Total
29944 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-0408 | 1 Lotus | 1 Domino | 2026-04-16 | N/A |
| htcgibin.exe in Lotus Domino server 5.0.9a and earlier, when configured with the NoBanner setting, allows remote attackers to determine the version number of the server via a request that generates an HTTP 500 error code, which leaks the version in a hard-coded error message. | ||||
| CVE-2005-2637 | 1 Phpfreenews | 1 Phpfreenews | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in PHPFreeNews 1.40 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) Match or (2) CatID parameter to SearchResults.php, or (3) the password to AccessControl.php. | ||||
| CVE-2005-2903 | 1 Eset Software | 1 Nod32 Antivirus | 2026-04-16 | N/A |
| Heap-based buffer overflow in NOD32 2.5 with nod32.002 1.033 build 1127, with active scanning enabled, allows remote attackers to execute arbitrary code via an ARJ archive containing a file with a long filename. | ||||
| CVE-2005-2646 | 1 Xerox | 20 Document Centre 220, Document Centre 230, Document Centre 240 and 17 more | 2026-04-16 | N/A |
| Unknown vulnerability in Xerox MicroServer Web Server in Document Centre 220 through 265, 332 and 340, 420 through 490, and 535 through 555 allows remote attackers to cause a denial of service or read files via unknown vectors involving crafted HTTP requests. | ||||
| CVE-2002-0434 | 1 Marcus S. Xenakis | 1 Directory.php | 2026-04-16 | N/A |
| Marcus S. Xenakis directory.php script allows remote attackers to execute arbitrary commands via shell metacharacters in the dir parameter. | ||||
| CVE-2005-2647 | 1 Xerox | 7 Document Centre 265, Document Centre 332, Document Centre 340 and 4 more | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Xerox MicroServer Web Server in Document Centre 220 through 265, 332 and 340, 420 through 490, and 535 through 555 allows remote attackers to inject arbitrary web script or HTML and modify web pages via unknown vectors. | ||||
| CVE-2002-0455 | 1 Incredimail | 1 Incredimail | 2026-04-16 | N/A |
| IncrediMail stores attachments in a directory with a fixed name, which could make it easier for attackers to exploit vulnerabilities in other software that rely on installing and reading files from directories with known pathnames. | ||||
| CVE-2005-2650 | 1 Emefa | 1 Emefa Guestbook | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in sign.asp in Emefa Guestbook 1.2 allows remote attackers to inject arbitrary web script or HTML via the (1) name, (2) location, and (3) email parameters. | ||||
| CVE-2002-0465 | 1 Hosting Controller | 1 Hosting Controller | 2026-04-16 | N/A |
| Directory traversal vulnerability in filemanager.asp for Hosting Controller 1.4.1 and earlier allows remote attackers to read and modify arbitrary files, and execute commands, via a .. (dot dot) in the OpenPath parameter. | ||||
| CVE-2005-2652 | 1 Phpoutsourcing | 1 Zorum | 2026-04-16 | N/A |
| Zorum 3.5 allows remote attackers to obtain the full installation path via direct requests to (1) gorum/notification.php, (2) user.php, (3) attach.php, (4) blacklist.php, (5) zorum/forum.php, (6) globalstat.php, (7) gorum/trace.php, (8) gorum/badwords.php, or (9) gorum/flood.php. | ||||
| CVE-2006-3189 | 1 Hotplug Cms | 1 Hotplug Cms | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in administration/tblcontent/login1.php in HotPlug CMS 1.0 allows remote attackers to inject arbitrary web script or HTML via the msg parameter. | ||||
| CVE-2005-3684 | 1 Freeftpd | 1 Freeftpd | 2026-04-16 | N/A |
| Multiple buffer overflows in freeFTPd 1.0.8, without logging enabled, allow remote authenticated attackers to cause a denial of service (application crash), and possibly execute arbitrary code, via long (1) MKD and (2) DELE commands. | ||||
| CVE-2002-0480 | 1 Iss | 1 Realsecure Nokia | 2026-04-16 | N/A |
| ISS RealSecure for Nokia devices before IPSO build 6.0.2001.141d is configured to allow a user "skank" on a machine "starscream" to become a key manager when the "first time connection" feature is enabled and before any legitimate administrators have connected, which could allow remote attackers to gain access to the device during installation. | ||||
| CVE-2002-0504 | 1 Citrix | 1 Nfuse | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in Citrix NFuse 1.6 and earlier does not quote results from the getLastError method, which allows remote attackers to execute script in other clients via the NFuse_Application parameter to (1) launch.jsp or (2) launch.asp. | ||||
| CVE-2002-0501 | 1 Posadis | 1 Posadis | 2026-04-16 | N/A |
| Format string vulnerability in log_print() function of Posadis DNS server before version m5pre2 allows local users and possibly remote attackers to execute arbitrary code via format strings that are inserted into logging messages. | ||||
| CVE-2002-0517 | 1 Caldera | 2 Openunix, Unixware | 2026-04-16 | N/A |
| Buffer overflow in X11 library (libX11) on Caldera Open UNIX 8.0.0, UnixWare 7.1.1, and possibly other operating systems, allows local users to gain root privileges via a long -xrm argument to programs such as (1) dtterm or (2) xterm. | ||||
| CVE-2002-0503 | 1 Citrix | 1 Nfuse | 2026-04-16 | N/A |
| Directory traversal vulnerability in boilerplate.asp for Citrix NFuse 1.5 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the NFuse_Template parameter. | ||||
| CVE-2005-2660 | 1 Apachetop | 1 Apachetop | 2026-04-16 | N/A |
| apachetop 0.12.5 and earlier, when running in debug mode, allows local users to create or append to arbitrary files via a symlink attack on atop.debug. | ||||
| CVE-2005-3685 | 1 Virtual Programming | 1 Vp-asp | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in shopadmin.asp in VP-ASP Shopping Cart 5.50 allows remote attackers to inject arbitrary web script or HTML via the UserName parameter. | ||||
| CVE-2005-2664 | 1 Whisper32 | 1 Whisper32 | 2026-04-16 | N/A |
| Whisper 32 1.16, and possibly earlier versions, stores passwords in plaintext in memory, which allows local users to obtain the password using a debugger or another mechanism to read process memory. | ||||