Total
29855 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-2217 | 1 Comscripts | 1 Web Server Creator | 2026-04-16 | 7.5 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Web Server Creator - Web Portal (WSC-WebPortal) 0.1 allow remote attackers to execute arbitrary PHP code via a URL in the (1) l parameter to customize.php or the (2) pg parameter to index.php. | |||||
| CVE-2002-0280 | 1 Codeblue | 1 Codeblue | 2026-04-16 | 7.5 HIGH | N/A |
| Buffer overflow in CodeBlue 4 and earlier, and possibly other versions, allows remote attackers to execute arbitrary code via a long string in an SMTP reply. | |||||
| CVE-2005-0831 | 1 Php-post | 1 Php-post Web Forum | 2026-04-16 | 5.0 MEDIUM | N/A |
| PHP-Post allows remote attackers to spoof the names of other users by registering with a username containing hex-encoded characters. | |||||
| CVE-2000-0339 | 1 Zonelabs | 1 Zonealarm | 2026-04-16 | 7.5 HIGH | N/A |
| ZoneAlarm 2.1.10 and earlier does not filter UDP packets with a source port of 67, which allows remote attackers to bypass the firewall rules. | |||||
| CVE-2006-4763 | 1 Ibm | 1 Lotus Domino Web Access | 2026-04-16 | 7.5 HIGH | N/A |
| IBM Lotus Domino Web Access (DWA) 7.0.1 does not expire a client's Lightweight Third-Party Authentication token (LtpaToken) upon logout, which allows remote attackers to obtain a user's privileges by intercepting the LtpaToken cookie. | |||||
| CVE-2003-0886 | 1 Hylafax | 1 Hylafax | 2026-04-16 | 10.0 HIGH | N/A |
| Format string vulnerability in hfaxd for Hylafax 4.1.7 and earlier allows remote attackers to execute arbitrary code. | |||||
| CVE-1999-1591 | 1 Microsoft | 2 Internet Information Server, Visual Interdev | 2026-04-16 | 7.5 HIGH | N/A |
| Microsoft Internet Information Services (IIS) server 4.0 SP4, without certain hotfixes released for SP4, does not require authentication credentials under certain conditions, which allows remote attackers to bypass authentication requirements, as demonstrated by connecting via Microsoft Visual InterDev 6.0. | |||||
| CVE-1999-1252 | 1 Sco | 1 Unixware | 2026-04-16 | 7.2 HIGH | N/A |
| Vulnerability in a certain system call in SCO UnixWare 2.0.x and 2.1.0 allows local users to access arbitrary files and gain root privileges. | |||||
| CVE-1999-1563 | 1 Nachuatec | 2 D435, D445 | 2026-04-16 | 5.0 MEDIUM | N/A |
| Nachuatec D435 and D445 printer allows remote attackers to cause a denial of service via ICMP redirect storm. | |||||
| CVE-2000-0159 | 1 Hp | 1 Hp-ux | 2026-04-16 | 7.5 HIGH | N/A |
| HP Ignite-UX does not save /etc/passwd when it creates an image of a trusted system, which can set the password field to a blank and allow an attacker to gain privileges. | |||||
| CVE-2006-2849 | 1 Andrew Godwin | 1 Bytehoard | 2026-04-16 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in includes/webdav/server.php in Bytehoard 2.1 Epsilon/Delta allows remote attackers to execute arbitrary PHP code via a URL in the bhconfig[bhfilepath] parameter. | |||||
| CVE-2002-0230 | 1 Faq-o-matic | 1 Faq-o-matic | 2026-04-16 | 5.0 MEDIUM | N/A |
| Cross-site scripting vulnerability in fom.cgi of Faq-O-Matic 2.712 allows remote attackers to execute arbitrary Javascript on other clients via the cmd parameter, which causes the script to be inserted into an error message. | |||||
| CVE-2005-1042 | 1 Php | 1 Php | 2026-04-16 | 7.5 HIGH | N/A |
| Integer overflow in the exif_process_IFD_TAG function in exif.c in PHP before 4.3.11 may allow remote attackers to execute arbitrary code via an IFD tag that leads to a negative byte count. | |||||
| CVE-2001-0886 | 2 Debian, Redhat | 2 Debian Linux, Linux | 2026-04-16 | 4.6 MEDIUM | N/A |
| Buffer overflow in glob function of glibc allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a glob pattern that ends in a brace "{" character. | |||||
| CVE-2003-0956 | 1 Linux | 1 Linux Kernel | 2026-04-16 | 2.6 LOW | N/A |
| Multiple race conditions in the handling of O_DIRECT in Linux kernel prior to version 2.4.22 could cause stale data to be returned from the disk when handling sparse files, or cause incorrect data to be returned when a file is truncated as it is being read, which might allow local users to obtain sensitive data that was originally owned by other users, a different vulnerability than CVE-2003-0018. | |||||
| CVE-2000-0718 | 1 Mandrakesoft | 1 Mandrake Linux | 2026-04-16 | 1.2 LOW | N/A |
| A race condition in MandrakeUpdate allows local users to modify RPM files while they are in the /tmp directory before they are installed. | |||||
| CVE-2002-1295 | 1 Microsoft | 1 Java Virtual Machine | 2026-04-16 | 7.5 HIGH | N/A |
| The Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to cause a denial of service (crash) and possibly conduct other unauthorized activities via applet tags in HTML that bypass Java class restrictions (such as private constructors) by providing the class name in the code parameter, aka "Incomplete Java Object Instantiation Vulnerability." | |||||
| CVE-2005-4809 | 1 Mozilla | 3 Firefox, Mozilla, Thunderbird | 2026-04-16 | 5.0 MEDIUM | N/A |
| Mozilla Firefox 1.0.1 and possibly other versions, including Mozilla and Thunderbird, allows remote attackers to spoof the URL in the Status Bar via an A HREF tag that contains a TABLE tag that contains another A tag. | |||||
| CVE-2006-0600 | 1 Stefan Ritt | 1 Elog Web Logbook | 2026-04-16 | 5.0 MEDIUM | N/A |
| elog before 2.5.7 r1558-4 allows remote attackers to cause a denial of service (infinite redirection) via a request with the fail parameter set to 1, which redirects to the same request. | |||||
| CVE-2003-1033 | 1 Sap | 1 Sap Db | 2026-04-16 | 7.2 HIGH | N/A |
| The (1) instdbmsrv and (2) instlserver programs in SAP DB Development Tools 7.x trust the user-provided INSTROOT environment variable as a path when assigning setuid permissions to the lserver program, which allows local users to gain root privileges via a modified INSTROOT that points to a malicious dbmsrv or lserver program. | |||||