Search Results (29815 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-0936 1 Frox 1 Frox 2025-04-03 N/A
Buffer overflow in Frox transparent FTP proxy 0.6.6 and earlier, with the local caching method selected, allows remote FTP servers to run arbitrary code via a long response to an MDTM request.
CVE-2001-0937 1 Matt Wright 1 Pgpmail.pl 2025-04-03 N/A
PGPMail.pl 1.31 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) recipient or (2) pgpuserid parameters.
CVE-2004-1225 1 Sugarcrm 1 Sugarcrm 2025-04-03 N/A
SQL injection vulnerability in SugarCRM Sugar Sales before 2.0.1a allows remote attackers to execute arbitrary SQL commands and gain privileges via the record parameter in a DetailView action to index.php, and record parameters in other functionality.
CVE-2001-0946 1 Redhat 1 Linux 2025-04-03 N/A
apmscript in Apmd in Red Hat 7.2 "Enigma" allows local users to create or change the modification dates of arbitrary files via a symlink attack on the LOW_POWER temporary file, which could be used to cause a denial of service, e.g. by creating /etc/nologin and disabling logins.
CVE-2004-1228 1 Sugarcrm 1 Sugar Sales 2025-04-03 N/A
The install scripts in SugarCRM Sugar Sales 2.0.1c and earlier are not removed after installation, which allows attackers to obtain the MySQL administrative password in cleartext from an installation form, or to cause a denial of service by changing database settings to the default.
CVE-2001-0953 1 Nara Vision 1 Kebi Community 2025-04-03 N/A
Kebi WebMail allows remote attackers to access the administrator menu and gain privileges via the /a/ hidden directory, which is installed under the web document root.
CVE-2002-2266 1 Netscreen 1 Screenos 2025-04-03 N/A
NetScreen ScreenOS 2.8 through 4.0, when forwarding H.323 or Netmeeting traffic, allows remote attackers to cause a denial of service (firewall session table consumption) by establishing multiple half-open H.323 sessions, which are not cleaned up on garbage removal and do not time out for 36 hours.
CVE-2006-3481 1 Joomla 1 Joomla 2025-04-03 N/A
Multiple SQL injection vulnerabilities in Joomla! before 1.0.10 allow remote attackers to execute arbitrary SQL commands via unspecified parameters involving the (1) "Remember Me" function, (2) "Related Items" module, and the (3) "Weblinks submission".
CVE-2001-0955 1 Xfree86 Project 1 X11r6 2025-04-03 N/A
Buffer overflow in fbglyph.c in XFree86 before 4.2.0, related to glyph clipping for large origins, allows attackers to cause a denial of service and possibly gain privileges via a large number of characters, possibly through the web page search form of KDE Konqueror or from an xterm command with a long title.
CVE-2004-1232 1 Gadu-gadu 1 Gadu-gadu Instant Messenger 2025-04-03 N/A
Stack-based buffer overflow in the code that sends images in Gadu-Gadu allows remote attackers to execute arbitrary code via a large image filename.
CVE-2005-3942 1 Greywyvern 1 Orca Knowledgebase 2025-04-03 N/A
SQL injection vulnerability in knowledgebase-control.php in Orca Knowledgebase 2.1b and earlier allows remote attackers to execute arbitrary SQL commands via the qid parameter.
CVE-2006-0852 1 Devscripts 1 Admbook 2025-04-03 N/A
Direct static code injection vulnerability in write.php in Admbook 1.2.2 and earlier allows remote attackers to execute arbitrary PHP code via the X-Forwarded-For HTTP header field, which is inserted into content-data.php.
CVE-2004-1256 1 Abcmidi 1 Abcmidi 2025-04-03 N/A
Multiple buffer overflows in the (1) event_text and (2) event_specific functions in abc2midi 2004.12.04 allow remote attackers to execute arbitrary code via crafted ABC files.
CVE-2005-3950 1 Nufw 1 Nufw 2025-04-03 N/A
nuauth in NuFW 1.0.x before 1.0.16 and 1.1 allows authenticated users to cause a denial of service via malformed packets.
CVE-2006-3491 1 Christophe Thibault 1 Kaillera 2025-04-03 N/A
Stack-based buffer overflow in Kaillera Server 0.86 and earlier allows remote attackers to execute arbitrary code via a long nickname.
CVE-2006-3492 1 Mico 1 Mico 2025-04-03 N/A
The CORBA::ORBInvokeRec::set_answer_invoke function in orb.cc in MICO (Mico Is CORBA) 2.3.12 and earlier allows remote attackers to cause a denial of service (application crash) via a message with an incorrect "object key", which triggers an assert error.
CVE-2006-3508 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-03 N/A
Heap-based buffer overflow in the AirPort wireless driver on Apple Mac OS X 10.4.7 allows physically proximate attackers to cause a denial of service (crash), gain privileges, and execute arbitrary code via a crafted frame that is not properly handled during scan cache updates.
CVE-2001-0966 1 Nudester.org 1 Nudester 2025-04-03 N/A
Directory traversal vulnerability in Nudester 1.10 and earlier allows remote attackers to read or write arbitrary files via a .. (dot dot) in the CD (CWD) command.
CVE-2002-1386 1 Ehud Gavron 1 Tracesroute 2025-04-03 N/A
Buffer overflow in traceroute-nanog (aka traceroute-ng) may allow local users to execute arbitrary code via a long hostname argument.
CVE-2002-1388 1 Mhonarc 1 Mhonarc 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in MHonArc before 2.5.14 allows remote attackers to inject arbitrary HTML into web archive pages via HTML mail messages.