Total
29855 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-0444 | 1 Gtksee | 1 Gtksee | 2026-04-16 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in GTKSee 0.5 and 0.5.1 allows remote attackers to execute arbitrary code via a PNG image of certain color depths. | |||||
| CVE-2005-3321 | 2 Novell, Suse | 2 Suse Linux, Suse Linux | 2026-04-16 | 4.6 MEDIUM | N/A |
| chkstat in SuSE Linux 9.0 through 10.0 allows local users to modify permissions of files by creating a hardlink to a file from a world-writable directory, which can cause the link count to drop to 1 when the file is deleted or replaced, which is then modified by chkstat to use weaker permissions. | |||||
| CVE-2002-2081 | 1 Microsoft | 2 Site Server, Site Server Commerce | 2026-04-16 | 5.0 MEDIUM | N/A |
| cphost.dll in Microsoft Site Server 3.0 allows remote attackers to cause a denial of service (disk consumption) via an HTTP POST of a file with a long TargetURL parameter, which causes Site Server to abort and leaves the uploaded file in c:\temp. | |||||
| CVE-2002-0481 | 1 Microsoft | 1 Outlook | 2026-04-16 | 5.1 MEDIUM | N/A |
| An interaction between Windows Media Player (WMP) and Outlook 2002 allows remote attackers to bypass Outlook security settings and execute Javascript via an IFRAME in an HTML email message that references .WMS (Windows Media Skin) or other WMP media files, whose onload handlers execute the player.LaunchURL() Javascript function. | |||||
| CVE-2003-0733 | 1 Bea | 3 Liquid Data, Weblogic Integration, Weblogic Server | 2026-04-16 | 6.8 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in WebLogic Integration 7.0 and 2.0, Liquid Data 1.1, and WebLogic Server and Express 5.1 through 7.0, allow remote attackers to execute arbitrary web script and steal authentication credentials via (1) a forward instruction to the Servlet container or (2) other vulnerabilities in the WebLogic Server console application. | |||||
| CVE-1999-0389 | 1 Debian | 1 Debian Linux | 2026-04-16 | 7.2 HIGH | N/A |
| Buffer overflow in the bootp server in the Debian Linux netstd package. | |||||
| CVE-1999-1466 | 1 Cisco | 1 Ios | 2026-04-16 | 7.5 HIGH | N/A |
| Vulnerability in Cisco routers versions 8.2 through 9.1 allows remote attackers to bypass access control lists when extended IP access lists are used on certain interfaces, the IP route cache is enabled, and the access list uses the "established" keyword. | |||||
| CVE-2005-0157 | 1 Smartlist | 1 Smartlist | 2026-04-16 | 7.5 HIGH | N/A |
| The confirm add-on in SmartList 3.15 and earlier allows attackers to subscribe arbitrary e-mail addresses by using a valid cookie that specifies an address other than the address for which the cookie was assigned. | |||||
| CVE-2002-0779 | 1 Novell | 1 Bordermanager | 2026-04-16 | 5.0 MEDIUM | N/A |
| FTP proxy server for Novell BorderManager 3.6 SP 1a allows remote attackers to cause a denial of service (network connectivity loss) via a connection to port 21 with a large amount of random data. | |||||
| CVE-2002-2220 | 1 Chetcpasswd | 1 Chetcpasswd | 2026-04-16 | 6.2 MEDIUM | N/A |
| Buffer overflow in Pedro Lineu Orso chetcpasswd before 1.12, when configured for access from 0.0.0.0, allows local users to gain privileges via unspecified vectors. | |||||
| CVE-2004-0228 | 1 Linux | 1 Linux Kernel | 2026-04-16 | 7.2 HIGH | N/A |
| Integer signedness error in the cpufreq proc handler (cpufreq_procctl) in Linux kernel 2.6 allows local users to gain privileges. | |||||
| CVE-2002-1632 | 1 Oracle | 1 Application Server | 2026-04-16 | 6.4 MEDIUM | N/A |
| Oracle 9i Application Server (9iAS) installs multiple sample pages that allow remote attackers to obtain environment variables and other sensitive information via (1) info.jsp, (2) printenv, (3) echo, or (4) echo2. | |||||
| CVE-2006-1806 | 1 Musicbox | 1 Musicbox | 2026-04-16 | 2.6 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Musicbox 2.3.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the term parameter in a search action. | |||||
| CVE-2003-1288 | 1 Vserver | 1 Linux-vserver | 2026-04-16 | 5.0 MEDIUM | N/A |
| Multiple race conditions in Linux-VServer 1.22 with Linux kernel 2.4.23 and SMP allow local users to cause a denial of service (kernel oops) via unknown attack vectors related to the (1) s_info and (2) ip_info data structures and the (a) forget_original_parent, (b) goodness, (c) schedule, (d) update_process_times, and (e) vc_new_s_context functions. | |||||
| CVE-2000-0427 | 1 Aladdin Knowledge Systems | 1 Etoken | 2026-04-16 | 4.6 MEDIUM | N/A |
| The Aladdin Knowledge Systems eToken device allows attackers with physical access to the device to obtain sensitive information without knowing the PIN of the owner by resetting the PIN in the EEPROM. | |||||
| CVE-2002-0655 | 3 Apple, Openssl, Oracle | 5 Mac Os X, Openssl, Application Server and 2 more | 2026-04-16 | 7.5 HIGH | N/A |
| OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, does not properly handle ASCII representations of integers on 64 bit platforms, which could allow attackers to cause a denial of service and possibly execute arbitrary code. | |||||
| CVE-2006-4192 | 1 Modplug | 1 Tracker | 2026-04-16 | 5.1 MEDIUM | N/A |
| Multiple buffer overflows in MODPlug Tracker (OpenMPT) 1.17.02.43 and earlier and libmodplug 0.8 and earlier, as used in GStreamer and possibly other products, allow user-assisted remote attackers to execute arbitrary code via (1) long strings in ITP files used by the CSoundFile::ReadITProject function in soundlib/Load_it.cpp and (2) crafted modules used by the CSoundFile::ReadSample function in soundlib/Sndfile.cpp, as demonstrated by crafted AMF files. | |||||
| CVE-2005-3897 | 1 Apple | 1 Safari | 2026-04-16 | 7.8 HIGH | N/A |
| Apple Safari 2.0.2 allows remote attackers to cause a denial of service (system slowdown) via a Javascript BODY onload event that calls the window function. | |||||
| CVE-2002-1605 | 1 Hp | 2 Hp-ux, Tru64 | 2026-04-16 | 7.5 HIGH | N/A |
| Buffer overflow in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows attackers to execute arbitrary code via a long _XKB_CHARSET environment variable to (1) dxpause, (2) dxconsole, or (3) dtsession. | |||||
| CVE-2005-1579 | 1 Apple | 1 Quicktime | 2026-04-16 | 5.0 MEDIUM | N/A |
| Apple QuickTime Player 7.0 on Mac OS X 10.4 allows remote attackers to obtain sensitive information via a .mov file with a Quartz Composer composition (.qtz) file that uses certain patches to read local information, then other patches to send the information to the attacker. | |||||