Search Results (29815 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2003-0121 1 Clearswift 1 Mailsweeper 2025-04-03 N/A
Clearswift MAILsweeper 4.x allows remote attackers to bypass attachment detection via an attachment that does not specify a MIME-Version header field, which is processed by some mail clients.
CVE-2004-0494 2 Avaya, Redhat 4 Cvlan, Enterprise Linux, Enterprise Linux Desktop and 1 more 2025-04-03 N/A
Multiple extfs backend scripts for GNOME virtual file system (VFS) before 1.0.1 may allow remote attackers to perform certain unauthorized actions via a gnome-vfs URI.
CVE-2002-1094 1 Cisco 2 Vpn 3000 Concentrator Series Software, Vpn 3002 Hardware Client 2025-04-03 N/A
Information leaks in Cisco VPN 3000 Concentrator 2.x.x and 3.x.x before 3.5.4 allow remote attackers to obtain potentially sensitive information via the (1) SSH banner, (2) FTP banner, or (3) an incorrect HTTP request.
CVE-2006-4716 1 Fire Soft Board 1 Fire Soft Board 2025-04-03 N/A
PHP remote file inclusion vulnerability in demarrage.php in Fire Soft Board (FSB) RC3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the racine parameter.
CVE-2006-4723 1 Raidenhttpd 1 Raidenhttpd 2025-04-03 N/A
PHP remote file inclusion vulnerability in raidenhttpd-admin/slice/check.php in RaidenHTTPD 1.1.49, when register_globals and WebAdmin is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the SoftParserFileXml parameter.
CVE-2006-4724 1 Adobe 1 Coldfusion 2025-04-03 N/A
Unspecified vulnerability in the ColdFusion Flash Remoting Gateway in Adobe ColdFusion MX 7 and 7.01 allows remote attackers to cause a denial of service (infinite loop) via unspecified vectors involving a crafted command.
CVE-2006-4725 1 Adobe 1 Coldfusion 2025-04-03 N/A
Adobe ColdFusion MX 7 and 7.01 allows local users to bypass security restrictions and call components (CFC) within a sandbox from CFML templates that are located outside of the sandbox.
CVE-2006-4726 1 Adobe 1 Coldfusion 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in Adobe ColdFusion MX 6.1 through 7.02 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving a ColdFusion error page.
CVE-2006-4733 1 Sips 1 Sips 2025-04-03 N/A
PHP remote file inclusion vulnerability in sipssys/code/box.inc.php in Haakon Nilsen simple, integrated publishing system (SIPS) 0.3.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the config[sipssys] parameter. NOTE: the product's documentation recommends placing the affected file outside of the web root, so the scope of issue is limited to admins who do not, or cannot, follow this recommendation.
CVE-2005-1760 1 Redhat 4 Enterprise Linux, Enterprise Linux Desktop, Linux Advanced Workstation and 1 more 2025-04-03 N/A
sysreport 1.3.15 and earlier includes contents of the up2date file in a report, which leaks the password for a proxy server in plaintext and allows local users to gain privileges.
CVE-2005-1679 1 Timo Rossi 1 Picasm 2025-04-03 N/A
Stack-based buffer overflow in the error directive in picasm 1.12b and earlier allows attackers to execute arbitrary code via a long error message.
CVE-1999-1418 1 Mirabilis 1 Icq Web Front 2025-04-03 N/A
ICQ99 ICQ web server build 1701 with "Active Homepage" enabled generates allows remote attackers to determine the existence of files on the server by comparing server responses when a file exists ("404 Forbidden") versus when a file does not exist ("404 not found").
CVE-2006-1939 2 Ethereal Group, Redhat 2 Ethereal, Enterprise Linux 2025-04-03 N/A
Multiple unspecified vulnerabilities in Ethereal 0.9.x up to 0.10.14 allow remote attackers to cause a denial of service (crash from null dereference) via (1) an invalid display filter, or the (2) GSM SMS, (3) ASN.1-based, (4) DCERPC NT, (5) PER, (6) RPC, (7) DCERPC, and (8) ASN.1 dissectors.
CVE-2005-1665 1 Microsoft 1 Asp.net 2025-04-03 N/A
The __VIEWSTATE functionality in Microsoft ASP.NET 1.x, when not cryptographically signed, allows remote attackers to cause a denial of service (CPU consumption) via deeply nested markup.
CVE-2006-1349 1 Musicbox 1 Musicbox 2025-04-03 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Musicbox 2.3 Beta 2 allow remote attackers to inject arbitrary web script or HTML via the (1) id and (2) type and (3) show parameters in a top action in (a) index.php; and the (4) message1 parameter in (b) cart.php.
CVE-2004-2527 1 Microsoft 2 Windows 2003 Server, Windows Xp 2025-04-03 N/A
The local and remote desktop login screens in Microsoft Windows XP before SP2 and 2003 allow remote attackers to cause a denial of service (CPU and memory consumption) by repeatedly using the WinKey+"U" key combination, which causes multiple copies of Windows Utility Manager to be loaded more quickly than they can be closed when the copies detect that another instance is running.
CVE-2000-0046 1 Mirabilis 1 Icq 2025-04-03 N/A
Buffer overflow in ICQ 99b 1.1.1.1 client allows remote attackers to execute commands via a malformed URL within an ICQ message.
CVE-2006-2795 1 Xiti 1 Xiti Tracking Script 2025-04-03 N/A
Multiple cross-site scripting (XSS) vulnerabilities in XiTi Tracking Script 6 and 7 RC allow remote attackers to inject arbitrary web script or HTML via (1) the xtref parameter in xiti.js and (2) an HTTP Referer header field. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2005-1397 1 Php-calendar 1 Php-calendar 2025-04-03 N/A
SQL injection vulnerability in search.php for PHP-Calendar before 0.10.3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
CVE-2004-2588 1 Xmb Software 1 Xmb Forum 2025-04-03 N/A
Intentional information leak in phpinfo.php in XMB (aka extreme message board) 1.9 beta (aka Nexus beta) allows remote attackers to obtain sensitive information such as the configuration of the web server and the PHP application.