Total
29944 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-1310 | 1 Mplayer | 1 Mplayer | 2026-04-16 | N/A |
| Stack-based buffer overflow in the asf_mmst_streaming.c functionality for MPlayer 1.0pre5 allows remote attackers to execute arbitrary code via a large MMST stream packet. | ||||
| CVE-2004-1350 | 1 Sun | 1 Java System Web Proxy Server | 2026-04-16 | N/A |
| Multiple buffer overflows in Sun Java System Web Proxy Server (formerly Sun ONE Proxy Server) 3.6 through 3.6 SP4 allow remote attackers to execute arbitrary code via unknown vectors, possibly CONNECT requests. | ||||
| CVE-2005-2421 | 1 Beehive Forum | 1 Beehive Forum | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in index.php and other pages in Beehive Forum allow remote attackers to execute arbitrary SQL commands via the webtag parameter. | ||||
| CVE-1999-0735 | 1 Kde | 1 K-mail | 2026-04-16 | N/A |
| KDE K-Mail allows local users to gain privileges via a symlink attack in temporary user directories. | ||||
| CVE-2001-1208 | 1 Daydream | 1 Daydream Bbs | 2026-04-16 | N/A |
| Format string vulnerability in DayDream BBS allows remote attackers to execute arbitrary code via format string specifiers in a file containing a ~#RA control code. | ||||
| CVE-2002-0315 | 3 Fasttrack, Grokster, Music City Networks | 3 Kazaa, Grokster, Morpheus | 2026-04-16 | N/A |
| fasttrack p2p, as used in (1) KaZaA, (2) grokster, and (3) morpheus allows remote attackers to spoof other users by modifying the username and network information in the message header. | ||||
| CVE-2006-3795 | 1 Deluxebb | 1 Deluxebb | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in DeluxeBB before 1.08 allow remote attackers to inject arbitrary web script or HTML via the (1) membercookie cookie in header.php and the (2) redirect parameter in misc.php. | ||||
| CVE-1999-0743 | 1 Debian | 1 Debian Linux | 2026-04-16 | N/A |
| Trn allows local users to overwrite other users' files via symlinks. | ||||
| CVE-2001-1209 | 1 Abe Timmerman | 1 Zml.cgi | 2026-04-16 | N/A |
| Directory traversal vulnerability in zml.cgi allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | ||||
| CVE-2002-0316 | 1 Xmb Software | 1 Xmb Forum | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in eXtreme message board (XMB) 1.6x and earlier allows remote attackers to execute script as other XMB users by inserting the script into an IMG tag. | ||||
| CVE-2004-1362 | 1 Oracle | 9 Application Server, Collaboration Suite, E-business Suite and 6 more | 2026-04-16 | N/A |
| The PL/SQL module for the Oracle HTTP Server in Oracle Application Server 10g, when using the WE8ISO8859P1 character set, does not perform character conversions properly, which allows remote attackers to bypass access restrictions for certain procedures via an encoded URL with "%FF" encoded sequences that are improperly converted to "Y" characters. | ||||
| CVE-2005-1282 | 1 Argosoft | 1 Argosoft Mail Server | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Argosoft Mail Server Pro 1.8.7.6 allow remote attackers to inject arbitrary web script or HTML via (1) the src parameter in an IMG tag, (2) User settings, or (3) Address book input boxes in the webmail interface. | ||||
| CVE-2005-2104 | 1 Redhat | 2 Enterprise Linux, Sysreport | 2026-04-16 | N/A |
| sysreport before 1.3.7 allows local users to obtain sensitive information via a symlink attack on a temporary directory. | ||||
| CVE-2006-0059 | 1 Livedata | 1 Iccp Server | 2026-04-16 | N/A |
| Heap-based buffer overflow in the ISO Transport Service over TCP (RFC 1006) implementation of LiveData ICCP Server before 5.00.035 allows remote attackers to cause a denial of service or execute arbitrary code via malformed packets. | ||||
| CVE-1999-0746 | 2 Slackware, Suse | 2 Slackware Linux, Suse Linux | 2026-04-16 | N/A |
| A default configuration of in.identd in SuSE Linux waits 120 seconds between requests, allowing a remote attacker to conduct a denial of service. | ||||
| CVE-2004-1458 | 1 Cisco | 2 Secure Access Control Server, Secure Acs Solution Engine | 2026-04-16 | N/A |
| The CSAdmin web administration interface for Cisco Secure Access Control Server (ACS) 3.2(2) build 15 allows remote attackers to cause a denial of service (hang) via a flood of TCP connections to port 2002. | ||||
| CVE-2005-3514 | 1 Chipmunk Scripts | 1 Chipmunk Forum | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Chipmunk Forum script allow remote attackers to inject arbitrary web script or HTML via the forumID parameter to (1) newtopic.php, (2) quote.php, (3) index.php, and (4) reply.php. | ||||
| CVE-2006-0084 | 1 Rasmp | 1 Rasmp | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in index.php in raSMP 2.0.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the $_SERVER[HTTP_USER_AGENT] variable (User-Agent header). | ||||
| CVE-2006-3820 | 1 Gerrit Van Aaken | 1 Loudblog | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in loudblog/index.php in Loudblog before 0.5 allows remote attackers to inject arbitrary web script or HTML via the page parameter. | ||||
| CVE-2006-0096 | 1 Linux | 1 Linux Kernel | 2026-04-16 | N/A |
| wan/sdla.c in Linux kernel 2.6.x before 2.6.11 and 2.4.x before 2.4.29 does not require the CAP_SYS_RAWIO privilege for an SDLA firmware upgrade, with unknown impact and local attack vectors. NOTE: further investigation suggests that this issue requires root privileges to exploit, since it is protected by CAP_NET_ADMIN; thus it might not be a vulnerability, although capabilities provide finer distinctions between privilege levels. | ||||