Total
29855 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-2450 | 1 Libvncserver | 1 Libvncserver | 2026-04-16 | 7.5 HIGH | N/A |
| auth.c in LibVNCServer 0.7.1 allows remote attackers to bypass authentication via a request in which the client specifies an insecure security type such as "Type 1 - None", which is accepted even if it is not offered by the server, a different issue than CVE-2006-2369. | |||||
| CVE-2005-2866 | 1 Mercora | 1 Imradio | 2026-04-16 | 4.6 MEDIUM | N/A |
| Mercora IMRadio 4.0.0.0 stores usernames and passwords in plaintext in the MercoraClient\Profiles registry key, which allows local users to gain privileges. | |||||
| CVE-1999-0260 | 1 Renaud Deraison | 1 Jj | 2026-04-16 | 7.5 HIGH | N/A |
| The jj CGI program allows command execution via shell metacharacters. | |||||
| CVE-1999-1215 | 1 Novell | 1 Netware | 2026-04-16 | 4.6 MEDIUM | N/A |
| LOGIN.EXE program in Novell Netware 4.0 and 4.01 temporarily writes user name and password information to disk, which could allow local users to gain privileges. | |||||
| CVE-2005-2562 | 1 Gravity Board X Development Team | 1 Gravity Board X | 2026-04-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Gravity Board X (GBX) 1.1 allows remote attackers to execute arbitrary SQL commands and bypass authentication via the login field. | |||||
| CVE-2005-4404 | 1 Media2 Cms | 1 Media2 Cms Shop | 2026-04-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in default.asp in Media2 CMS Shop 18.x allows remote attackers to execute arbitrary SQL commands via the item parameter. NOTE: the provenance of this issue is unknown; the details were obtained solely from third party sources. | |||||
| CVE-2001-1507 | 1 Openbsd | 1 Openssh | 2026-04-16 | 7.5 HIGH | N/A |
| OpenSSH before 3.0.1 with Kerberos V enabled does not properly authenticate users, which could allow remote attackers to login unchallenged. | |||||
| CVE-2006-3095 | 1 Ipostmx | 1 Ipostmx 2005 | 2026-04-16 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in iPostMX 2005 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the RETURNURL parameter in (1) userlogin.cfm and (2) account.cfm. | |||||
| CVE-2005-0533 | 1 Trend Micro | 15 Client-server-messaging Suite Smb, Client-server Suite Smb, Control Manager and 12 more | 2026-04-16 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in Trend Micro AntiVirus Library VSAPI before 7.510, as used in multiple Trend Micro products, allows remote attackers to execute arbitrary code via a crafted ARJ file with long header file names that modify pointers within a structure. | |||||
| CVE-2004-2230 | 1 Openbsd | 1 Openbsd | 2026-04-16 | 2.1 LOW | N/A |
| Heap-based buffer overflow in isakmpd on OpenBSD 3.4 through 3.6 allows local users to cause a denial of service (panic) and corrupt memory via IPSEC credentials on a socket. | |||||
| CVE-2005-1616 | 1 Ultimate Php Board | 1 Ultimate Php Board | 2026-04-16 | 7.5 HIGH | N/A |
| viewforum.php in Ultimate PHP Board (UPB) 1.8 through 1.9.6 allows remote attackers to obtain sensitive information via an invalid (1) id or possibly (2) postorder parameter, which reveals the path in an error message when a file can not be opened. | |||||
| CVE-2005-3132 | 2 Icewarp, Merak | 2 Web Mail, Mail Server | 2026-04-16 | 5.0 MEDIUM | N/A |
| MERAK Mail Server 8.2.4r with Icewarp Web Mail 5.5.1, and possibly earlier versions, allows remote attackers to obtain sensitive information via a direct request to bwlist_inc.html, which reveals the path in an error message. | |||||
| CVE-2001-0280 | 1 Atrium Software | 1 Mercur | 2026-04-16 | 10.0 HIGH | N/A |
| Buffer overflow in MERCUR SMTP server 3.30 allows remote attackers to execute arbitrary commands via a long EXPN command. | |||||
| CVE-2006-1028 | 1 Joomla | 1 Joomla | 2026-04-16 | 7.8 HIGH | N/A |
| feedcreator.class.php (aka the syndication component) in Joomla! 1.0.7 allows remote attackers to cause a denial of service (stressed file cache) by creating many files via filenames in the feed parameter to index.php. | |||||
| CVE-2001-0365 | 1 Qualcomm | 1 Eudora | 2026-04-16 | 7.5 HIGH | N/A |
| Eudora before 5.1 allows a remote attacker to execute arbitrary code, when the 'Use Microsoft Viewer' and 'allow executables in HTML content' options are enabled, via an HTML email message containing Javascript, with ActiveX controls and malicious code within IMG tags. | |||||
| CVE-2004-1963 | 1 Freshmeat | 1 Network Query Tool | 2026-04-16 | 5.0 MEDIUM | N/A |
| nqt.php in Network Query Tool (NQT) 1.6 allows remote attackers to obtain sensitive information via a string in the portNum parameter, which reveals the full path in an error message. | |||||
| CVE-2006-0620 | 1 Qnx | 1 Rtos | 2026-04-16 | 6.2 MEDIUM | N/A |
| Race condition in phfont in QNX Neutrino RTOS 6.2.1 allows local users to execute arbitrary code via unspecified manipulations of the PHFONT and PHOTON2_PATH environment variables. | |||||
| CVE-2005-1099 | 1 Salim Gasmi | 1 Gld | 2026-04-16 | 10.0 HIGH | N/A |
| Multiple buffer overflows in the HandleChild function in server.c in Greylisting daemon (GLD) 1.3 and 1.4, when GLD is listening on a network interface, allow remote attackers to execute arbitrary code. | |||||
| CVE-2000-0204 | 1 Trend Micro | 1 Officescan | 2026-04-16 | 5.0 MEDIUM | N/A |
| The Trend Micro OfficeScan client allows remote attackers to cause a denial of service by making 5 connections to port 12345, which raises CPU utilization to 100%. | |||||
| CVE-2006-3808 | 1 Mozilla | 2 Firefox, Seamonkey | 2026-04-16 | 7.5 HIGH | N/A |
| Mozilla Firefox before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote Proxy AutoConfig (PAC) servers to execute code with elevated privileges via a PAC script that sets the FindProxyForURL function to an eval method on a privileged object. | |||||