Total
29854 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-3045 | 1 Teake Nutma | 1 Foing | 2026-04-16 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in manage_songs.php in Foing 0.7.0e and earlier allows remote attackers to execute arbitrary PHP code via a URL in the foing_root_path parameter. | |||||
| CVE-2006-0127 | 1 Rockliffe | 1 Mailsite | 2026-04-16 | 4.0 MEDIUM | N/A |
| Directory traversal vulnerability in the IMAP service of Rockliffe MailSite before 6.1.22.1 allows remote authenticated users to rename the folders of other users via a .. (dot dot) in the RENAME command. | |||||
| CVE-2006-1830 | 1 Sun | 1 Java Studio Enterprise | 2026-04-16 | 3.7 LOW | N/A |
| Sun Java Studio Enterprise 8, when installed as root, creates certain files with world-writable permissions, which allows local users to execute arbitrary commands via unspecified vectors. | |||||
| CVE-2004-0110 | 2 Sgi, Xmlsoft | 3 Propack, Libxml, Libxml2 | 2026-04-16 | 7.5 HIGH | N/A |
| Buffer overflow in the (1) nanohttp or (2) nanoftp modules in XMLSoft Libxml 2 (Libxml2) 2.6.0 through 2.6.5 allow remote attackers to execute arbitrary code via a long URL. | |||||
| CVE-2002-0658 | 1 Ossp | 1 Mm | 2026-04-16 | 6.2 MEDIUM | N/A |
| OSSP mm library (libmm) before 1.2.0 allows the local Apache user to gain privileges via temporary files, possibly via a symbolic link attack. | |||||
| CVE-2006-2921 | 1 Cmpro Team | 1 Clan Manager Pro | 2026-04-16 | 5.1 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in cmpro_header.inc.php in Clan Manager Pro (CMPRO) 1.1 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the (1) cm_ext_server and (2) sitepath parameters. | |||||
| CVE-2004-2170 | 1 Niti Telecom | 1 Caravan Business Server | 2026-04-16 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in sample_showcode.html in Caravan 2.00/03d and earlier allows remote attackers to read arbitrary files via the fname parameter. | |||||
| CVE-2006-2895 | 1 Mediawiki | 1 Mediawiki | 2026-04-16 | 2.6 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in MediaWiki 1.6.0 up to versions before 1.6.7 allows remote attackers to inject arbitrary HTML and web script via the edit form. | |||||
| CVE-2004-0117 | 1 Microsoft | 6 Netmeeting, Windows 2000, Windows 2003 Server and 3 more | 2026-04-16 | 7.5 HIGH | N/A |
| Unknown vulnerability in the H.323 protocol implementation in Windows 98, Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code. | |||||
| CVE-2005-0306 | 1 Mercuryboard | 1 Mercuryboard | 2026-04-16 | 5.0 MEDIUM | N/A |
| MercuryBoard 1.1.1 allows remote attackers to gain sensitive information via an HTTP request with the n parameter set to 0, which causes a divide-by-zero error and reveals the path in the resulting error message. | |||||
| CVE-1999-0705 | 2 Isc, Redhat | 2 Inn, Linux | 2026-04-16 | 7.5 HIGH | N/A |
| Buffer overflow in INN inews program. | |||||
| CVE-2004-2615 | 1 Cutephp | 1 Cutenews | 2026-04-16 | 4.6 MEDIUM | N/A |
| The documentation for CuteNews 1.3.6 and possibly other versions specifies that files under cutenews/data must be manually given world-writable permissions, which allows local users to insert false news, delete news, and possibly gain privileges or have other unknown impact. | |||||
| CVE-2006-2073 | 1 Isc | 1 Bind | 2026-04-16 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in ISC BIND allows remote attackers to cause a denial of service via a crafted DNS message with a "broken" TSIG, as demonstrated by the OUSPG PROTOS DNS test suite. | |||||
| CVE-2000-0403 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | 5.0 MEDIUM | N/A |
| The CIFS Computer Browser service on Windows NT 4.0 allows a remote attacker to cause a denial of service by sending a large number of host announcement requests to the master browse tables, aka the "HostAnnouncement Flooding" or "HostAnnouncement Frame" vulnerability. | |||||
| CVE-2004-1957 | 1 Postnuke Software Foundation | 1 Postnuke | 2026-04-16 | 2.6 LOW | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in PostNuke 0.726 allows remote attackers to inject arbitrary web script or HTML via the (1) lid and query parameters to the Downloads module, (2) query parameter to the Web_links module, or (3) hlpfile parameter to openwindow.php. | |||||
| CVE-1999-0071 | 1 Apache | 1 Http Server | 2026-04-16 | 7.5 HIGH | N/A |
| Apache httpd cookie buffer overflow for versions 1.1.1 and earlier. | |||||
| CVE-2003-0973 | 1 Apache | 1 Mod Python | 2026-04-16 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in mod_python 3.0.x before 3.0.4, and 2.7.x before 2.7.9, allows remote attackers to cause a denial of service (httpd crash) via a certain query string. | |||||
| CVE-2006-4316 | 1 Ssh | 1 Tectia Manager | 2026-04-16 | 7.2 HIGH | N/A |
| SSH Tectia Management Agent 2.1.2 allows local users to gain root privileges by running a program called sshd, which is obtained from a process listing when the "Restart" action is selected from the Management server GUI, which causes the agent to locate the pathname of the user's program and restart it with root privileges. | |||||
| CVE-2002-1569 | 2 Ghostview, Gv | 2 Ghostview, Gv | 2026-04-16 | 7.5 HIGH | N/A |
| gv 3.5.8, and possibly earlier versions, allows remote attackers to execute arbitrary commands via shell metacharacters in the filename for (1) a PDF file or (2) a gzip file. | |||||
| CVE-2003-1014 | 3 Clearswift, F-secure, Paul L Daniels | 3 Mailsweeper, Internet Gatekeeper, Ripmime | 2026-04-16 | 7.5 HIGH | N/A |
| Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use multiple MIME fields with the same name, which may be interpreted differently by mail clients. | |||||