Total
345002 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-0650 | 1 Cisco | 1 Ios | 2026-04-16 | 5.0 MEDIUM | N/A |
| Cisco devices IOS 12.0 and earlier allow a remote attacker to cause a crash, or bad route updates, via malformed BGP updates with unrecognized transitive attribute. | |||||
| CVE-2005-0435 | 1 Awstats | 1 Awstats | 2026-04-16 | 5.0 MEDIUM | N/A |
| awstats.pl in AWStats 6.3 and 6.4 allows remote attackers to read server web logs by setting the loadplugin and pluginmode parameters to rawlog. | |||||
| CVE-2005-2700 | 3 Apache, Canonical, Debian | 3 Http Server, Ubuntu Linux, Debian Linux | 2026-04-16 | 10.0 HIGH | N/A |
| ssl_engine_kernel.c in mod_ssl before 2.8.24, when using "SSLVerifyClient optional" in the global virtual host configuration, does not properly enforce "SSLVerifyClient require" in a per-location context, which allows remote attackers to bypass intended access restrictions. | |||||
| CVE-2005-2936 | 1 Realnetworks | 2 Realone Player, Realplayer | 2026-04-16 | 7.2 HIGH | N/A |
| Unquoted Windows search path vulnerability in RealNetworks RealPlayer 10.5 6.0.12.1040 through 6.0.12.1348, RealPlayer 10, RealOne Player v2, RealOne Player v1, and RealPlayer 8 before 20060322 might allow local users to gain privileges via a malicious C:\program.exe file. | |||||
| CVE-1999-1139 | 1 Hp | 1 Hp-ux | 2026-04-16 | 7.2 HIGH | N/A |
| Character-Terminal User Environment (CUE) in HP-UX 11.0 and earlier allows local users to overwrite arbitrary files and gain root privileges via a symlink attack on the IOERROR.mytty file. | |||||
| CVE-2003-0875 | 1 Openslp | 1 Openslp | 2026-04-16 | 2.1 LOW | N/A |
| Symbolic link vulnerability in the slpd script slpd.all_init for OpenSLP before 1.0.11 allows local users to overwrite arbitrary files via the route.check temporary file. | |||||
| CVE-2003-0261 | 1 Fuzz | 1 Fuzz | 2026-04-16 | 4.6 MEDIUM | N/A |
| fuzz 0.6 and earlier creates temporary files insecurely, which could allow local users to gain root privileges. | |||||
| CVE-2005-2938 | 1 Apple | 1 Itunes | 2026-04-16 | 7.2 HIGH | N/A |
| Unquoted Windows search path vulnerability in iTunesHelper.exe in iTunes 4.7.1.30 and iTunes 5 for Windows might allow local users to gain privileges via a malicious C:\program.exe file. | |||||
| CVE-1999-1373 | 1 Fore | 1 Powerhub Software | 2026-04-16 | 5.0 MEDIUM | N/A |
| FORE PowerHub before 5.0.1 allows remote attackers to cause a denial of service (hang) via a TCP SYN scan with TCP/IP OS fingerprinting, e.g. via nmap. | |||||
| CVE-2002-1552 | 1 Novell | 1 Edirectory | 2026-04-16 | 7.5 HIGH | N/A |
| Novell eDirectory (eDir) 8.6.2 and Netware 5.1 eDir 85.x allows users with expired passwords to gain inappropriate permissions when logging in from Remote Manager. | |||||
| CVE-2005-4595 | 1 Gentoo | 2 Nview, Xnview | 2026-04-16 | 7.2 HIGH | N/A |
| Untrusted search path vulnerability (RPATH) in XnView 1.70 and NView 4.51 on Gentoo Linux allows local users to execute arbitrary code via a malicious library in the current working directory. | |||||
| CVE-2005-3509 | 1 Jportal | 1 Jportal Web Portal | 2026-04-16 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in JPortal allow remote attackers to execute arbitrary SQL commands via (1) banner.php or the id parameter to (2) print.php, (3) comment.php, and (4) news.php. | |||||
| CVE-2002-0922 | 1 Cgiscript.net | 1 Csnews | 2026-04-16 | 5.0 MEDIUM | N/A |
| CGIScript.net csNews.cgi allows remote attackers to obtain database files via a direct URL-encoded request to (1) default%2edb or (2) default%2edb.style, or remote authenticated users to perform administrative actions via (3) a database parameter set to default%2edb. | |||||
| CVE-2006-4440 | 1 Ay System Solutions | 1 Ay System Solutions Cms | 2026-04-16 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in main.php in Ay System Solutions CMS 2.6 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the path[ShowProcessHandle] parameter. | |||||
| CVE-2004-0500 | 3 Gentoo, Mandrakesoft, Rob Flynn | 3 Linux, Mandrake Linux, Gaim | 2026-04-16 | 7.5 HIGH | N/A |
| Buffer overflow in the MSN protocol plugins (1) object.c and (2) slp.c for Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via MSNSLP protocol messages that are not properly handled in a strncpy call. | |||||
| CVE-2004-1477 | 1 Macromedia | 1 Jrun | 2026-04-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Management Console in JRun 4.0 allows remote attackers to execute arbitrary web script or HTML and possibly hijack a user's session. | |||||
| CVE-2005-2606 | 1 Phlymail | 1 Phlymail | 2026-04-16 | 7.5 HIGH | N/A |
| Unknown vulnerability in the "frontend authentication" in PHlyMail 3.02.00 has unknown impact and attack vectors. | |||||
| CVE-2000-0448 | 1 Network Associates | 1 Webshield | 2026-04-16 | 5.0 MEDIUM | N/A |
| The WebShield SMTP Management Tool version 4.5.44 does not properly restrict access to the management port when an IP address does not resolve to a hostname, which allows remote attackers to access the configuration via the GET_CONFIG command. | |||||
| CVE-2005-1162 | 1 Oneworldstore | 1 Oneworldstore | 2026-04-16 | 5.8 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in OneWorldStore allow remote attackers to inject arbitrary web script or HTML via the (1) sEmail parameter to owContactUs.asp, (2) bSub parameter to owListProduct.asp, or the (3) Name, (4) Email, or (5) Comment fields in owProductDetail.asp. | |||||
| CVE-2005-0671 | 1 Ca3de | 1 Ca3de | 2026-04-16 | 7.5 HIGH | N/A |
| Format string vulnerability in Carsten's 3D Engine (Ca3DE), March 2004 version and earlier, allows remote attackers to execute arbitrary code via format string specifiers in a command. | |||||