Total
29855 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-4330 | 1 Wireshark | 1 Wireshark | 2026-04-16 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the SCSI dissector in Wireshark (formerly Ethereal) 0.99.2 allows remote attackers to cause a denial of service (crash) via unspecified vectors. | |||||
| CVE-2004-0785 | 1 Rob Flynn | 1 Gaim | 2026-04-16 | 7.5 HIGH | N/A |
| Multiple buffer overflows in Gaim before 0.82 allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) Rich Text Format (RTF) messages, (2) a long hostname for the local system as obtained from DNS, or (3) a long URL that is not properly handled by the URL decoder. | |||||
| CVE-1999-0928 | 1 Smartdesk | 1 Websuite | 2026-04-16 | 5.0 MEDIUM | N/A |
| Buffer overflow in SmartDesk WebSuite allows remote attackers to cause a denial of service via a long URL. | |||||
| CVE-1999-0784 | 1 Oracle | 1 Database Server | 2026-04-16 | 5.0 MEDIUM | N/A |
| Denial of service in Oracle TNSLSNR SQL*Net Listener via a malformed string to the listener port, aka NERP. | |||||
| CVE-1999-0608 | 1 Pdgsoft | 1 Pdg Shopping Cart | 2026-04-16 | 5.0 MEDIUM | N/A |
| An incorrect configuration of the PDG Shopping Cart CGI program "shopper.cgi" could disclose private information. | |||||
| CVE-2004-2377 | 1 Alcatel | 2 Omniswitch, Omniswitch 7800 | 2026-04-16 | 5.0 MEDIUM | N/A |
| Alcatel OmniSwitch 7000 and 7800 allows remote attackers to cause a denial of service (reboot) via certain network scans, as demonstrated using a Nessus port scan of ports 1 through 1024 with safe-checks disabled. | |||||
| CVE-2003-1139 | 1 Musicqueue | 1 Musicqueue | 2026-04-16 | 5.0 MEDIUM | N/A |
| Musicqueue 1.2.0 allows local users to overwrite arbitrary files by triggering a segmentation fault and using a symlink attack on the resulting musicqueue.crash file. | |||||
| CVE-2006-1077 | 1 Evo-dev | 1 Evoblog | 2026-04-16 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the commentary in Evo-Dev evoBlog allow remote attackers to inject arbitrary web script or HTML via (1) the name parameter and (2) other unspecified parameters. | |||||
| CVE-2002-0857 | 1 Oracle | 2 Database Server, Oracle8i | 2026-04-16 | 7.5 HIGH | N/A |
| Format string vulnerabilities in Oracle Listener Control utility (lsnrctl) for Oracle 9.2 and 9.0, 8.1, and 7.3.4, allow remote attackers to execute arbitrary code on the Oracle DBA system by placing format strings into certain entries in the listener.ora configuration file. | |||||
| CVE-2004-1885 | 1 Progress | 1 Ws Ftp Server | 2026-04-16 | 7.2 HIGH | N/A |
| Ipswitch WS_FTP Server 4.0.2 allows remote authenticated users to execute arbitrary programs as SYSTEM by using the SITE command to modify certain iFtpSvc options that are handled by iftpmgr.exe. | |||||
| CVE-2005-1909 | 1 Software602 | 1 602lan Suite | 2026-04-16 | 4.3 MEDIUM | N/A |
| The web server control panel in 602LAN SUITE 2004 allows remote attackers to make it more difficult for the administrator to read portions of log files via a "</pre><!-" sequence in an HTTP GET request in the logon, possibly due to a cross-site scripting (XSS) vulnerability. | |||||
| CVE-2006-2067 | 1 Mkportal | 1 Mkportal | 2026-04-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in vb_board_functions.php in MKPortal 1.1, as used with vBulletin 3.5.4 and earlier, allows remote attackers to execute arbitrary SQL commands via the userid parameter. | |||||
| CVE-1999-1400 | 1 The Economist | 1 The Economist 1999 Screen Saver | 2026-04-16 | 2.1 LOW | N/A |
| The Economist screen saver 1999 with the "Password Protected" option enabled allows users with physical access to the machine to bypass the screen saver and read files by running Internet Explorer while the screen is still locked. | |||||
| CVE-2002-2126 | 1 Pedestal Software | 1 Integrity Protection Driver | 2026-04-16 | 2.1 LOW | N/A |
| restrictEnabled in Integrity Protection Driver (IPD) 1.2 delays driver installation for 20 minutes, which allows local users to insert malicious code by setting system clock to an earlier time. | |||||
| CVE-2005-2589 | 1 Linksys | 1 Wrt54gs | 2026-04-16 | 7.5 HIGH | N/A |
| Unknown vulnerability in Linksys WRT54GS wireless router with firmware 4.50.6, with WPA Personal/TKIP authentication enabled, allows remote clients to bypass authentication by connecting without using encryption. | |||||
| CVE-2004-1172 | 1 Symantec Veritas | 1 Backup Exec | 2026-04-16 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in the Agent Browser in Veritas Backup Exec 8.x before 8.60.3878 Hotfix 68, and 9.x before 9.1.4691 Hotfix 40, allows remote attackers to execute arbitrary code via a registration request with a long hostname. | |||||
| CVE-2005-4063 | 1 Netauctionhelp | 1 Netauctionhelp | 2026-04-16 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in NetAuctionHelp 3.0 and earlier allow remote attackers to inject arbitrary HTML and web script via the (1) L, (2) sort, (3) category, (4) categoryname parameters to search.asp. | |||||
| CVE-2002-1567 | 1 Apache | 1 Tomcat | 2026-04-16 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Apache Tomcat 4.1 allows remote attackers to execute arbitrary web script and steal cookies via a URL with encoded newlines followed by a request to a .jsp file whose name contains the script. | |||||
| CVE-2005-2430 | 1 Gforge | 1 Gforge | 2026-04-16 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in GForge 4.5 allow remote attackers to inject arbitrary web script or HTML via the (1) forum_id or (2) group_id parameter to forum.php, (3) project_task_id parameter to task.php, (4) id parameter to detail.php, (5) the text field on the search page, (6) group_id parameter to qrs.php, (7) form, (8) rows, (9) cols or (10) wrap parameter to notepad.php, or the login field on the login form. | |||||
| CVE-2006-1772 | 1 Debian | 1 Debian Linux | 2026-04-16 | 7.2 HIGH | N/A |
| debconf in Debian GNU/Linux, when configuring mnogosearch in the mnogosearch-common 3.2.31-1 package, uses the world-readable config.dat file instead of the restricted passwords.dat for storing the cleartext database administrator password in the mnogosearch-common/database_admin_pass record, which allows local users to view the password. | |||||