Total
345002 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-2256 | 1 Phpmyfaq | 1 Phpmyfaq | 2026-04-16 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in phpMyFAQ 1.4.0 alpha allows remote attackers to read arbitrary files, and possibly execute local PHP files, via .. sequences in the lang (language) variable. | |||||
| CVE-2004-1437 | 1 Pavuk | 1 Pavuk | 2026-04-16 | 7.5 HIGH | N/A |
| Multiple buffer overflows in the digest authentication functionality in Pavuk 0.9.28-r2 and earlier allow remote attackers to execute arbitrary code. | |||||
| CVE-2001-1057 | 1 Wolfram Research | 1 Mathematica | 2026-04-16 | 5.0 MEDIUM | N/A |
| The License Manager (mathlm) for Mathematica 4.0 and 4.1 allows remote attackers to cause a denial of service (resource exhaustion) by connecting to port 16286 and not disconnecting, which prevents users from making license requests. | |||||
| CVE-2006-2007 | 1 Winny | 1 Winny | 2026-04-16 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in Winny 2.0 b7.1 and earlier allows remote attackers to execute arbitrary code via long strings to certain commands sent to the file transfer port. | |||||
| CVE-2005-3942 | 1 Greywyvern | 1 Orca Knowledgebase | 2026-04-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in knowledgebase-control.php in Orca Knowledgebase 2.1b and earlier allows remote attackers to execute arbitrary SQL commands via the qid parameter. | |||||
| CVE-2006-1015 | 1 Php | 1 Php | 2026-04-16 | 6.4 MEDIUM | N/A |
| Argument injection vulnerability in certain PHP 3.x, 4.x, and 5.x applications, when used with sendmail and when accepting remote input for the additional_parameters argument to the mail function, allows remote attackers to read and create arbitrary files via the sendmail -C and -X arguments. NOTE: it could be argued that this is a class of technology-specific vulnerability, instead of a particular instance; if so, then this should not be included in CVE. | |||||
| CVE-2006-4198 | 1 Wheatblog | 1 Wheatblog | 2026-04-16 | 5.1 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in includes/session.php in Wheatblog (wB) 1.1 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the wb_class_dir parameter. | |||||
| CVE-2005-2080 | 1 Symantec Veritas | 1 Backup Exec | 2026-04-16 | 7.5 HIGH | N/A |
| Unknown vulnerability in Remote Agent for Windows Servers (RAWS) in VERITAS Backup Exec 9.0 through 10.0 for Windows, and 9.0.4019 through 9.1.307 for NetWare, allows remote attackers to gain privileges by copying the handle for the server. | |||||
| CVE-2006-3751 | 1 Htmlarea3 | 1 Htmlarea3 | 2026-04-16 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in popups/ImageManager/config.inc.php in the HTMLArea3 Addon Component (com_htmlarea3_xtd-c) for ImageManager 1.5 allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | |||||
| CVE-2006-1314 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2026-04-16 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in the Server Service (SRV.SYS driver) in Microsoft Windows 2000 SP4, XP SP1 and SP2, Server 2003 up to SP1, and other products, allows remote attackers to execute arbitrary code via crafted first-class Mailslot messages that triggers memory corruption and bypasses size restrictions on second-class Mailslot messages. | |||||
| CVE-2001-0171 | 1 Whitsoft | 1 Slimserve | 2026-04-16 | 10.0 HIGH | N/A |
| Buffer overflow in SlimServe HTTPd 1.0 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long GET request. | |||||
| CVE-2002-0088 | 1 Sun | 2 Solaris, Sunos | 2026-04-16 | 7.2 HIGH | N/A |
| Buffer overflow in admintool in Solaris 2.6, 7, and 8 allows local users to gain root privileges via a long media installation path. | |||||
| CVE-2006-3387 | 1 Fusionphp | 1 Fusion News | 2026-04-16 | 5.1 MEDIUM | N/A |
| Directory traversal vulnerability in sources/post.php in Fusion News 1.0, when register_globals is enabled, allows remote attackers to include arbitrary files via a .. (dot dot) sequence in the fil_config parameter, which can be used to execute PHP code that has been injected into a log file. | |||||
| CVE-2002-1046 | 1 Watchguard | 2 Firebox, Soho Firewall | 2026-04-16 | 5.0 MEDIUM | N/A |
| Dynamic VPN Configuration Protocol service (DVCP) in Watchguard Firebox firmware 5.x.x allows remote attackers to cause a denial of service (crash) via a malformed packet containing tab characters to TCP port 4110. | |||||
| CVE-2004-0977 | 4 Mandrakesoft, Postgresql, Redhat and 1 more | 6 Mandrake Linux, Mandrake Linux Corporate Server, Postgresql and 3 more | 2026-04-16 | 2.1 LOW | N/A |
| The make_oidjoins_check script in PostgreSQL 7.4.5 and earlier allows local users to overwrite files via a symlink attack on temporary files. | |||||
| CVE-1999-0817 | 1 University Of Kansas | 1 Lynx | 2026-04-16 | 10.0 HIGH | N/A |
| Lynx WWW client allows a remote attacker to specify command-line parameters which Lynx uses when calling external programs to handle certain protocols, e.g. telnet. | |||||
| CVE-2001-0974 | 1 Oracle | 1 Internet Directory | 2026-04-16 | 7.5 HIGH | N/A |
| Format string vulnerabilities in Oracle Internet Directory Server (LDAP) 2.1.1.x and 3.0.1 allow remote attackers to execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite. | |||||
| CVE-2004-0063 | 1 Ncipher | 1 Payshield Spp Library | 2026-04-16 | 7.5 HIGH | N/A |
| The SPP_VerifyPVV function in nCipher payShield SPP library 1.3.12, 1.5.18 and 1.6.18 returns a Status_OK value even if the HSM returns a different status code, which could cause applications to make incorrect security-critical decisions, e.g. by accepting an invalid PIN number. | |||||
| CVE-2005-4432 | 1 Playsms | 1 Playsms | 2026-04-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in PlaySMS 0.8 allows remote attackers to inject arbitrary web script or HTML via the err parameter. | |||||
| CVE-2003-1300 | 1 Pablo Software Solutions | 1 Baby Ftp Server | 2026-04-16 | 5.0 MEDIUM | N/A |
| Baby FTP Server (BabyFTP) 1.2, and possibly other versions before May 31, 2003, allows remote attackers to cause a denial of service via a large number of connections from the same IP address, which triggers an access violation. | |||||