Search Results (29815 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2003-0941 1 Sap 1 Sap Db 2025-04-03 N/A
web-tools in SAP DB before 7.4.03.30 allows remote attackers to access the Web Agent Administration pages and modify configuration via a direct request to waadmin.wa.
CVE-2005-3331 1 Rogers Software Source 1 Mgdiff Patch Viewer 2025-04-03 N/A
viewpatch in mgdiff 1.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files.
CVE-2006-1332 1 Phpoutsourcing 1 Noahs Classifieds 2025-04-03 N/A
Noah's Classifieds 1.3 and earlier allows remote attackers to obtain sensitive information via an invalid list parameter in the showdetails method to index.php, which reveals the path in an error message.
CVE-2003-0945 1 Sap 1 Sap Db 2025-04-03 N/A
The Web Database Manager in web-tools for SAP DB before 7.4.03.30 generates predictable session IDs, which allows remote attackers to conduct unauthorized activities.
CVE-2005-3332 1 Belchior Foundry 1 Vcard 2025-04-03 N/A
PHP remote file include vulnerability in admin/define.inc.php in Belchior Foundry vCard 2.9 allows remote attackers to execute arbitrary PHP code via the match parameter.
CVE-2006-1333 1 Betaparticle 1 Betaparticle Blog 2025-04-03 N/A
Multiple SQL injection vulnerabilities in BetaParticle Blog 6.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to template_permalink.asp or (2) fldGalleryID parameter to template_gallery_detail.asp.
CVE-2001-0442 1 David Harris 1 Mercury Nlm 2025-04-03 N/A
Buffer overflow in Mercury MTA POP3 server for NetWare 1.48 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long APOP command.
CVE-2005-3334 1 Flyspray 1 Flyspray 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in index.php in Flyspray 0.9.7 through 0.9.8 (devel) allows remote attackers to inject arbitrary web script or HTML via the (1) PHPSESSID, (2) task, (3) string, (4) type, (5) serv, (6) due, (7) dev, and (8) sort2 parameters.
CVE-2001-0444 1 Cisco 1 Cbos 2025-04-03 N/A
Cisco CBOS 2.3.0.053 sends output of the "sh nat" (aka "show nat") command to the terminal of the next user who attempts to connect to the router via telnet, which could allow that user to obtain sensitive information.
CVE-2003-0956 1 Linux 1 Linux Kernel 2025-04-03 N/A
Multiple race conditions in the handling of O_DIRECT in Linux kernel prior to version 2.4.22 could cause stale data to be returned from the disk when handling sparse files, or cause incorrect data to be returned when a file is truncated as it is being read, which might allow local users to obtain sensitive data that was originally owned by other users, a different vulnerability than CVE-2003-0018.
CVE-2005-3335 1 Mantis 1 Mantis 2025-04-03 N/A
PHP file inclusion vulnerability in bug_sponsorship_list_view_inc.php in Mantis 1.0.0RC2 and 0.19.2 allows remote attackers to execute arbitrary PHP code and include arbitrary local files via the t_core_path parameter.
CVE-2003-0959 1 Linux 1 Linux Kernel 2025-04-03 N/A
Multiple integer overflows in the 32bit emulation for AMD64 architectures in Linux 2.4 kernel before 2.4.21 allows attackers to cause a denial of service or gain root privileges via unspecified vectors that trigger copy_from_user function calls with improper length arguments.
CVE-2001-0453 1 Brs 1 Webweaver 2025-04-03 N/A
Directory traversal vulnerability in BRS WebWeaver HTTP server allows remote attackers to read arbitrary files via a .. (dot dot) attack in the (1) syshelp, (2) sysimages, or (3) scripts directories.
CVE-2003-0960 1 Openca 1 Openca 2025-04-03 N/A
OpenCA before 0.9.1.4 does not use the correct certificate in a chain to check the serial, which could cause OpenCA to accept revoked or expired certificates.
CVE-2005-3337 1 Mantis 1 Mantis 2025-04-03 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Mantis before 0.19.3 allow remote attackers to inject arbitrary web script or HTML via (1) unknown vectors involving Javascript and (2) mantis/view_all_set.php.
CVE-2003-0966 2 Elm Development Group, Redhat 2 Elm, Enterprise Linux 2025-04-03 N/A
Buffer overflow in the frm command in elm 2.5.6 and earlier, and possibly later versions, allows remote attackers to execute arbitrary code via a long Subject line.
CVE-2005-3338 1 Mantis 1 Mantis 2025-04-03 N/A
Unspecified vulnerability in Mantis before 0.19.3, when using reminders, causes Mantis to display the real email addresses of users.
CVE-2001-0455 1 Cisco 1 Aironet 340 2025-04-03 N/A
Cisco Aironet 340 Series wireless bridge before 8.55 does not properly disable access to the web interface, which allows remote attackers to modify its configuration.
CVE-2003-0970 1 Sun 1 Sun Fire 2025-04-03 N/A
The Network Management Port on Sun Fire B1600 systems allows remote attackers to cause a denial of service (packet loss) via ARP packets, which cause all ports to become temporarily disabled.
CVE-2003-0972 1 Gnu 1 Screen 2025-04-03 N/A
Integer signedness error in ansi.c for GNU screen 4.0.1 and earlier, and 3.9.15 and earlier, allows local users to execute arbitrary code via a large number of ";" (semicolon) characters in escape sequences, which leads to a buffer overflow.