Total
29945 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2000-1239 | 1 Ibm | 1 Tivoli Management Framework | 2026-04-16 | N/A |
| The HTTP interface of Tivoli Lightweight Client Framework (LCF) in IBM Tivoli Management Framework 3.7.1 sets http_disable to zero at install time, which allows remote authenticated users to bypass file permissions on Tivoli Endpoint Configuration data files via an unspecified manipulation of log files. | ||||
| CVE-2005-1585 | 1 Open Solution | 1 Quick.forum | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Quick.Forum 2.1.6 allow remote attackers to execute arbitrary SQL commands via the (1) iCategory or (2) page parameter to index.php, or (3) iCategory parameter in the query string to the forum directory. | ||||
| CVE-1999-1232 | 1 Sgi | 1 Irix | 2026-04-16 | N/A |
| Untrusted search path vulnerability in day5datacopier in SGI IRIX 6.2 allows local users to execute arbitrary commands via a modified PATH environment variable that points to a malicious cp program. | ||||
| CVE-2001-0100 | 1 Brian Stanback | 1 Bslist.cgi | 2026-04-16 | N/A |
| bslist.cgi mailing list script allows remote attackers to execute arbitrary commands via shell metacharacters in the email address. | ||||
| CVE-2000-1240 | 1 Anyportal Php | 1 Anyportal Php | 2026-04-16 | N/A |
| Unspecified vulnerability in siteman.php3 in AnyPortal(php) before 22 APR 00 allows remote attackers to obtain sensitive information via unknown attack vectors, which reveal the absolute path. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | ||||
| CVE-2005-1590 | 1 Altiris | 2 Client Service, Deployment Solution | 2026-04-16 | N/A |
| The Altiris Client Service for Windows (ACLIENT.EXE) 6.0.88 allows local users to disable password protection and access the administrative interface by finding and showing the "Altiris Client Service" hidden window, disabling the password protection, disabling the "Hide client tray icon box" option, then opening the AClient tray icon and using the View Log File option, a different vulnerability than CVE-2004-2070. | ||||
| CVE-2005-1593 | 1 Codethat | 1 Shoppingcart | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in catalog.php for CodeThat ShoppingCart 1.3.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter. | ||||
| CVE-2006-3704 | 1 Oracle | 1 Database Server | 2026-04-16 | N/A |
| Unspecified vulnerability in the Oracle ODBC Driver for Oracle Database 10.1.0.4 has unknown impact and attack vectors, aka Oracle Vuln# 10.1.0.4. | ||||
| CVE-1999-1240 | 1 Gracenote | 1 Cddbd | 2026-04-16 | N/A |
| Buffer overflow in cddbd CD database server allows remote attackers to execute arbitrary commands via a long log message. | ||||
| CVE-2001-0108 | 3 Mandrakesoft, Php, Redhat | 3 Mandrake Linux, Php, Linux | 2026-04-16 | N/A |
| PHP Apache module 4.0.4 and earlier allows remote attackers to bypass .htaccess access restrictions via a malformed HTTP request on an unrestricted page that causes PHP to use those access controls on the next page that is requested. | ||||
| CVE-2006-3708 | 1 Oracle | 1 Application Server | 2026-04-16 | N/A |
| Unspecified vulnerability in OC4J for Oracle Application Server 9.0.2.3, 9.0.3.1, 9.0.4.2, 10.1.2.0.2, and 10.1.2.1 has unknown impact and attack vectors, aka Oracle Vuln# AS03. | ||||
| CVE-1999-1241 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| Internet Explorer, with a security setting below Medium, allows remote attackers to execute arbitrary commands via a malicious web page that uses the FileSystemObject ActiveX object. | ||||
| CVE-2001-0109 | 1 Suse | 1 Suse Linux | 2026-04-16 | N/A |
| rctab in SuSE 7.0 and earlier allows local users to create or overwrite arbitrary files via a symlink attack on the rctmp temporary file. | ||||
| CVE-2002-0421 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| IIS 4.0 allows local users to bypass the "User cannot change password" policy for Windows NT by directly calling .htr password changing programs in the /iisadmpwd directory, including (1) aexp2.htr, (2) aexp2b.htr, (3) aexp3.htr , or (4) aexp4.htr. | ||||
| CVE-1999-1246 | 1 Microsoft | 1 Site Server | 2026-04-16 | N/A |
| Direct Mailer feature in Microsoft Site Server 3.0 saves user domain names and passwords in plaintext in the TMLBQueue network share, which has insecure default permissions, allowing remote attackers to read the passwords and gain privileges. | ||||
| CVE-2001-0111 | 2 Debian, Sam Lantinga | 2 Debian Linux, Splitvt | 2026-04-16 | N/A |
| Format string vulnerability in splitvt before 1.6.5 allows local users to execute arbitrary commands via the -rcfile command line argument. | ||||
| CVE-2002-0427 | 1 Christof Pohl | 1 Improved Mod Frontpage | 2026-04-16 | N/A |
| Buffer overflows in fpexec in mod_frontpage before 1.6.1 may allow attackers to gain root privileges. | ||||
| CVE-2005-1678 | 1 Groove | 2 Groove Workspace, Virtual Office | 2026-04-16 | N/A |
| Groove Virtual Office before 3.1 build 2338, before 3.1a build 2364, and Groove Workspace before 2.5n build 1871 does not properly display file extensions on attached or embedded files in a compound document, which may allow remote attackers to trick users into executing malicious code. | ||||
| CVE-2006-3710 | 1 Oracle | 1 Application Server | 2026-04-16 | N/A |
| Unspecified vulnerability in OC4J for Oracle Application Server 9.0.2.3, 9.0.3.1, 9.0.4.2, and 10.1.2.0.0 has unknown impact and attack vectors, aka Oracle Vuln# (1) AS05 and (2) AS08. | ||||
| CVE-2001-0112 | 2 Debian, Sam Lantinga | 2 Debian Linux, Splitvt | 2026-04-16 | N/A |
| Multiple buffer overflows in splitvt before 1.6.5 allow local users to execute arbitrary commands. | ||||