Total
345786 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-1998 | 1 Francisco Burzi | 1 Php-nuke | 2026-04-16 | 5.0 MEDIUM | N/A |
| The Downloads module in Php-Nuke 6.x through 7.2 allows remote attackers to gain sensitive information via an invalid show parameter to modules.php, which reveals the full path in a PHP error message. | |||||
| CVE-2001-0522 | 1 Gnu | 1 Privacy Guard | 2026-04-16 | 7.5 HIGH | N/A |
| Format string vulnerability in Gnu Privacy Guard (aka GnuPG or gpg) 1.05 and earlier can allow an attacker to gain privileges via format strings in the original filename that is stored in an encrypted file. | |||||
| CVE-2003-0159 | 1 Ethereal Group | 1 Ethereal | 2026-04-16 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in the NTLMSSP code for Ethereal 0.9.9 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code. | |||||
| CVE-2003-1141 | 1 Network Instruments | 1 Niprint Lpd-lpr Print Server | 2026-04-16 | 7.5 HIGH | N/A |
| Buffer overflow in NIPrint 4.10 allows remote attackers to execute arbitrary code via a long string to TCP port 515. | |||||
| CVE-2002-1473 | 1 Hp | 1 Hp-ux | 2026-04-16 | 4.6 MEDIUM | N/A |
| Multiple buffer overflows in lp subsystem for HP-UX 10.20 through 11.11 (11i) allow local users to cause a denial of service and possibly execute arbitrary code. | |||||
| CVE-2006-0321 | 1 Fetchmail | 1 Fetchmail | 2026-04-16 | 5.0 MEDIUM | N/A |
| fetchmail 6.3.0 and other versions before 6.3.2 allows remote attackers to cause a denial of service (crash) via crafted e-mail messages that cause a free of an invalid pointer when fetchmail bounces the message to the originator or local postmaster. | |||||
| CVE-2000-0788 | 1 Microsoft | 2 Access, Word | 2026-04-16 | 10.0 HIGH | N/A |
| The Mail Merge tool in Microsoft Word does not prompt the user before executing Visual Basic (VBA) scripts in an Access database, which could allow an attacker to execute arbitrary commands. | |||||
| CVE-2005-0690 | 1 Gene6 | 1 G6 Ftp Server | 2026-04-16 | 2.1 LOW | N/A |
| Gene6 FTP Server does not properly restrict access to the control console, which allows local users to modify the server configuration and gain privileges, as demonstrated by defining a SITE command. | |||||
| CVE-2006-0753 | 1 Microsoft | 1 Ie | 2026-04-16 | 2.6 LOW | N/A |
| Memory leak in Microsoft Internet Explorer 6 for Windows XP Service Pack 2 allows remote attackers to cause a denial of service (memory consumption) via JavaScript that uses setInterval to repeatedly call a function to set the value of window.status. | |||||
| CVE-2006-0503 | 1 Mailenable | 1 Mailenable Professional | 2026-04-16 | 5.0 MEDIUM | N/A |
| IMAP service in MailEnable Professional Edition before 1.72 allows remote attackers to cause a denial of service (service crash) via unspecified vectors involving the EXAMINE command. | |||||
| CVE-2006-2141 | 1 Collaborative Portal Server Project | 1 Collaborative Portal Server | 2026-04-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in popup_image in Collaborative Portal Server (CPS) 3.4.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the pos argument. | |||||
| CVE-2006-1909 | 1 Coppermine | 1 Coppermine Photo Gallery | 2026-04-16 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in Coppermine 1.4.4 allows remote attackers to read arbitrary files via a .//./ (modified dot dot slash) in the file parameter, which causes a regular expression to collapse the sequences into standard "../" sequences. | |||||
| CVE-2004-1359 | 1 Sun | 2 Solaris, Sunos | 2026-04-16 | 4.6 MEDIUM | N/A |
| Multiple buffer overflows in uucp for Sun Solaris 2.6, 7, 8, and 9 allow local users to execute arbitrary code as the uucp user. | |||||
| CVE-2003-0837 | 1 Ibm | 1 Db2 Universal Database | 2026-04-16 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in IBM DB2 Universal Data Base 7.2 for Windows, before Fixpak 10a, allows attackers with "Connect" privileges to execute arbitrary code via the INVOKE command. | |||||
| CVE-2003-1090 | 1 Celestial Software | 1 Absolutetelnet | 2026-04-16 | 10.0 HIGH | N/A |
| Buffer overflow in AbsoluteTelnet before 2.12 RC10 allows remote attackers to execute arbitrary code via a long window title. | |||||
| CVE-2005-3329 | 1 Rsa | 1 Authentication Agent For Web | 2026-04-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in RSA Authentication Agent for Web 5.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the image parameter in a GetPic operation. | |||||
| CVE-2005-3274 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2026-04-16 | 1.2 LOW | 4.7 MEDIUM |
| Race condition in ip_vs_conn_flush in Linux 2.6 before 2.6.13 and 2.4 before 2.4.32-pre2, when running on SMP systems, allows local users to cause a denial of service (null dereference) by causing a connection timer to expire while the connection table is being flushed before the appropriate lock is acquired. | |||||
| CVE-2000-1039 | 1 Microsoft | 5 Windows 95, Windows 98, Windows 98se and 2 more | 2026-04-16 | 5.0 MEDIUM | N/A |
| Various TCP/IP stacks and network applications allow remote attackers to cause a denial of service by flooding a target host with TCP connection attempts and completing the TCP/IP handshake without maintaining the connection state on the attacker host, aka the "NAPTHA" class of vulnerabilities. NOTE: this candidate may change significantly as the security community discusses the technical nature of NAPTHA and learns more about the affected applications. This candidate is at a higher level of abstraction than is typical for CVE. | |||||
| CVE-2003-0495 | 1 Ledscripts.com | 1 Lednews | 2026-04-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in LedNews 0.7 allows remote attackers to insert arbitrary web script via a news item. | |||||
| CVE-2005-3759 | 1 Horde | 1 Horde | 2026-04-16 | 5.8 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Horde before 3.0.7 allow remote attackers to inject arbitrary web script or HTML via the (1) gzip/tar and (2) css MIME viewers, which do not filter or escape dangerous HTML when extracting and displaying attachments. | |||||