Total
316 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2003-1491 | 1 Kerio | 1 Personal Firewall | 2025-04-03 | N/A |
| Kerio Personal Firewall (KPF) 2.1.4 has a default rule to accept incoming packets from DNS (UDP port 53), which allows remote attackers to bypass the firewall filters via packets with a source port of 53. | ||||
| CVE-2004-0605 | 2 Ircd-hybrid, Ircd-ratbox | 2 Ircd-hybrid, Ircd-ratbox | 2025-04-03 | N/A |
| Non-registered IRC users using (1) ircd-hybrid 7.0.1 and earlier, (2) ircd-ratbox 1.5.1 and earlier, or (3) ircd-ratbox 2.0rc6 and earlier do not have a rate-limit imposed, which could allow remote attackers to cause a denial of service by repeatedly making requests, which are slowly dequeued. | ||||
| CVE-2004-2687 | 2 Apple, Samba | 2 Xcode, Samba | 2025-04-03 | N/A |
| distcc 2.x, as used in XCode 1.5 and others, when not configured to restrict access to the server port, allows remote attackers to execute arbitrary commands via compilation jobs, which are executed by the server without authorization checks. | ||||
| CVE-2004-2692 | 1 Kyberdigi Labs | 1 Php-exec-dir | 2025-04-03 | N/A |
| The exec_dir PHP patch (php-exec-dir) 4.3.2 through 4.3.7 with safe mode disabled allows remote attackers to bypass restrictions and execute arbitrary commands via a backtick operator, which is not handled using the php_escape_shell_cmd function. | ||||
| CVE-2004-2760 | 1 Openbsd | 1 Openssh | 2025-04-03 | N/A |
| sshd in OpenSSH 3.5p1, when PermitRootLogin is disabled, immediately closes the TCP connection after a root login attempt with the correct password, but leaves the connection open after an attempt with an incorrect password, which makes it easier for remote attackers to guess the password by observing the connection state, a different vulnerability than CVE-2003-0190. NOTE: it could be argued that in most environments, this does not cross privilege boundaries without requiring leverage of a separate vulnerability. | ||||
| CVE-2005-0197 | 1 Cisco | 1 Ios | 2025-04-03 | N/A |
| Cisco IOS 12.1T, 12.2, 12.2T, 12.3 and 12.3T, with Multi Protocol Label Switching (MPLS) installed but disabled, allows remote attackers to cause a denial of service (device reload) via a crafted packet sent to the disabled interface. | ||||
| CVE-2005-4837 | 3 Net-snmp, Redhat, Sourceforge | 3 Net-snmp, Enterprise Linux, Net-snmp | 2025-04-03 | N/A |
| snmp_api.c in snmpd in Net-SNMP 5.2.x before 5.2.2, 5.1.x before 5.1.3, and 5.0.x before 5.0.10.2, when running in master agentx mode, allows remote attackers to cause a denial of service (crash) by causing a particular TCP disconnect, which triggers a free of an incorrect variable, a different vulnerability than CVE-2005-2177. | ||||
| CVE-2006-2363 | 1 Limbo Cms | 1 Limbo Cms | 2025-04-03 | N/A |
| SQL injection vulnerability in the weblinks option (weblinks.html.php) in Limbo CMS allows remote attackers to execute arbitrary SQL commands via the catid parameter. | ||||
| CVE-2006-3291 | 1 Cisco | 1 Ios | 2025-04-03 | N/A |
| The web interface on Cisco IOS 12.3(8)JA and 12.3(8)JA1, as used on the Cisco Wireless Access Point and Wireless Bridge, reconfigures itself when it is changed to use the "Local User List Only (Individual Passwords)" setting, which removes all security and password configurations and allows remote attackers to access the system. | ||||
| CVE-2006-3677 | 2 Mozilla, Redhat | 3 Firefox, Seamonkey, Enterprise Linux | 2025-04-03 | N/A |
| Mozilla Firefox 1.5 before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote attackers to execute arbitrary code by changing certain properties of the window navigator object (window.navigator) that are accessed when Java starts up, which causes a crash that leads to code execution. | ||||
| CVE-2006-0848 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | N/A |
| The "Open 'safe' files after downloading" option in Safari on Apple Mac OS X allows remote user-assisted attackers to execute arbitrary commands by tricking a user into downloading a __MACOSX folder that contains metadata (resource fork) that invokes the Terminal, which automatically interprets the script using bash, as demonstrated using a ZIP file that contains a script with a safe file extension. | ||||
| CVE-1999-0725 | 1 Microsoft | 1 Internet Information Server | 2025-04-03 | N/A |
| When IIS is run with a default language of Chinese, Korean, or Japanese, it allows a remote attacker to view the source code of certain files, a.k.a. "Double Byte Code Page". | ||||
| CVE-2024-42031 | 1 Huawei | 2 Emui, Harmonyos | 2025-03-19 | 7.5 High |
| Access permission verification vulnerability in the Settings module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | ||||
| CVE-2024-54099 | 1 Huawei | 2 Emui, Harmonyos | 2025-01-10 | 6.7 Medium |
| File replacement vulnerability on some devices Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality. | ||||
| CVE-2023-33105 | 1 Qualcomm | 298 Ar8035, Ar8035 Firmware, Ar9380 and 295 more | 2025-01-10 | 7.5 High |
| Transient DOS in WLAN Host and Firmware when large number of open authentication frames are sent with an invalid transaction sequence number. | ||||
| CVE-2018-11922 | 1 Qualcomm | 44 215, 215 Firmware, Mdm9206 and 41 more | 2025-01-09 | 7.5 High |
| Wrong configuration in Touch Pal application can collect user behavior data without awareness by the user. | ||||
| CVE-2024-32991 | 1 Huawei | 2 Emui, Harmonyos | 2024-12-11 | 7.5 High |
| Permission verification vulnerability in the wpa_supplicant module Impact: Successful exploitation of this vulnerability will affect availability. | ||||
| CVE-2024-46909 | 1 Progress | 1 Whatsup Gold | 2024-12-10 | 9.8 Critical |
| In WhatsUp Gold versions released before 2024.0.1, a remote unauthenticated attacker could leverage this vulnerability to execute code in the context of the service account. | ||||
| CVE-2023-52719 | 1 Huawei | 2 Emui, Harmonyos | 2024-12-09 | 7.1 High |
| Privilege escalation vulnerability in the PMS module Impact: Successful exploitation of this vulnerability may affect service confidentiality. | ||||
| CVE-2018-0275 | 1 Cisco | 1 Identity Services Engine | 2024-11-29 | N/A |
| A vulnerability in the support tunnel feature of Cisco Identity Services Engine (ISE) could allow an authenticated, local attacker to access the device's shell. The vulnerability is due to improper configuration of the support tunnel feature. An attacker could exploit this vulnerability by tricking the device into unlocking the support user account and accessing the tunnel password and device serial number. A successful exploit could allow the attacker to run any system command with root access. This affects Cisco Identity Services Engine (ISE) software versions prior to 2.2.0.470. Cisco Bug IDs: CSCvf54409. | ||||