Total
29838 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-0436 | 1 Hp | 2 Desms, Hp-ux | 2026-04-16 | 4.6 MEDIUM | N/A |
| Domain Enterprise Server Management System (DESMS) in HP-UX allows local users to gain privileges. | |||||
| CVE-2002-1411 | 1 Duma | 1 Photo Gallery System | 2026-04-16 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in update.dpgs in Duma Photo Gallery System (DPGS) 0.99.4 allows remote attackers to read arbitrary files via .. (dot dot) sequences in the id parameter. | |||||
| CVE-2000-0386 | 1 Filemaker | 1 Filemaker | 2026-04-16 | 7.5 HIGH | N/A |
| FileMaker Pro 5 Web Companion allows remote attackers to send anonymous or forged email. | |||||
| CVE-2005-1136 | 1 Sphpblog | 1 Sphpblog | 2026-04-16 | 5.0 MEDIUM | N/A |
| Simple PHP Blog (sphpBlog) 0.4.0 stores the (1) password.txt and (2) config.txt files under the web document root, which allows remote attackers to obtain sensitive information and crack passwords via a direct request to these files. | |||||
| CVE-2004-2613 | 1 Vserver | 1 Linux-vserver | 2026-04-16 | 10.0 HIGH | N/A |
| Unspecified vulnerability in procfs in the Linux-VServer stable branch for the 2.4 kernel before 1.23 and Linux-VServer development branch for the 2.4 kernel before 1.3.5 has unspecified impact and attack vectors, related to "write access to specific proc entries from a vserver context", a different vulnerability than CVE-2004-2408. | |||||
| CVE-2005-4429 | 1 Cs-cart | 1 Cs-cart | 2026-04-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in CS-Cart 1.3.0 allows remote attackers to execute arbitrary SQL commands via the (1) sort_by and (2) sort_order parameters to index.php. | |||||
| CVE-1999-0075 | 1 Washington University | 1 Wu-ftpd | 2026-04-16 | 5.0 MEDIUM | N/A |
| PASV core dump in wu-ftpd daemon when attacker uses a QUOTE PASV command after specifying a username and password. | |||||
| CVE-2005-1611 | 1 Web Crossing Inc | 1 Web Crossing | 2026-04-16 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in WebX in Web Crossing 5.x allows remote attackers to inject arbitrary web script or HTML via a URL with an "@" followed by the desired script. | |||||
| CVE-2005-0807 | 1 Oxid | 1 Cain And Abel | 2026-04-16 | 7.5 HIGH | N/A |
| Multiple buffer overflows in Cain & Abel before 2.67 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via (1) an IKE packet with a large ID field that is not properly handled by the PSK sniffer filter, (2) the HTTP sniffer filter, or the (3) POP3, (4) SMTP, (5) IMAP, (6) NNTP, or (7) TDS sniffer filters. | |||||
| CVE-2000-0787 | 1 Xchat | 1 Xchat | 2026-04-16 | 7.5 HIGH | N/A |
| IRC Xchat client versions 1.4.2 and earlier allows remote attackers to execute arbitrary commands by encoding shell metacharacters into a URL which XChat uses to launch a web browser. | |||||
| CVE-2004-2101 | 1 Geovision | 1 Geohttpserver | 2026-04-16 | 5.0 MEDIUM | N/A |
| The sysinfo script in GeoHttpServer allows remote attackers to cause a denial of service (crash) via a long pwd parameter, possibly triggering a buffer overflow. | |||||
| CVE-2002-1857 | 1 Jo | 1 Jo Webserver | 2026-04-16 | 5.0 MEDIUM | N/A |
| jo! jo Webserver 1.0, when running on Windows, allows remote attackers to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF directory with a trailing dot ("WEB-INF."). | |||||
| CVE-2005-4308 | 1 Scriptscenter | 1 Ezupload Pro | 2026-04-16 | 7.5 HIGH | N/A |
| index.php in ezUpload Pro 2.2 and earlier allows remote attackers to include files via the mode parameter. | |||||
| CVE-2005-4551 | 1 Simpbook | 1 Simpbook | 2026-04-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in sign.php in codegrrl SimpBook 1.0, when html_enable is on, allows remote attackers to inject arbitrary web script or HTML via the message parameter to index.php. | |||||
| CVE-2006-3351 | 1 Microsoft | 2 Windows 2003 Server, Windows Xp | 2026-04-16 | 5.4 MEDIUM | N/A |
| Buffer overflow in Windows Explorer (explorer.exe) on Windows XP and 2003 allows user-assisted attackers to cause a denial of service (repeated crash) and possibly execute arbitrary code via a .url file with an InternetShortcut tag containing a long URL and a large number of "file:" specifiers. | |||||
| CVE-1999-0082 | 2 Ftp, Ftpcd | 2 Ftp, Ftpcd | 2026-04-16 | 10.0 HIGH | N/A |
| CWD ~root command in ftpd allows root access. | |||||
| CVE-1999-0215 | 1 Sgi | 1 Irix | 2026-04-16 | 6.4 MEDIUM | N/A |
| Routed allows attackers to append data to files. | |||||
| CVE-2006-0948 | 1 Aol | 1 Aol | 2026-04-16 | 7.2 HIGH | N/A |
| AOL 9.0 Security Edition revision 4184.2340, and probably other versions, uses insecure permissions (Everyone/Full Control) for the "America Online 9.0" directory, which allows local users to gain privileges by replacing critical files. | |||||
| CVE-2004-2221 | 1 Mercantec | 1 Softcart | 2026-04-16 | 7.5 HIGH | N/A |
| Buffer overflow in SoftCart.exe in Mercantec SoftCart 4.00b allows remote attackers to execute arbitrary code via a long parameter in an HTTP GET request. | |||||
| CVE-2002-1165 | 2 Netbsd, Sendmail | 2 Netbsd, Sendmail | 2026-04-16 | 4.6 MEDIUM | N/A |
| Sendmail Consortium's Restricted Shell (SMRSH) in Sendmail 8.12.6, 8.11.6-15, and possibly other versions after 8.11 from 5/19/1998, allows attackers to bypass the intended restrictions of smrsh by inserting additional commands after (1) "||" sequences or (2) "/" characters, which are not properly filtered or verified. | |||||