Total
345194 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-4493 | 1 Speartek | 1 Speartek | 2026-04-16 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in SpearTek 6.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters. | |||||
| CVE-2004-1426 | 1 Korweblog | 1 Korweblog | 2026-04-16 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in KorWeblog 1.6.2-cvs and earlier allows remote attackers to read arbitrary files and execute arbitrary PHP files via .. (dot dot) sequences in the lng parameter. | |||||
| CVE-2003-0554 | 1 Neomodus | 1 Direct Connect | 2026-04-16 | 5.0 MEDIUM | N/A |
| NeoModus Direct Connect 1.0 build 9, and possibly other versions, allows remote attackers to cause a denial of service (connection and possibly memory exhaustion) via a flood of ConnectToMe requests containing arbitrary IP addresses and ports. | |||||
| CVE-2003-0502 | 1 Apple | 1 Darwin Streaming Server | 2026-04-16 | 10.0 HIGH | N/A |
| Apple QuickTime / Darwin Streaming Server before 4.1.3g allows remote attackers to cause a denial of service (crash) via a .. (dot dot) sequence followed by an MS-DOS device name (e.g. AUX) in a request to HTTP port 1220, a different vulnerability than CVE-2003-0421. | |||||
| CVE-2003-0573 | 1 Sgi | 1 Irix | 2026-04-16 | 5.0 MEDIUM | N/A |
| The DNS callbacks in nsd in SGI IRIX 6.5.x through 6.5.20f, and possibly earlier versions, do not perform sufficient sanity checking, with unknown impact. | |||||
| CVE-2003-0969 | 1 Mpg321 | 1 Mpg321 | 2026-04-16 | 7.5 HIGH | N/A |
| mpg321 0.2.10 allows remote attackers to overwrite memory and possibly execute arbitrary code via an mp3 file that passes certain strings to the printf function, possibly triggering a format string vulnerability. | |||||
| CVE-2004-0886 | 9 Apple, Kde, Libtiff and 6 more | 13 Mac Os X, Mac Os X Server, Kde and 10 more | 2026-04-16 | 5.0 MEDIUM | N/A |
| Multiple integer overflows in libtiff 3.6.1 and earlier allow remote attackers to cause a denial of service (crash or memory corruption) via TIFF images that lead to incorrect malloc calls. | |||||
| CVE-2000-0695 | 1 Tech-source | 1 Raptor Gfx Pgx32 | 2026-04-16 | 7.2 HIGH | N/A |
| Buffer overflows in pgxconfig in the Raptor GFX configuration tool allow local users to gain privileges via command line options. | |||||
| CVE-2000-0549 | 2 Cygnus, Mit | 4 Cygnus Network Security, Kerbnet, Kerberos and 1 more | 2026-04-16 | 5.0 MEDIUM | N/A |
| Kerberos 4 KDC program does not properly check for null termination of AUTH_MSG_KDC_REQUEST requests, which allows remote attackers to cause a denial of service via a malformed request. | |||||
| CVE-2006-2823 | 1 A.shopkart | 1 A.shopkart | 2026-04-16 | 5.0 MEDIUM | N/A |
| Katrien De Graeve a.shopKart 2.0 (aka ashopKart20) stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for (1) admin/scart.mdb and possibly (2) admin/scart97.mdb. | |||||
| CVE-2005-1227 | 1 Phprojekt | 1 Phprojekt | 2026-04-16 | 5.1 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in PHProjekt 4.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the chatroom text submission form. | |||||
| CVE-2003-0365 | 1 Icq Inc | 1 Icqlite | 2026-04-16 | 4.6 MEDIUM | N/A |
| ICQLite 2003a creates the ICQ Lite directory with an ACE for "Full Control" privileges for Interactive Users, which allows local users to gain privileges as other users by replacing the executables with malicious programs. | |||||
| CVE-2006-1020 | 1 Johnny Vegas | 1 Vegas Forum | 2026-04-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in forumlib.php in Johnny_Vegas Vegas Forum 1.0 allows remote attackers to execute arbitrary SQL commands via the postid parameter. | |||||
| CVE-2005-2079 | 1 Symantec Veritas | 1 Backup Exec | 2026-04-16 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in the Admin Plus Pack Option for VERITAS Backup Exec 9.0 through 10.0 for Windows Servers allows remote attackers to execute arbitrary code. | |||||
| CVE-2004-0103 | 1 Linley Henzell | 1 Crawl | 2026-04-16 | 4.6 MEDIUM | N/A |
| crawl before 4.0.0 beta23 does not properly "apply a size check" when copying a certain environment variable, which may allow local users to gain privileges, possibly as a result of a buffer overflow. | |||||
| CVE-2002-2302 | 1 3d3.com | 1 Shopfactory | 2026-04-16 | 6.4 MEDIUM | N/A |
| 3D3.Com ShopFactory 5.5 through 5.8 allows remote attackers to modify the prices in their shopping carts by modifying the price in a hidden form field. | |||||
| CVE-2006-2390 | 1 Ozjournals | 1 Ozjournals | 2026-04-16 | 5.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in OZJournals 1.2 allows remote attackers to inject arbitrary web script or HTML via the vname parameter in the comments functionality. | |||||
| CVE-2006-4651 | 1 Threesquared.net | 1 Php Download Script | 2026-04-16 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in download/index.php, and possibly download.php, in threesquared.net (aka Ben Speakman) Php download allows remote attackers to overwrite arbitrary local files via .. (dot dot) sequence in the file parameter. | |||||
| CVE-2003-0504 | 1 Phpgroupware | 1 Phpgroupware | 2026-04-16 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Phpgroupware 0.9.14.003 (aka webdistro) allow remote attackers to insert arbitrary HTML or web script, as demonstrated with a request to index.php in the addressbook module. | |||||
| CVE-2001-0444 | 1 Cisco | 1 Cbos | 2026-04-16 | 2.1 LOW | N/A |
| Cisco CBOS 2.3.0.053 sends output of the "sh nat" (aka "show nat") command to the terminal of the next user who attempts to connect to the router via telnet, which could allow that user to obtain sensitive information. | |||||