Total
29854 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-1629 | 1 Openvpn | 2 Openvpn, Openvpn Access Server | 2026-04-16 | 9.0 HIGH | N/A |
| OpenVPN 2.0 through 2.0.5 allows remote malicious servers to execute arbitrary code on the client by using setenv with the LD_PRELOAD environment variable. | |||||
| CVE-2006-1803 | 1 Phpmyadmin | 1 Phpmyadmin | 2026-04-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in sql.php in phpMyAdmin 2.7.0-pl1 allows remote attackers to inject arbitrary web script or HTML via the sql_query parameter. | |||||
| CVE-2004-0404 | 1 Psionic | 1 Logcheck | 2026-04-16 | 1.2 LOW | N/A |
| logcheck before 1.1.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary directory in /var/tmp. | |||||
| CVE-2003-1075 | 1 Sun | 2 Solaris, Sunos | 2026-04-16 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in the FTP server (in.ftpd) for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (temporary FTP server hang), which affects other active mode FTP clients. | |||||
| CVE-2003-0966 | 1 Elm Development Group | 1 Elm | 2026-04-16 | 7.5 HIGH | N/A |
| Buffer overflow in the frm command in elm 2.5.6 and earlier, and possibly later versions, allows remote attackers to execute arbitrary code via a long Subject line. | |||||
| CVE-2006-2206 | 1 Ultravnc | 1 Ultravnc | 2026-04-16 | 10.0 HIGH | N/A |
| The MS-Logon authentication scheme in UltraVNC (aka Ultr@VNC) 1.0.1 uses weak encryption (XOR) for challenge/response, which allows remote attackers to gain privileges by sniffing and decrypting passwords. | |||||
| CVE-2006-4102 | 1 Falko Timme And Till Brehm | 1 Sqlitewebadmin | 2026-04-16 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in tpl.inc.php in Falko Timme and Till Brehm SQLiteWebAdmin 0.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the conf[classpath] parameter. | |||||
| CVE-2000-0318 | 1 Atrium Software | 1 Mercur Mailserver | 2026-04-16 | 7.5 HIGH | N/A |
| Atrium Mercur Mail Server 3.2 allows local attackers to read other user's email and create arbitrary files via a dot dot (..) attack. | |||||
| CVE-2004-1194 | 1 Lucasarts | 1 Star Wars Battlefront | 2026-04-16 | 5.0 MEDIUM | N/A |
| Buffer overflow in Star Wars Battlefront 1.11 and earlier allows remote attackers to cause a denial of service (application crash) via a long nickname. | |||||
| CVE-2005-0963 | 1 Toshiba | 1 Acpi Flash Bios | 2026-04-16 | 2.1 LOW | N/A |
| An error in the Toshiba ACPI BIOS 1.6 causes the BIOS to only examine the first slot in the Master Boot Record (MBR) table for an active partition, which prevents the system from booting even though the MBR is not malformed. NOTE: it has been debated as to whether or not this issue poses a security vulnerability, since administrative privileges would be required, and other DoS attacks are possible with such privileges. | |||||
| CVE-2002-1671 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | 5.0 MEDIUM | N/A |
| Microsoft Internet Explorer 5.0, 5.01, and 5.5 allows remote attackers to monitor the contents of the clipboard via the getData method of the clipboardData object. | |||||
| CVE-2006-3346 | 1 Carlos Sanchez Valle | 1 Mynewsgroups | 2026-04-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in tree.php in MyNewsGroups 0.6 allows remote attackers to execute arbitrary SQL commands via the grp_id parameter. | |||||
| CVE-2006-3289 | 1 Cisco | 1 Wireless Control System | 2026-04-16 | 2.6 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in the login page of the HTTP interface for the Cisco Wireless Control System (WCS) for Linux and Windows before 3.2(51) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving a "malicious URL". | |||||
| CVE-2006-1200 | 1 Daverave | 1 Link Bank | 2026-04-16 | 7.5 HIGH | N/A |
| Direct static code injection vulnerability in add_link.txt in daverave Link Bank allows remote attackers to execute arbitrary PHP code via the url_name parameter, which is not sanitized before being stored in links.txt, which is later used in an include statement. | |||||
| CVE-2001-1441 | 1 Ibm | 1 Visualage For Java | 2026-04-16 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in VisualAge for Java 3.5 Professional allows remote attackers to execute JavaScript on other clients via the URL, which injects the script in the resulting error message. | |||||
| CVE-2003-0914 | 9 Compaq, Freebsd, Hp and 6 more | 10 Tru64, Freebsd, Hp-ux and 7 more | 2026-04-16 | 4.3 MEDIUM | N/A |
| ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value. | |||||
| CVE-2001-1409 | 1 Xfree86 Project | 1 Xfree86 X Server | 2026-04-16 | 3.6 LOW | N/A |
| dexconf in XFree86 Xserver 4.1.0-2 creates the /dev/dri directory with insecure permissions (666), which allows local users to replace or create files in the root file system. | |||||
| CVE-2001-0345 | 1 Microsoft | 1 Windows 2000 | 2026-04-16 | 5.0 MEDIUM | N/A |
| Microsoft Windows 2000 telnet service allows attackers to prevent idle Telnet sessions from timing out, causing a denial of service by creating a large number of idle sessions. | |||||
| CVE-1999-1318 | 1 Sun | 1 Sunos | 2026-04-16 | 7.2 HIGH | N/A |
| /usr/5bin/su in SunOS 4.1.3 and earlier uses a search path that includes the current working directory (.), which allows local users to gain privileges via Trojan horse programs. | |||||
| CVE-2000-0719 | 1 Varicad | 1 Varicad | 2026-04-16 | 6.2 MEDIUM | N/A |
| VariCAD 7.0 is installed with world-writeable files, which allows local users to replace the VariCAD programs with a Trojan horse program. | |||||