Total
29760 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-1113 | 1 Gerrit Van Aaken | 1 Loudblog | 2025-04-03 | N/A |
| SQL injection vulnerability in podcast.php in Loudblog before 0.42 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2003-0524 | 1 Knoppix | 1 Knoppix | 2025-04-03 | N/A |
| Qt in Knoppix 3.1 Live CD allows local users to overwrite arbitrary files via a symlink attack on the qt_plugins_3.0rc temporary file in the .qt directory. | ||||
| CVE-2006-1114 | 1 Gerrit Van Aaken | 1 Loudblog | 2025-04-03 | N/A |
| Multiple directory traversal vulnerabilities in Loudblog before 0.42 allow remote attackers to read or include arbitrary files via a .. (dot dot) and trailing %00 (NULL) byte in the (1) template and (2) page parameters in (a) index.php, and the (3) language parameter in (b) inc/backend_settings.php. | ||||
| CVE-2003-0560 | 1 Virtual Programming | 1 Vp-asp | 2025-04-03 | N/A |
| SQL injection vulnerability in shopexd.asp for VP-ASP allows remote attackers to gain administrator privileges via the id parameter. | ||||
| CVE-2003-0575 | 1 Sgi | 1 Irix | 2025-04-03 | N/A |
| Heap-based buffer overflow in the name services daemon (nsd) in SGI IRIX 6.5.x through 6.5.21f, and possibly earlier versions, allows attackers to gain root privileges via the AUTH_UNIX gid list. | ||||
| CVE-2006-1118 | 1 Bmail | 1 Bmail | 2025-04-03 | N/A |
| SQL injection vulnerability in bmail before Aardvark PR9.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors involving GBK character sets. | ||||
| CVE-2003-0580 | 1 Ibm | 1 U2 Universe | 2025-04-03 | N/A |
| Buffer overflow in uvadmsh in IBM U2 UniVerse 10.0.0.9 and earlier allows the uvadm user to execute arbitrary code via a long -uv.install command line argument. | ||||
| CVE-2006-3935 | 1 Alkacon | 1 Opencms | 2025-04-03 | N/A |
| system/workplace/views/admin/admin-main.jsp in Alkacon OpenCms before 6.2.2 does not restrict access to administrator functions, which allows remote authenticated users to (1) send broadcast messages to all users (/workplace/broadcast), (2) list all users (/accounts/users), (3) add webusers (/accounts/webusers/new), (4) upload database import and export files (/database/importhttp), (5) upload arbitrary program modules (/modules/modules_import), and (6) read the log file (/workplace/logfileview) by setting the appropriate value for the path parameter in a direct request to admin-main.jsp. | ||||
| CVE-2003-0592 | 2 Kde, Redhat | 4 Konqueror, Konqueror Embedded, Enterprise Linux and 1 more | 2025-04-03 | N/A |
| Konqueror in KDE 3.1.3 and earlier (kdelibs) allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Konqueror to send the cookie outside the specified URL subsets, e.g. to a vulnerable application that runs on the same server as the target application. | ||||
| CVE-2003-0623 | 1 Bea | 2 Tuxedo, Weblogic Server | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in the Administration Console for BEA Tuxedo 8.1 and earlier allows remote attackers to inject arbitrary web script via the INIFILE argument. | ||||
| CVE-2003-0632 | 1 Oracle | 2 Applications, E-business Suite | 2025-04-03 | N/A |
| Buffer overflow in the Oracle Applications Web Report Review (FNDWRR) CGI program (FNDWRR.exe) of Oracle E-Business Suite 11.0 and 11.5.1 through 11.5.8 may allow remote attackers to execute arbitrary code via a long URL. | ||||
| CVE-2003-0730 | 3 Netbsd, Redhat, Xfree86 Project | 4 Netbsd, Enterprise Linux, Linux and 1 more | 2025-04-03 | N/A |
| Multiple integer overflows in the font libraries for XFree86 4.3.0 allow local or remote attackers to cause a denial of service or execute arbitrary code via heap-based and stack-based buffer overflow attacks. | ||||
| CVE-2003-0737 | 1 Phpwebsite | 1 Phpwebsite | 2025-04-03 | N/A |
| The calendar module in phpWebSite 0.9.x and earlier allows remote attackers to obtain the full pathname of phpWebSite via an invalid year, which generates an error from localtime() in TimeZone.php of the Pear library. | ||||
| CVE-2006-1129 | 1 Ekinboard | 1 Ekinboard | 2025-04-03 | N/A |
| SQL injection vulnerability in config.php in EKINboard 1.0.3 allows remote attackers to execute arbitrary SQL commands and bypass authentication via the username cookie. | ||||
| CVE-2003-0764 | 1 Squished Mosquito | 1 Escapade | 2025-04-03 | N/A |
| Escapade Scripting Engine (ESP) allows remote attackers to obtain sensitive path information via a malformed request, which leaks the information in an error message, as demonstrated using the PAGE parameter. | ||||
| CVE-2003-0835 | 1 Mplayer | 1 Mplayer | 2025-04-03 | N/A |
| Multiple buffer overflows in asf_http_request of MPlayer before 0.92 allows remote attackers to execute arbitrary code via an ASX header with a long hostname. | ||||
| CVE-2003-0852 | 2 Sylpheed, Sylpheed-claws | 2 Sylpheed, Sylpheed-claws | 2025-04-03 | N/A |
| Format string vulnerability in send_message.c for Sylpheed-claws 0.9.4 through 0.9.6 allows remote SMTP servers to cause a denial of service (crash) in sylpheed via format strings in an error message. | ||||
| CVE-2003-0864 | 1 Ircnet | 1 Ircnet Ircd | 2025-04-03 | N/A |
| Buffer overflow in m_join in channel.c for IRCnet IRCD 2.10.x to 2.10.3p3 allows remote attackers to cause a denial of service. | ||||
| CVE-2003-0901 | 2 Postgresql, Redhat | 3 Postgresql, Enterprise Linux, Linux | 2025-04-03 | N/A |
| Buffer overflow in to_ascii for PostgreSQL 7.2.x, and 7.3.x before 7.3.4, allows remote attackers to execute arbitrary code. | ||||
| CVE-2003-0934 | 1 Symbol Technologies | 1 Pdt | 2025-04-03 | N/A |
| Symbol Access Portable Data Terminal (PDT) 8100 does not hide the default WEP keys if they are not changed, which could allow attackers to retrieve the keys and gain access to the wireless network. | ||||