Total
29855 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-2061 | 1 Ubbcentral | 1 Ubb.threads | 2026-04-16 | 5.0 MEDIUM | N/A |
| Infopop UBB.Threads before 6.5.2 Beta allows remote attackers to include arbitrary files via the language parameter in a cookie followed by a null (%00) byte. | |||||
| CVE-2006-3861 | 1 Ibm | 1 Informix Dynamic Server | 2026-04-16 | 4.0 MEDIUM | N/A |
| IBM Informix Dynamic Server (IDS) before 9.40.xC7 and 10.00 before 10.00.xC3 does not use database creation permissions, which allows remote authenticated users to create arbitrary databases. | |||||
| CVE-2005-1823 | 1 Qualiteam | 1 X-cart | 2026-04-16 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Qualiteam X-Cart 4.0.8 allow remote attackers to inject arbitrary web script or HTML via the (1) cat or (2) printable parameter to home.php, (3) productid or (4) mode parameter to product.php, (5) id parameter to error_message.php, (6) section parameter to help.php, (7) mode parameter to orders.php, (8) mode parameter to register.php, (9) mode parameter to search.php, or the (10) gcid or (11) gcindex parameter to giftcert.php. | |||||
| CVE-2000-0239 | 1 Atrium Software | 3 Mercur Imap4 Server, Mercur Mailserver, Mercur Pop3 Server | 2026-04-16 | 5.0 MEDIUM | N/A |
| Buffer overflow in the MERCUR WebView WebMail server allows remote attackers to cause a denial of service via a long mail_user parameter in the GET request. | |||||
| CVE-2001-0783 | 1 Cisco | 1 Tftp Server | 2026-04-16 | 5.0 MEDIUM | N/A |
| Cisco TFTP server 1.1 allows remote attackers to read arbitrary files via a ..(dot dot) attack in the GET command. | |||||
| CVE-2005-0472 | 3 Mandrakesoft, Redhat, Rob Flynn | 5 Mandrake Linux, Mandrake Linux Corporate Server, Enterprise Linux and 2 more | 2026-04-16 | 5.0 MEDIUM | N/A |
| Gaim before 1.1.3 allows remote attackers to cause a denial of service (infinite loop) via malformed SNAC packets from (1) AIM or (2) ICQ. | |||||
| CVE-2002-0228 | 1 Microsoft | 1 Msn Messenger | 2026-04-16 | 5.0 MEDIUM | N/A |
| Microsoft MSN Messenger allows remote attackers to use Javascript that references an ActiveX object to obtain sensitive information such as display names and web site navigation, and possibly more when the user is connected to certain Microsoft sites (or DNS-spoofed sites). | |||||
| CVE-2001-1419 | 2 Aol, Cerulean Studios | 2 Instant Messenger, Trillian | 2026-04-16 | 5.0 MEDIUM | N/A |
| AOL Instant Messenger (AIM) 4.7.2480 and earlier allows remote attackers to cause a denial of service (application crash) via an instant message that contains a large amount of "<!--" HTML comments. | |||||
| CVE-2004-2540 | 1 Sun | 2 Jdk, Jre | 2026-04-16 | 5.0 MEDIUM | N/A |
| readObject in (1) Java Runtime Environment (JRE) and (2) Software Development Kit (SDK) 1.4.0 through 1.4.2_05 allows remote attackers to cause a denial of service (JVM unresponsive) via crafted serialized data. | |||||
| CVE-2000-0481 | 1 Kde | 1 K-mail | 2026-04-16 | 5.0 MEDIUM | N/A |
| Buffer overflow in KDE Kmail allows a remote attacker to cause a denial of service via an attachment with a long file name. | |||||
| CVE-2002-2051 | 1 Modlogan | 1 Modlogan | 2026-04-16 | 2.1 LOW | N/A |
| The processor_web plugin for ModLogAn 0.5.0 through 0.7.11, when used with the splitby option, allows local users to overwrite arbitrary files via a symlink attack on files specified as hostnames in a log file. | |||||
| CVE-2006-1761 | 1 Blursoft | 1 Blur6ex | 2026-04-16 | 2.6 LOW | N/A |
| Cross-site scripting vulnerability in index.php in blur6ex 0.3.452 allows remote attackers to inject arbitrary web script or HTML via the errormsg parameter, which is not sanitized in the error message. NOTE: the vector in the shard parameter is not XSS and has been assigned a separate name. | |||||
| CVE-2000-0410 | 1 Allaire | 1 Coldfusion Server | 2026-04-16 | 5.0 MEDIUM | N/A |
| ColdFusion Server 4.5.1 allows remote attackers to cause a denial of service by making repeated requests to a CFCACHE tagged cache file that is not stored in memory. | |||||
| CVE-1999-0462 | 1 Suse | 1 Suse Linux | 2026-04-16 | 7.2 HIGH | N/A |
| suidperl in Linux Perl does not check the nosuid mount option on file systems, allowing local users to gain root access by placing a setuid script in a mountable file system, e.g. a CD-ROM or floppy disk. | |||||
| CVE-2000-0292 | 1 Adtran | 1 Mx2800 | 2026-04-16 | 5.0 MEDIUM | N/A |
| The Adtran MX2800 M13 Multiplexer allows remote attackers to cause a denial of service via a ping flood to the Ethernet interface, which causes the device to crash. | |||||
| CVE-2005-3306 | 1 Flatnuke | 1 Flatnuke | 2026-04-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php for FlatNuke 2.5.6 allows remote attackers to inject arbitrary web script or HTML via the user parameter in a profile operation, a different vulnerability than CVE-2005-2814. NOTE: it is possible that this XSS is a resultant vulnerability of CVE-2005-3307. | |||||
| CVE-2006-4002 | 1 Drupal | 1 Drupal | 2026-04-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in user.module in Drupal 4.6 before 4.6.9, and 4.7 before 4.7.3, allows remote attackers to inject arbitrary web script or HTML via the msg parameter. NOTE: portions of these details are obtained from third party information. | |||||
| CVE-2001-0306 | 1 Itafrica | 1 Webactive | 2026-04-16 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in ITAfrica WEBactive HTTP Server 1.00 allows remote attackers to read arbitrary files via a .. (dot dot) in a URL. | |||||
| CVE-2005-4741 | 1 Netbsd | 1 Netbsd | 2026-04-16 | 7.5 HIGH | N/A |
| NetBSD 1.6, NetBSD 2.0 through 2.1, and NetBSD-current before 20051031 allows local users to gain privileges by attaching a debugger to a setuid/setgid (P_SUGID) process that performs an exec without a reset of real credentials. | |||||
| CVE-2001-0258 | 1 I-data International | 1 Easycom Safecom Print Server | 2026-04-16 | 5.0 MEDIUM | N/A |
| The Easycom/Safecom Print Server (firmware 404.590) PrintGuide server allows remote attackers to cause a denial of service via a large number of connections that send null characters. | |||||