd 2.3 and earlier does not properly sanitize e-mail addresses, which allows remote attackers to execute arbitrary commands. | ||||
| CVE-2005-2511 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-09-17 | N/A |
| Unknown vulnerability in Mac OS X 10.4.2 and earlier, when using Kerberos authentication with LDAP, allows attackers to gain access to a root Terminal window. | ||||
| CVE-2002-2079 | 2 Mosix Project, Openmosix Project | 2 Mosix, Openmosix | 2024-09-17 | N/A |
| mosix-protocol-stack in Multicomputer Operating System for UnIX (MOSIX) 1.5.7 allows remote attackers to cause a denial of service via malformed packets. | ||||
| CVE-2005-3075 | 1 Mpc-donkey | 1 Zengaia | 2024-09-17 | N/A |
| SQL injection vulnerability in Zengaia before 0.2 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | ||||
| CVE-2005-4173 | 1 Efiction Project | 1 Efiction | 2024-09-17 | N/A |
| eFiction 1.0, 1.1, and 2.0 allows remote attackers to obtain sensitive information by accessing phpinfo.php, which executes the PHP phpinfo function. | ||||
| CVE-2010-3385 | 1 Herac | 1 Tuxguitar | 2024-09-17 | N/A |
| TuxGuitar 1.2 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. | ||||
| CVE-2019-1863 | 1 Cisco | 13 Encs 5100, Encs 5400, Integrated Management Controller Supervisor and 10 more | 2024-09-17 | 8.1 High |
| A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an authenticated, remote attacker to make unauthorized changes to the system configuration. The vulnerability is due to insufficient authorization enforcement. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected software. A successful exploit could allow a user with read-only privileges to change critical system configurations using administrator privileges. | ||||
| CVE-2010-5208 | 1 Ksoffice | 1 Office 2010 | 2024-09-17 | N/A |
| Multiple untrusted search path vulnerabilities in the (1) Presentation, (2) Writer, and (3) Spreadsheets components in Kingsoft Office 2010 6.6.0.2477 allow local users to gain privileges via a Trojan horse plgpf.dll file in the current working directory, as demonstrated by a directory that contains a .xls, .ppt, .rtf, or .doc file. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2001-1569 | 1 Cmg | 1 Openwave Wap Gateway | 2024-09-17 | N/A |
| Openwave WAP gateway does not verify the fully qualified domain name URL with X.509 certificates from root certificate authorities, which allows remote attackers to spoof SSL certificates via a man-in-the-middle attack. | ||||
| CVE-2006-6600 | 1 Torrentflux | 1 Torrentflux | 2024-09-17 | N/A |
| Cross-site scripting (XSS) vulnerability in dir.php in TorrentFlux 2.2, when allows remote attackers to inject arbitrary web script or HTML via double URL-encoded strings in the dir parameter, a related issue to CVE-2006-5609. | ||||
| CVE-2022-26308 | 1 Pandorafms | 1 Pandora Fms | 2024-09-17 | 3.7 Low |
| Pandora FMS v7.0NG.760 and below allows an improper access control in Configuration (Credential store) where a user with the role of Operator (Write) could create, delete, view existing keys which are outside the intended role. | ||||
| CVE-2003-0755 | 1 Gtkftpd | 1 Gtkftp | 2024-09-17 | N/A |
| Buffer overflow in sys_cmd.c for gtkftpd 1.0.4 and earlier allows remote attackers to execute arbitrary code by creating long directory names and listing them with a LIST command. | ||||
| CVE-2005-2944 | 1 Brent Ely | 1 Gnome Workstation Command Center | 2024-09-17 | N/A |
| The perform_file_save function in GNOME Workstation Command Center (gwcc) 0.9.6 and earlier allows local users to create and overwrite arbitrary files via a symlink attack on the gwcc_out.txt temporary file. | ||||
| CVE-2009-0276 | 1 Google | 1 Chrome | 2024-09-17 | N/A |
| Cross-domain vulnerability in the V8 JavaScript engine in Google Chrome before 1.0.154.46 allows remote attackers to bypass the Same Origin Policy via a crafted script that accesses another frame and reads its full URL and possibly other sensitive information, or modifies the URL of this frame. | ||||
| CVE-2006-6654 | 1 Netbsd | 1 Netbsd | 2024-09-17 | N/A |
| The sendmsg function in NetBSD-current before 20061023, NetBSD 3.0 and 3.0.1 before 20061024, and NetBSD 2.x before 20061029, when run on a 64-bit architecture, allows attackers to cause a denial of service (kernel panic) via an invalid msg_controllen parameter to the sendit function. | ||||
| CVE-2010-5227 | 1 Opera | 1 Opera | 2024-09-17 | N/A |
| Untrusted search path vulnerability in Opera before 10.62 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .htm, .mht, .mhtml, .xht, .xhtm, or .xhtl file. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2002-2145 | 1 Savant | 1 Savant Webserver | 2024-09-17 | N/A |
| Savant Web Server 3.1 and earlier allows remote attackers to bypass authentication for password protected user folders via a URL with a hex encoded space (%20) and a '.' (%2e) at the end of the filename. | ||||
| CVE-2006-5025 | 1 Paisterist | 1 Simple Http Scanner | 2024-09-17 | N/A |
| Multiple unspecified vulnerabilities in Paisterist Simple HTTP Scanner (sHTTPScanner) before 0.2 have unknown impact and attack vectors. | ||||
| CVE-2020-10277 | 3 Easyrobotics, Mobile-industrial-robots, Uvd-robots | 20 Er-flex, Er-flex Firmware, Er-lite and 17 more | 2024-09-17 | 6.4 Medium |
| There is no mechanism in place to prevent a bad operator to boot from a live OS image, this can lead to extraction of sensible files (such as the shadow file) or privilege escalation by manually adding a new user with sudo privileges on the machine. | ||||