Search Results (29815 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-2763 1 Openttd 1 Openttd 2025-04-03 N/A
Multiple format string vulnerabilities in OpenTTD before 0.4.0.1 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.
CVE-2005-2761 1 Phpgroupware 1 Phpgroupware 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in phpGroupWare 0.9.16.000 allows administrators to inject arbitrary web script or HTML by modifying the main screen message.
CVE-1999-0388 1 Datalynx 1 Suguard 2025-04-03 N/A
DataLynx suGuard trusts the PATH environment variable to execute the ps command, allowing local users to execute commands as root.
CVE-1999-0405 4 Debian, Freebsd, Redhat and 1 more 4 Debian Linux, Freebsd, Linux and 1 more 2025-04-03 N/A
A buffer overflow in lsof allows local users to obtain root privilege.
CVE-2006-1590 2 Kevin Johnson, Roman Danyliw 2 Basic Analysis And Security Engine, Analysis Console For Intrusion Databases \(acid\) 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in the PrintFreshPage function in (1) Basic Analysis and Security Engine (BASE) 1.2.4 and (2) Analysis Console for Intrusion Databases (ACID) 0.9.6b23 allows remote attackers to inject arbitrary web script or HTML via the (a) back parameter to base_graph_main.php, (b) netmask parameter to base_stat_ipaddr.php, or (c) submit parameter to base_qry_alert.php within BASE, or (d) query string to acid_main.php in ACID, which causes the request URI ($_SERVER['REQUEST_URI']) to be inserted into a refresh operation.
CVE-2005-2757 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-03 N/A
Heap-based buffer overflow in CoreFoundation in Mac OS X and OS X Server 10.4 through 10.4.3 allows remote attackers to execute arbitrary code via unknown attack vectors involving "validation of URLs."
CVE-2001-0040 1 Apc 1 Apcupsd 2025-04-03 N/A
APC UPS daemon, apcupsd, saves its process ID in a world-writable file, which allows local users to kill an arbitrary process by specifying the target process ID in the apcupsd.pid file.
CVE-2006-0128 1 Rockliffe 1 Mailsite 2025-04-03 N/A
Buffer overflow in the IMAP service of Rockliffe MailSite before 6.1.22.1 allows remote attackers to have an unknown impact via unknown attack vectors.
CVE-2002-0949 1 Telindus 1 Adsl Router 2025-04-03 N/A
Telindus 1100 series ADSL router allows remote attackers to gain privileges to the device via a certain packet to UDP port 9833, which generates a reply that includes the router's password and other sensitive information in cleartext.
CVE-2005-2756 1 Apple 1 Quicktime 2025-04-03 N/A
Apple QuickTime before 7.0.3 allows user-assisted attackers to overwrite memory and execute arbitrary code via a crafted PICT file that triggers an overflow during expansion.
CVE-2005-3743 1 Simplepoll 1 Simplepoll 2025-04-03 N/A
SQL injection vulnerability in results.php in SimplePoll allows remote attackers to execute arbitrary SQL commands via the pollid parameter.
CVE-1999-1499 1 Isc 1 Bind 2025-04-03 N/A
named in ISC BIND 4.9 and 8.1 allows local users to destroy files via a symlink attack on (1) named_dump.db when root kills the process with a SIGINT, or (2) named.stats when SIGIOT is used.
CVE-2005-3707 1 Apple 1 Quicktime 2025-04-03 N/A
Buffer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via crafted TGA image files.
CVE-2005-3702 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-03 N/A
Safari in Mac OS X and OS X Server 10.3.9 and 10.4.3 allows remote attackers to cause files to be downloaded to locations outside the download directory via a long file name.
CVE-2005-3998 1 Solupress 1 Solupress News 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in search.asp in Solupress News 1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the keywords parameter.
CVE-2005-3329 1 Rsa 1 Authentication Agent For Web 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in RSA Authentication Agent for Web 5.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the image parameter in a GetPic operation.
CVE-2005-3696 1 Arki-db 1 Arki-db 2025-04-03 N/A
SQL injection vulnerability in Arki-DB 1.0 and 2.0 allows remote attackers to execute arbitrary SQL commands via the catid parameter in a view action (view.php) to index.php.
CVE-2005-3695 1 Litespeed Technologies 1 Litespeed Web Server 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in admin/config/confMgr.php in LiteSpeed Web Server 2.1.5 allows remote attackers to inject arbitrary web script or HTML via the m parameter.
CVE-2006-0761 1 Rim 1 Blackberry Enterprise Server 2025-04-03 N/A
Buffer overflow in BlackBerry Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server 2.2 and 4.0 before SP3 Hotfix 4 for IBM Lotus Domino, 3.6 before SP7 and 5.0 before SP3 Hotfix 3 for Microsoft Exchangem, and 4.0 for Novell GroupWise before SP3 Hotfix 1 might allow user-assisted remote attackers to execute arbitrary code on the server via a crafted Microsoft Word document that is opened on a wireless device.
CVE-2006-0762 1 Winability 1 Folder Guard 2025-04-03 N/A
WinAbility Folder Guard 4.11 allows local users to gain unauthorized access to certain capabilities of the application by renaming or moving the password file (FGuard.FGP), which disables the password requirement.