Search Results (29815 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-3827 1 Agileco 1 Agilebill 2025-04-03 N/A
SQL injection vulnerability in product_cat in AgileBill 1.4.92 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2002-1020 1 Adobe 1 Adobe Content Server 2025-04-03 N/A
The library feature for Adobe Content Server 3.0 allows a remote attacker to check out an eBook even when the maximum number of loans is exceeded by accessing the "Add to bookbag" feature when the server reports that no more copies are available.
CVE-2005-3212 1 Eset Software 1 Nod32 Antivirus 2025-04-03 N/A
Multiple interpretation error in unspecified versions of NOD32 Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper.
CVE-1999-0508 2025-04-03 N/A
An account on a router, firewall, or other network device has a default, null, blank, or missing password.
CVE-2005-3228 1 Ikarus 1 Ikarus Antivirus 2025-04-03 N/A
Multiple interpretation error in unspecified versions of Ikarus AntiVirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper.
CVE-2005-3236 1 Cynox 1 Cyphor 2025-04-03 N/A
Multiple SQL injection vulnerabilities in Cyphor 0.19 allow remote attackers to execute arbitrary SQL and obtain administrative access via (1) the fid parameter of newmsg.php, which can enable XSS attacks when the SQL syntax is invalid or (2) the nick parameter of lostpwd.php.
CVE-2005-3245 2 Ethereal Group, Redhat 2 Ethereal, Enterprise Linux 2025-04-03 N/A
Unspecified vulnerability in the ONC RPC dissector in Ethereal 0.10.3 to 0.10.12, when the "Dissect unknown RPC program numbers" option is enabled, allows remote attackers to cause a denial of service (memory consumption).
CVE-2005-3309 1 Zomplog 1 Zomplog 2025-04-03 N/A
Multiple SQL injection vulnerabilities in Zomplog 3.4 allow remote attackers to execute arbitrary SQL commands via (1) the id parameter in detail.php and the catid parameter in (2) get.php and (3) index.php.
CVE-2001-0846 1 Lotus 1 Domino 2025-04-03 N/A
Lotus Domino 5.x allows remote attackers to read files or execute arbitrary code by requesting the ReplicaID of the Web Administrator template file (webadmin.ntf).
CVE-2001-0847 1 Lotus 1 Domino Web Server 2025-04-03 N/A
Lotus Domino Web Server 5.x allows remote attackers to gain sensitive information by accessing the default navigator $defaultNav via (1) URL encoding the request, or (2) directly requesting the ReplicaID.
CVE-2005-3829 1 Activecampaign 1 Knowledgebuilder 2025-04-03 N/A
index.php in ActiveCampaign KnowledgeBuilder 2.4 and earlier allows remote attackers to cause a denial of service (CPU consumption) via an invalid category parameter, which causes a large number of SQL queries to be processed.
CVE-2006-0827 1 Xerox 6 Workcentre 232, Workcentre 238, Workcentre 245 and 3 more 2025-04-03 N/A
Cross-site scripting vulnerability in ESS/ Network Controller and MicroServer Web Server in Xerox WorkCentre Pro and Xerox WorkCentre running software 13.027.24.015 and 14.027.24.015 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors.
CVE-2002-0855 2 Gnu, Redhat 5 Mailman, Enterprise Linux, Linux and 2 more 2025-04-03 N/A
Cross-site scripting vulnerability in Mailman before 2.0.12 allows remote attackers to execute script as other users via a subscriber's list subscription options in the (1) adminpw or (2) info parameters to the ml-name feature.
CVE-2004-1021 1 Apple 1 Ical 2025-04-03 N/A
iCal before 1.5.4 on Mac OS X 10.2.3, and other later versions, does not alert the user when handling calendars that use alarms, which allows attackers to execute programs and send e-mail via alarms.
CVE-2004-0803 9 Apple, Kde, Libtiff and 6 more 13 Mac Os X, Mac Os X Server, Kde and 10 more 2025-04-03 N/A
Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer overflows, allow remote attackers to execute arbitrary code via TIFF files.
CVE-2004-0817 9 Conectiva, Enlightenment, Imagemagick and 6 more 16 Linux, Imlib, Imlib2 and 13 more 2025-04-03 N/A
Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file.
CVE-2004-0827 9 Conectiva, Enlightenment, Imagemagick and 6 more 14 Linux, Imlib, Imlib2 and 11 more 2025-04-03 N/A
Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3) DIB files.
CVE-2004-0883 5 Linux, Redhat, Suse and 2 more 8 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop and 5 more 2025-04-03 N/A
Multiple vulnerabilities in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 allow remote samba servers to cause a denial of service (crash) or gain sensitive information from kernel memory via a samba server (1) returning more data than requested to the smb_proc_read function, (2) returning a data offset from outside the samba packet to the smb_proc_readX function, (3) sending a certain TRANS2 fragmented packet to the smb_receive_trans2 function, (4) sending a samba packet with a certain header size to the smb_proc_readX_data function, or (5) sending a certain packet based offset for the data in a packet to the smb_receive_trans2 function.
CVE-2004-0886 9 Apple, Kde, Libtiff and 6 more 13 Mac Os X, Mac Os X Server, Kde and 10 more 2025-04-03 N/A
Multiple integer overflows in libtiff 3.6.1 and earlier allow remote attackers to cause a denial of service (crash or memory corruption) via TIFF images that lead to incorrect malloc calls.
CVE-2004-1004 6 Debian, Gentoo, Midnight Commander and 3 more 8 Debian Linux, Linux, Midnight Commander and 5 more 2025-04-03 N/A
Multiple format string vulnerabilities in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact.