Search Results (29815 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-0525 2 Php, Redhat 2 Php, Enterprise Linux 2025-04-03 N/A
The php_next_marker function in image.c for PHP 4.2.2, 4.3.9, 4.3.10 and 5.0.3, as reachable by the getimagesize PHP function, allows remote attackers to cause a denial of service (infinite loop) via a JPEG image with an invalid marker value, which causes a negative length value to be passed to php_stream_seek.
CVE-2005-0750 5 Conectiva, Linux, Redhat and 2 more 8 Linux, Linux Kernel, Enterprise Linux and 5 more 2025-04-03 N/A
The bluez_sock_create function in the Bluetooth stack for Linux kernel 2.4.6 through 2.4.30-rc1 and 2.6 through 2.6.11.5 allows local users to gain privileges via (1) socket or (2) socketpair call with a negative protocol value.
CVE-2005-1043 7 Apple, Conectiva, Peachtree and 4 more 8 Mac Os X, Mac Os X Server, Linux and 5 more 2025-04-03 N/A
exif.c in PHP before 4.3.11 allows remote attackers to cause a denial of service (memory consumption and crash) via an EXIF header with a large IFD nesting level, which causes significant stack recursion.
CVE-2005-1978 1 Microsoft 3 Windows 2000, Windows 2003 Server, Windows Xp 2025-04-03 N/A
COM+ in Microsoft Windows does not properly "create and use memory structures," which allows local users or remote attackers to execute arbitrary code.
CVE-2006-4445 1 Cutephp 1 Cutenews 2025-04-03 N/A
Multiple PHP remote file inclusion vulnerabilities in CuteNews 1.3.x allow remote attackers to execute arbitrary PHP code via a URL in the cutepath parameter to (1) show_news.php or (2) search.php. NOTE: CVE analysis as of 20060829 has not identified any scenarios in which these vectors could result in remote file inclusion
CVE-2005-1980 1 Microsoft 3 Windows 2000, Windows 2003 Server, Windows Xp 2025-04-03 N/A
Distributed Transaction Controller in Microsoft Windows allows remote servers to cause a denial of service (MSDTC service hang) via a crafted Transaction Internet Protocol (TIP) message that causes DTC to repeatedly connect to a target IP and port number after an error occurs, aka the "Distributed TIP Vulnerability."
CVE-2005-2117 1 Microsoft 4 Windows 2000, Windows 2003 Server, Windows Explorer and 1 more 2025-04-03 N/A
Web View in Windows Explorer on Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 does not properly handle certain HTML characters in preview fields, which allows remote user-assisted attackers to execute arbitrary code.
CVE-2005-2558 2 Mysql, Oracle 2 Mysql, Mysql 2025-04-03 N/A
Stack-based buffer overflow in the init_syms function in MySQL 4.0 before 4.0.25, 4.1 before 4.1.13, and 5.0 before 5.0.7-beta allows remote authenticated users who can create user-defined functions to execute arbitrary code via a long function_name field.
CVE-2005-2573 2 Mysql, Oracle 2 Mysql, Mysql 2025-04-03 N/A
The mysql_create_function function in sql_udf.cc for MySQL 4.0 before 4.0.25, 4.1 before 4.1.13, and 5.0 before 5.0.7-beta, when running on Windows, uses an incomplete blacklist in a directory traversal check, which allows attackers to include arbitrary files via the backslash (\) character.
CVE-2005-1815 1 Hummingbird 1 Connectivity 2025-04-03 N/A
Multiple buffer overflows in Hummingbird Connectivity inetD 10.0.0.1 and 9.0.0.4 allows attackers to cause a denial of service and possibly execute arbitrary code via (1) an FTP command with a long argument to FTPD (ftpdw.exe) or (2) a large amount of data to LPD (Lpdw.exe).
CVE-2005-3176 1 Microsoft 1 Windows 2000 2025-04-03 N/A
Microsoft Windows 2000 before Update Rollup 1 for SP4 does not record the IP address of a Windows Terminal Services client in a security log event if the client connects successfully, which could make it easier for attackers to escape detection.
CVE-2005-3389 2 Php, Redhat 4 Php, Enterprise Linux, Rhel Stronghold and 1 more 2025-04-03 N/A
The parse_str function in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5, when called with only one parameter, allows remote attackers to enable the register_globals directive via inputs that cause a request to be terminated due to the memory_limit setting, which causes PHP to set an internal flag that enables register_globals and allows attackers to exploit vulnerabilities in PHP applications that would otherwise be protected.
CVE-2005-3390 2 Php, Redhat 4 Php, Enterprise Linux, Rhel Stronghold and 1 more 2025-04-03 N/A
The RFC1867 file upload feature in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5, when register_globals is enabled, allows remote attackers to modify the GLOBALS array and bypass security protections of PHP applications via a multipart/form-data POST request with a "GLOBALS" fileupload field.
CVE-2005-3392 1 Php 1 Php 2025-04-03 N/A
Unspecified vulnerability in PHP before 4.4.1, when using the virtual function on Apache 2, allows remote attackers to bypass safe_mode and open_basedir directives.
CVE-2006-0195 2 Redhat, Squirrelmail 2 Enterprise Linux, Squirrelmail 2025-04-03 N/A
Interpretation conflict in the MagicHTML filter in SquirrelMail 1.4.0 to 1.4.5 allows remote attackers to conduct cross-site scripting (XSS) attacks via style sheet specifiers with invalid (1) "/*" and "*/" comments, or (2) a newline in a "url" specifier, which is processed by certain web browsers including Internet Explorer.
CVE-2006-0376 1 Microsoft 3 Windows 2000, Windows 2003 Server, Windows Xp 2025-04-03 N/A
The 802.11 wireless client in certain operating systems including Windows 2000, Windows XP, and Windows Server 2003 does not warn the user when (1) it establishes an association with a station in ad hoc (aka peer-to-peer) mode or (2) a station in ad hoc mode establishes an association with it, which allows remote attackers to put unexpected wireless communication into place.
CVE-2006-0377 2 Redhat, Squirrelmail 2 Enterprise Linux, Squirrelmail 2025-04-03 N/A
CRLF injection vulnerability in SquirrelMail 1.4.0 to 1.4.5 allows remote attackers to inject arbitrary IMAP commands via newline characters in the mailbox parameter of the sqimap_mailbox_select command, aka "IMAP injection."
CVE-2006-0814 1 Lighttpd 1 Lighttpd 2025-04-03 N/A
response.c in Lighttpd 1.4.10 and possibly previous versions, when run on Windows, allows remote attackers to read arbitrary source code via requests that contain trailing (1) "." (dot) and (2) space characters, which are ignored by Windows, as demonstrated by PHP files.
CVE-2006-1014 1 Php 1 Php 2025-04-03 N/A
Argument injection vulnerability in certain PHP 4.x and 5.x applications, when used with sendmail and when accepting remote input for the additional_parameters argument to the mb_send_mail function, allows context-dependent attackers to read and create arbitrary files by providing extra -C and -X arguments to sendmail. NOTE: it could be argued that this is a class of technology-specific vulnerability, instead of a particular instance; if so, then this should not be included in CVE.
CVE-2006-1015 1 Php 1 Php 2025-04-03 N/A
Argument injection vulnerability in certain PHP 3.x, 4.x, and 5.x applications, when used with sendmail and when accepting remote input for the additional_parameters argument to the mail function, allows remote attackers to read and create arbitrary files via the sendmail -C and -X arguments. NOTE: it could be argued that this is a class of technology-specific vulnerability, instead of a particular instance; if so, then this should not be included in CVE.