Total
345192 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-0464 | 1 Hosting Controller | 1 Hosting Controller | 2026-04-16 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in Hosting Controller 1.4.1 and earlier allows remote attackers to read and modify arbitrary files and directories via a .. (dot dot) in arguments to (1) file_editor.asp, (2) folderactions.asp, or (3) editoractions.asp. | |||||
| CVE-2006-3796 | 1 Deluxebb | 1 Deluxebb | 2026-04-16 | 7.5 HIGH | N/A |
| DeluxeBB 1.07 and earlier does not properly handle a username composed of a single space character, which allows remote authenticated users to login as the "space" user, post as the guest user, and block the ability of an administrator to ban the "space" user. | |||||
| CVE-1999-0602 | 2026-04-16 | 10.0 HIGH | N/A | ||
| A network intrusion detection system (IDS) does not properly reassemble fragmented packets. | |||||
| CVE-2002-1201 | 1 Ibm | 1 Aix | 2026-04-16 | 5.0 MEDIUM | N/A |
| IBM AIX 4.3.3 and AIX 5 allows remote attackers to cause a denial of service (CPU consumption or crash) via a flood of malformed TCP packets without any flags set, which prevents AIX from releasing the associated memory buffers. | |||||
| CVE-2006-2233 | 1 Banktown | 1 Btcxctl20com Activex Control | 2026-04-16 | 7.5 HIGH | N/A |
| Buffer overflow in BankTown Client Control (aka BtCxCtl20Com) 1.4.2.51817, and possibly 1.5.2.50209, allows remote attackers to execute arbitrary code via a long string in the first argument to SetBannerUrl. NOTE: portions of these details are obtained from third party information. | |||||
| CVE-2006-3156 | 1 Thinkfactory | 1 Ultimate Eshop | 2026-04-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.cgi in Ultimate eShop 1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the subid parameter. | |||||
| CVE-2006-3585 | 1 Jetbox | 1 Jetbox Cms | 2026-04-16 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Jetbox CMS 2.1 SR1 allow remote attackers to inject arbitrary web script or HTML via the (1) login parameter in admin/cms/index.php, (2) unspecified parameters in the "Supply news" page in formmail.php, (3) the URL in the "Site statistics" page, and the (5) query_string parameter when performing a search. | |||||
| CVE-2004-0971 | 1 Mit | 1 Kerberos 5 | 2026-04-16 | 2.1 LOW | N/A |
| The krb5-send-pr script in the kerberos5 (krb5) package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files. | |||||
| CVE-2006-3595 | 1 Cisco | 1 Router Web Setup | 2026-04-16 | 7.5 HIGH | N/A |
| The default configuration of IOS HTTP server in Cisco Router Web Setup (CRWS) before 3.3.0 build 31 does not require credentials, which allows remote attackers to access the server with arbitrary privilege levels, aka bug CSCsa78190. | |||||
| CVE-2002-2230 | 1 Ikonboard | 1 Ikonboard | 2026-04-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Ikonboard 3.1.1 allows remote attackers to inject arbitrary web script or HTML via a private message with a javascript: URL in the IMG tag, in which the URL ends in a ".gif" or ".jpg" string, a variant of CVE-2002-0328. | |||||
| CVE-2006-3620 | 1 Dream4 | 1 Koobi Pro | 2026-04-16 | 2.6 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in the showtopic module in Koobi Pro CMS 5.6 allows remote attackers to inject arbitrary web script or HTML via the toid parameter. | |||||
| CVE-2004-0826 | 4 Hp, Mozilla, Netscape and 1 more | 10 Hp-ux, Network Security Services, Certificate Server and 7 more | 2026-04-16 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote attackers to execute arbitrary code via a modified record length field in an SSLv2 client hello message. | |||||
| CVE-2006-1737 | 1 Mozilla | 4 Firefox, Mozilla Suite, Seamonkey and 1 more | 2026-04-16 | 9.3 HIGH | N/A |
| Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary bytecode via JavaScript with a large regular expression. | |||||
| CVE-2004-2028 | 1 E107 | 1 E107 | 2026-04-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in stats.php in e107 allows remote attackers to inject arbitrary web script or HTML via the referer parameter to log.php. | |||||
| CVE-1999-0011 | 8 Data General, Ibm, Isc and 5 more | 11 Dg Ux, Aix, Bind and 8 more | 2026-04-16 | 10.0 HIGH | 5.4 MEDIUM |
| Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases via CNAME record and zone transfer. | |||||
| CVE-2000-1233 | 1 Phorum | 1 Phorum | 2026-04-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in read.php3 and other scripts in Phorum 3.0.7 allows remote attackers to execute arbitrary SQL queries via the sSQL parameter. | |||||
| CVE-2005-2929 | 1 University Of Kansas | 1 Lynx | 2026-04-16 | 7.5 HIGH | N/A |
| Lynx 2.8.5, and other versions before 2.8.6dev.15, allows remote attackers to execute arbitrary commands via (1) lynxcgi:, (2) lynxexec, and (3) lynxprog links, which are not properly restricted in the default configuration in some environments. | |||||
| CVE-2003-0894 | 1 Oracle | 1 Oracle9i | 2026-04-16 | 4.6 MEDIUM | N/A |
| Buffer overflow in the (1) oracle and (2) oracleO programs in Oracle 9i Database 9.0.x and 9.2.x before 9.2.0.4 allows local users to execute arbitrary code via a long command line argument. | |||||
| CVE-2004-1085 | 1 Apple | 4 Darwin Streaming Server, Mac Os X, Mac Os X Server and 1 more | 2026-04-16 | 2.1 LOW | N/A |
| Human Interface Toolbox (HIToolBox) for Apple Mac 0S X 10.3.6 allows local users to exit applications via the force-quit key combination, even when the system is running in kiosk mode. | |||||
| CVE-2001-1374 | 3 Conectiva, Don Libes, Redhat | 3 Linux, Expect, Linux | 2026-04-16 | 7.2 HIGH | N/A |
| expect before 5.32 searches for its libraries in /var/tmp before other directories, which could allow local users to gain root privileges via a Trojan horse library that is accessed by mkpasswd. | |||||