Search Results (29815 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-1019 1 Ukiweb 1 Ukiboard 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in fce.php in UKiBoard 3.0.1 allows remote attackers to inject arbitrary web script or HTML via a BBCode url tag when using the show_post function. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information, some of which reference a source URL that appears to be for an unrelated issue.
CVE-2001-1557 1 Ibm 1 Aix 2025-04-03 N/A
Buffer overflow in ftpd in IBM AIX 4.3 and 5.1 allows attackers to gain privileges.
CVE-2006-1021 1 Pehepe 2 Membership Management System, Uyelik Sistemi 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in sol_menu.php in PeHePe Uyelik Sistemi (aka PeHePe MemberShip Management System) 3 allows remote attackers to inject arbitrary web script or HTML via the kuladi parameter ($kul_adi variable).
CVE-2006-1025 1 Addsoft 1 Storebot 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in manage.asp in Addsoft StoreBot 2002 Standard allows remote attackers to inject arbitrary web script or HTML via the ShipMethod parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2006-1026 1 Jfacets 1 Jfacets 2025-04-03 N/A
JFacets before 0.2 allows remote attackers to gain privileges as any account via a GET request with a modified account profileID.
CVE-2006-1028 1 Joomla 1 Joomla 2025-04-03 N/A
feedcreator.class.php (aka the syndication component) in Joomla! 1.0.7 allows remote attackers to cause a denial of service (stressed file cache) by creating many files via filenames in the feed parameter to index.php.
CVE-2005-0071 1 Vdr 1 Vdr 2025-04-03 N/A
vdr before 1.2.6 does not securely create files, which allows attackers to overwrite arbitrary files.
CVE-2002-1029 1 Worldspan 1 Res Manager 2025-04-03 N/A
Res Manager in Worldspan for Windows Gateway 4.1 allows remote attackers to cause a denial of service (crash) via a malformed request to TCP port 17990.
CVE-2005-0072 1 Ejoy And Hu Yong 1 Zhcon 2025-04-03 N/A
zhcon before 0.2 does not drop privileges before reading a user configuration file, which allows local users to read arbitrary files.
CVE-2001-1563 2 Apache, Hp 2 Tomcat, Secure Os 2025-04-03 N/A
Unknown vulnerability in Tomcat 3.2.1 running on HP Secure OS for Linux 1.0 allows attackers to access servlet resources. NOTE: due to the vagueness of the vendor advisory, it is not clear whether this issue is already covered by other CVE identifiers.
CVE-2005-0078 3 Debian, Kde, Redhat 5 Debian Linux, Kde, Enterprise Linux and 2 more 2025-04-03 N/A
The KDE screen saver in KDE before 3.0.5 does not properly check the return value from a certain function call, which allows attackers with physical access to cause a crash and access the desktop session.
CVE-2001-1565 1 Apple 1 Mac Os X 2025-04-03 N/A
Point to Point Protocol daemon (pppd) in MacOS x 10.0 and 10.1 through 10.1.5 provides the username and password on the command line, which allows local users to obtain authentication information via the ps command.
CVE-2002-1039 1 Michael Dean 1 Double Choco Latte 2025-04-03 N/A
Directory traversal vulnerability in Double Choco Latte (DCL) before 20020706 allows remote attackers to read arbitrary files via .. (dot dot) sequences when downloading files from the Projects: Attachments feature.
CVE-2005-0082 1 Mysql 1 Maxdb 2025-04-03 N/A
The sapdbwa_GetUserData function in MySQL MaxDB 7.5.0.0, and other versions before 7.5.0.21, allows remote attackers to cause a denial of service (crash) via invalid parameters to the WebDAV handler code, which triggers a null dereference that causes the SAP DB Web Agent to crash.
CVE-2005-0176 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2025-04-03 N/A
The shmctl function in Linux 2.6.9 and earlier allows local users to unlock the memory of other processes, which could cause sensitive memory to be swapped to disk, which could allow it to be read by other users once it has been released.
CVE-2005-4506 1 Nexus Concepts 1 Dev Hound 2025-04-03 N/A
Nexus Concepts Dev Hound 2.24 and earlier stores username and password information in cleartext in the devhound.tdbd file, which allows local users to gain privileges.
CVE-2005-0185 1 Mnet Soft Factory 1 Nodemanager Professional 2025-04-03 N/A
Stack-based buffer overflow in NodeManager Professional 2.00 allows remote attackers to execute arbitrary commands via a LinkDown-Trap packet that contains a long OCTET-STRING in the Trap variable-bindings field.
CVE-2005-4508 1 Nexus Concepts 1 Dev Hound 2025-04-03 N/A
Nexus Concepts Dev Hound 2.24 and earlier allows remote attackers to obtain the installation path via a URL containing a non-existent .dll file.
CVE-2005-0192 1 Realnetworks 2 Realone Player, Realplayer 2025-04-03 N/A
Directory traversal vulnerability in the parsing of Skin file names in RealPlayer 10.5 (6.0.12.1040) and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in an RJS filename.
CVE-2005-0193 1 Isync 1 Mrouter 2025-04-03 N/A
Buffer overflow in the (1) -v and (2) -a switches in mRouter in iSync 1.5 in Mac OS X 10.3.7 and earlier allows local users to execute arbitrary code.