Total
344998 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-1843 | 1 Perlbot | 1 Perlbot | 2026-04-16 | 7.5 HIGH | N/A |
| Perlbot 1.9.2 allows remote attackers to execute arbitrary commands via shell metacharacters in (1) the $text variable in SpelCheck.pm or (2) the $filename variable in HTMLPlog.pm. | |||||
| CVE-2006-3208 | 1 Ultimate Php Board | 1 Ultimate Php Board | 2026-04-16 | 6.5 MEDIUM | N/A |
| Direct static code injection vulnerability in Ultimate PHP Board (UPB) 1.9.6 and earlier allows remote authenticated administrators to execute arbitrary PHP code via multiple unspecified "configuration fields" in (1) admin_chatconfig.php, (2) admin_configcss.php, (3) admin_config.php, or (4) admin_config2.php, which are stored as configuration settings. NOTE: this issue can be exploited by remote attackers by leveraging other vulnerabilities in UPB. | |||||
| CVE-2005-3251 | 1 Gallery Project | 1 Gallery | 2026-04-16 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in the gallery script in Gallery 2.0 (G2) allows remote attackers to read or include arbitrary files via ".." sequences in the g2_itemId parameter. | |||||
| CVE-1999-1290 | 1 Chris Matthee | 1 Nftp | 2026-04-16 | 5.1 MEDIUM | N/A |
| Buffer overflow in nftp FTP client version 1.40 allows remote malicious FTP servers to cause a denial of service, and possibly execute arbitrary commands, via a long response string. | |||||
| CVE-2002-0123 | 1 Mdg Computer Services | 1 Web Server 4d Ecommerce | 2026-04-16 | 7.5 HIGH | N/A |
| MDG Computer Services Web Server 4D WS4D/eCommerce 3.0 and earlier, and possibly 3.5.3, allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long HTTP request. | |||||
| CVE-1999-0234 | 5 Caldera, Redhat, Sgi and 2 more | 5 Openlinux, Linux, Irix and 2 more | 2026-04-16 | 4.6 MEDIUM | N/A |
| Bash treats any character with a value of 255 as a command separator. | |||||
| CVE-2005-0742 | 1 Sun | 1 Java System Application Server | 2026-04-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Sun Java System Application Server 7 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | |||||
| CVE-2006-3276 | 1 Realnetworks | 1 Helix Dna Server | 2026-04-16 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in RealNetworks Helix DNA Server 10.0 and 11.0 allows remote attackers to execute arbitrary code via (1) a long User-Agent HTTP header in the RTSP service and (2) unspecified vectors involving the "parsing of HTTP URL schemes". | |||||
| CVE-2005-3383 | 1 Techno Dreams | 1 Announcement Script | 2026-04-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Techno Dreams Announcement script allows remote attackers to execute arbitrary SQL commands and bypass authentication via the userid parameter in admin/login.asp. | |||||
| CVE-2004-1330 | 1 Ibm | 1 Aix | 2026-04-16 | 7.2 HIGH | N/A |
| Buffer overflow in paginit in AIX 5.1 through 5.3 allows local users to execute arbitrary code via a long username. | |||||
| CVE-2005-3279 | 1 Jan Kybic | 1 Bitmap Viewer | 2026-04-16 | 7.2 HIGH | N/A |
| Stack-based buffer overflow in the vgasco_printf function in Jan Kybic BitMap Viewer (BMV) 1.2, when compiled with the M_UNIX flag and running setuid, allows local users to gain privileges via a long filename in the -b command line option. | |||||
| CVE-1999-0168 | 1 Sun | 1 Sunos | 2026-04-16 | 7.5 HIGH | N/A |
| The portmapper may act as a proxy and redirect service requests from an attacker, making the request appear to come from the local host, possibly bypassing authentication that would otherwise have taken place. For example, NFS file systems could be mounted through the portmapper despite export restrictions. | |||||
| CVE-2006-3769 | 1 Top Xl | 1 Top Xl | 2026-04-16 | 2.6 LOW | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Top XL 1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) pass and (2) pass2 parameters in (a) add.php or the (3) id parameter in (b) members/index.php. | |||||
| CVE-1999-1581 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | 5.0 MEDIUM | N/A |
| Memory leak in Simple Network Management Protocol (SNMP) agent (snmp.exe) for Windows NT 4.0 before Service Pack 4 allows remote attackers to cause a denial of service (memory consumption) via a large number of SNMP packets with Object Identifiers (OIDs) that cannot be decoded. | |||||
| CVE-2003-0438 | 1 Yuuichi Teranishi | 1 Eldav | 2026-04-16 | 1.2 LOW | N/A |
| eldav WebDAV client for Emacs, version 0.7.2 and earlier, allows local users to create or overwrite arbitrary files via a symlink attack on temporary files. | |||||
| CVE-2004-2242 | 1 Phorum | 1 Phorum | 2026-04-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in search.php in Phorum, possibly 5.0.7 beta and earlier, allows remote attackers to inject arbitrary HTML or web script via the subject parameter. | |||||
| CVE-2001-0650 | 1 Cisco | 1 Ios | 2026-04-16 | 5.0 MEDIUM | N/A |
| Cisco devices IOS 12.0 and earlier allow a remote attacker to cause a crash, or bad route updates, via malformed BGP updates with unrecognized transitive attribute. | |||||
| CVE-2005-0435 | 1 Awstats | 1 Awstats | 2026-04-16 | 5.0 MEDIUM | N/A |
| awstats.pl in AWStats 6.3 and 6.4 allows remote attackers to read server web logs by setting the loadplugin and pluginmode parameters to rawlog. | |||||
| CVE-2005-2700 | 3 Apache, Canonical, Debian | 3 Http Server, Ubuntu Linux, Debian Linux | 2026-04-16 | 10.0 HIGH | N/A |
| ssl_engine_kernel.c in mod_ssl before 2.8.24, when using "SSLVerifyClient optional" in the global virtual host configuration, does not properly enforce "SSLVerifyClient require" in a per-location context, which allows remote attackers to bypass intended access restrictions. | |||||
| CVE-2005-2936 | 1 Realnetworks | 2 Realone Player, Realplayer | 2026-04-16 | 7.2 HIGH | N/A |
| Unquoted Windows search path vulnerability in RealNetworks RealPlayer 10.5 6.0.12.1040 through 6.0.12.1348, RealPlayer 10, RealOne Player v2, RealOne Player v1, and RealPlayer 8 before 20060322 might allow local users to gain privileges via a malicious C:\program.exe file. | |||||