Total
29849 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-2050 | 1 Esesix | 7 Thintune Extreme, Thintune L, Thintune M and 4 more | 2026-04-16 | 4.6 MEDIUM | N/A |
| eSeSIX Thintune thin clients running firmware 2.4.38 and earlier allow local users to gain privileges by pressing CTRL-SHIFT-ALT-DEL and entering the "maertsJ" password, which is hard-coded into lshell. | |||||
| CVE-2002-0022 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | 7.5 HIGH | N/A |
| Buffer overflow in the implementation of an HTML directive in mshtml.dll in Internet Explorer 5.5 and 6.0 allows remote attackers to execute arbitrary code via a web page that specifies embedded ActiveX controls in a way that causes 2 Unicode strings to be concatenated. | |||||
| CVE-2005-1561 | 1 Maxwebportal | 1 Maxwebportal | 2026-04-16 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in post.asp in MaxWebPortal 1.3.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) mod, (2) M, or (3) type parameter. | |||||
| CVE-1999-0061 | 4 Bsdi, Freebsd, Linux and 1 more | 4 Bsd Os, Freebsd, Linux Kernel and 1 more | 2026-04-16 | 5.1 MEDIUM | N/A |
| File creation and deletion, and remote execution, in the BSD line printer daemon (lpd). | |||||
| CVE-2005-2308 | 1 Microsoft | 1 Ie | 2026-04-16 | 7.5 HIGH | N/A |
| The JPEG decoder in Microsoft Internet Explorer allows remote attackers to cause a denial of service (CPU consumption or crash) and possibly execute arbitrary code via certain crafted JPEG images, as demonstrated using (1) mov_fencepost.jpg, (2) cmp_fencepost.jpg, (3) oom_dos.jpg, or (4) random.jpg. | |||||
| CVE-2004-2619 | 1 Paul L Daniels | 1 Ripmime | 2026-04-16 | 7.5 HIGH | N/A |
| ripMIME 1.3.2.3 and earlier allows remote attackers to bypass e-mail protection via a base64 MIME encoded attachment containing invalid characters that are not properly extracted. | |||||
| CVE-2004-1871 | 1 Photopost | 1 Photopost Php Pro | 2026-04-16 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in PhotoPost PHP Pro 4.6.x and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) ppuser, (2) password, (3) stype, (4) perpage, (5) sort, (6) page, (7) si, or (8) cat parameters to showmembers.php, or the (9) photo name, (10) photo description, (11) album name, or (12) album description fields. | |||||
| CVE-2006-2631 | 1 Phpfox | 1 Phpfox | 2026-04-16 | 4.0 MEDIUM | N/A |
| phpFoX allows remote authenticated users to modify arbitrary accounts via a modified NATIO cookie value, possibly the phpfox_user parameter. | |||||
| CVE-1999-0697 | 1 Sco | 1 Openserver | 2026-04-16 | 7.2 HIGH | N/A |
| SCO Doctor allows local users to gain root privileges through a Tools option. | |||||
| CVE-2003-1082 | 1 Sun | 2 Solaris, Sunos | 2026-04-16 | 7.2 HIGH | N/A |
| Buffer overflow in utmp_update for Solaris 2.6 through 9 allows local users to gain root privileges, as identified by Sun BugID 4705891, a different vulnerability than CVE-2003-1068. | |||||
| CVE-2006-1640 | 1 Czaries Network | 1 Czarnews | 2026-04-16 | 2.6 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in news.php in CzarNews 1.14 allows remote attackers to inject arbitrary web script or HTML via the email parameter. | |||||
| CVE-2004-0097 | 1 Openh323 Project | 1 Pwlib | 2026-04-16 | 10.0 HIGH | N/A |
| Multiple vulnerabilities in PWLib before 1.6.0 allow remote attackers to cause a denial of service and possibly execute arbitrary code, as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 protocol. | |||||
| CVE-2006-0991 | 1 Veritas | 1 Netbackup | 2026-04-16 | 7.1 HIGH | N/A |
| Buffer overflow in the NetBackup Sharepoint Services server daemon (bpspsserver) on NetBackup 6.0 for Windows allows remote attackers to execute arbitrary code via crafted "Request Service" packets to the vnetd service (TCP port 13724). | |||||
| CVE-2002-1078 | 1 Aprelium Technologies | 1 Abyss Web Server | 2026-04-16 | 5.0 MEDIUM | N/A |
| Abyss Web Server 1.0.3 allows remote attackers to list directory contents via an HTTP GET request that ends in a large number of / (slash) characters. | |||||
| CVE-1999-0339 | 1 Sun | 2 Solaris, Sunos | 2026-04-16 | 7.2 HIGH | N/A |
| Buffer overflow in the libauth library in Solaris allows local users to gain additional privileges, possibly root access. | |||||
| CVE-2002-1225 | 1 Kth | 1 Heimdal | 2026-04-16 | 10.0 HIGH | N/A |
| Multiple buffer overflows in Heimdal before 0.5, possibly in both the (1) kadmind and (2) kdc servers, may allow remote attackers to gain root access. | |||||
| CVE-2005-0219 | 1 Gallery Project | 1 Gallery | 2026-04-16 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Gallery 1.3.4-pl1 allow remote attackers to inject arbitrary web script or HTML via (1) the index field in add_comment.php, (2) set_albumName, (3) slide_index, (4) slide_full, (5) slide_loop, (6) slide_pause, (7) slide_dir fields in slideshow_low.php, or (8) username field in search.php. | |||||
| CVE-2001-1564 | 1 Hp | 1 Hp-ux | 2026-04-16 | 2.1 LOW | N/A |
| setrlimit in HP-UX 10.01, 10.10, 10.24, 10.20, 11.00, 11.04 and 11.11 does not properly enforce core file size on processes after setuid or setgid privileges are dropped, which could allow local users to cause a denial of service by exhausting available disk space. | |||||
| CVE-2006-0515 | 1 Cisco | 4 Adaptive Security Appliance Software, Firewall Services Module, Pix Firewall and 1 more | 2026-04-16 | 7.5 HIGH | N/A |
| Cisco PIX/ASA 7.1.x before 7.1(2) and 7.0.x before 7.0(5), PIX 6.3.x before 6.3.5(112), and FWSM 2.3.x before 2.3(4) and 3.x before 3.1(7), when used with Websense/N2H2, allows remote attackers to bypass HTTP access restrictions by splitting the GET method of an HTTP request into multiple packets, which prevents the request from being sent to Websense for inspection, aka bugs CSCsc67612, CSCsc68472, and CSCsd81734. | |||||
| CVE-2005-3828 | 1 Activecampaign | 1 Knowledgebuilder | 2026-04-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in ActiveCampaign KnowledgeBuilder 2.4 and earlier allows remote attackers to execute arbitrary SQL commands via the article parameter. | |||||