Total
344998 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-2214 | 1 Mbedthis | 1 Appweb Http Server | 2026-04-16 | 7.5 HIGH | 9.8 CRITICAL |
| Mbedthis AppWeb HTTP server before 1.1.3 allows remote attackers to bypass access restrictions via a URI with mixed case characters. | |||||
| CVE-1999-0768 | 2 Redhat, Suse | 2 Linux, Suse Linux | 2026-04-16 | 7.5 HIGH | N/A |
| Buffer overflow in Vixie Cron on Red Hat systems via the MAILTO environmental variable. | |||||
| CVE-2005-1719 | 1 Alwil | 1 Avast Antivirus | 2026-04-16 | 7.5 HIGH | N/A |
| Unknown vulnerability in ALWIL avast! antivirus 4 (4.6.6230) and earlier, when running on Windows NT 4.0, does not properly detect certain viruses. | |||||
| CVE-2006-0806 | 1 John Lim | 1 Adodb | 2026-04-16 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in ADOdb 4.71, as used in multiple packages such as phpESP, allow remote attackers to inject arbitrary web script or HTML via (1) the next_page parameter in adodb-pager.inc.php and (2) other unspecified vectors related to PHP_SELF. | |||||
| CVE-2004-2589 | 1 Rob Flynn | 1 Gaim | 2026-04-16 | 5.0 MEDIUM | N/A |
| Gaim before 0.82 allows remote servers to cause a denial of service (application crash) via a long HTTP Content-Length header, which causes Gaim to abort when attempting to allocate memory. | |||||
| CVE-2006-1330 | 1 Phpwebsite | 1 Phpwebsite | 2026-04-16 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in phpWebsite 0.83 and earlier allow remote attackers to execute arbitrary SQL commands via the sid parameter to (1) friend.php or (2) article.php. | |||||
| CVE-2005-3767 | 1 Exponent | 1 Exponent | 2026-04-16 | 5.0 MEDIUM | N/A |
| Exponent CMS 0.96.3 and later versions does not properly restrict the types of uploaded files, which allows remote attackers to upload and execute PHP files. | |||||
| CVE-2000-0917 | 3 Caldera, Redhat, Trustix | 6 Openlinux, Openlinux Ebuilder, Openlinux Edesktop and 3 more | 2026-04-16 | 10.0 HIGH | N/A |
| Format string vulnerability in use_syslog() function in LPRng 3.6.24 allows remote attackers to execute arbitrary commands. | |||||
| CVE-2001-0681 | 1 Qpc Software | 2 Qvt Net, Qvt Term | 2026-04-16 | 5.0 MEDIUM | N/A |
| Buffer overflow in ftpd in QPC QVT/Net 5.0 and QVT/Term 5.0 allows a remote attacker to cause a denial of service via a long (1) username or (2) password. | |||||
| CVE-1999-1462 | 1 Bb4 | 1 Big Brother | 2026-04-16 | 5.0 MEDIUM | N/A |
| Vulnerability in bb-hist.sh CGI History module in Big Brother 1.09b and 1.09c allows remote attackers to read portions of arbitrary files. | |||||
| CVE-2001-1141 | 2 Openssl, Ssleay | 2 Openssl, Ssleay | 2026-04-16 | 5.0 MEDIUM | N/A |
| The Pseudo-Random Number Generator (PRNG) in SSLeay and OpenSSL before 0.9.6b allows attackers to use the output of small PRNG requests to determine the internal state information, which could be used by attackers to predict future pseudo-random numbers. | |||||
| CVE-2006-1000 | 1 G2soft | 1 Pentacle In-out Board | 2026-04-16 | 10.0 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Pentacle In-Out Board 3.0 and earlier allow remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) newsid parameter to newsdetailsview.asp and (2) password parameter to login.asp. | |||||
| CVE-2002-0005 | 1 Aol | 1 Instant Messenger | 2026-04-16 | 10.0 HIGH | N/A |
| Buffer overflow in AOL Instant Messenger (AIM) 4.7.2480, 4.8.2616, and other versions allows remote attackers to execute arbitrary code via a long argument in a game request (AddGame). | |||||
| CVE-2001-0096 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2026-04-16 | 5.0 MEDIUM | N/A |
| FrontPage Server Extensions (FPSE) in IIS 4.0 and 5.0 allows remote attackers to cause a denial of service via a malformed form, aka the "Malformed Web Form Submission" vulnerability. | |||||
| CVE-2006-1933 | 1 Ethereal Group | 1 Ethereal | 2026-04-16 | 5.0 MEDIUM | N/A |
| Multiple unspecified vulnerabilities in Ethereal 0.10.x up to 0.10.14 allow remote attackers to cause a denial of service (large or infinite loops) viarafted packets to the (1) UMA and (2) BER dissectors. | |||||
| CVE-2005-0752 | 1 Mozilla | 1 Firefox | 2026-04-16 | 7.5 HIGH | N/A |
| The Plugin Finder Service (PFS) in Firefox before 1.0.3 allows remote attackers to execute arbitrary code via a javascript: URL in the PLUGINSPAGE attribute of an EMBED tag. | |||||
| CVE-2006-3854 | 1 Ibm | 1 Informix Dynamic Database Server | 2026-04-16 | 7.5 HIGH | N/A |
| Buffer overflow in IBM Informix Dynamic Server (IDS) 9.40.TC7, 9.40.TC8, 10.00.TC4, and 10.00.TC5, when running on Windows, allows remote attackers to execute arbitrary code via a long username, which causes an overflow in vsprintf when displaying in the resulting error message. NOTE: this issue is due to an incomplete fix for CVE-2006-3853. | |||||
| CVE-2005-3592 | 1 Cutephp | 1 Cutenews | 2026-04-16 | 5.0 MEDIUM | N/A |
| index.php CuteNews 1.4.0 and earlier allows remote attackers to obtain the path of the installation path of the application by triggering an error message, such as by entering multiple ../ (dot dot slash) in the archive parameter. | |||||
| CVE-2004-0488 | 3 Apache, Debian, Redhat | 4 Http Server, Debian Linux, Enterprise Linux Server and 1 more | 2026-04-16 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the ssl_util_uuencode_binary function in ssl_util.c for Apache mod_ssl, when mod_ssl is configured to trust the issuing CA, may allow remote attackers to execute arbitrary code via a client certificate with a long subject DN. | |||||
| CVE-2006-1959 | 1 Actualscripts | 1 Actualanalyzer | 2026-04-16 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in direct.php in ActualScripts ActualAnalyzer Lite 2.72 and earlier, Gold 7.63 and earlier, and Server 8.23 and earlier allows remote attackers to execute arbitrary code via a URL in the rf parameter. | |||||