Total
29944 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-1598 | 1 Adobe | 2 Acrobat, Acrobat Reader | 2026-04-16 | N/A |
| Adobe Acrobat and Acrobat Reader 6.0 allow remote attackers to read arbitrary files via a PDF file that contains an embedded Shockwave (swf) file that references files outside of the temporary directory. | ||||
| CVE-2004-1607 | 2 Best Software, Saleslogix Corporation | 2 Saleslogix, Saleslogix | 2026-04-16 | N/A |
| slxweb.dll in SalesLogix 6.1 allows remote attackers to obtain sensitive information via a (1) Library or (2) Attachment request with an invalid file parameter, which reveals the path in an error message. | ||||
| CVE-2004-2607 | 1 Linux | 1 Linux Kernel | 2026-04-16 | N/A |
| A numeric casting discrepancy in sdla_xfer in Linux kernel 2.6.x up to 2.6.5 and 2.4 up to 2.4.29-rc1 allows local users to read portions of kernel memory via a large len argument, which is received as an int but cast to a short, which prevents a read loop from filling a buffer. | ||||
| CVE-2004-1609 | 2 Best Software, Saleslogix Corporation | 2 Saleslogix, Saleslogix | 2026-04-16 | N/A |
| SalesLogix 6.1 includes usernames, passwords, and other sensitive information in the headers of an HTTP response, which could allow remote attackers to gain access. | ||||
| CVE-2004-1657 | 1 Newtelligence | 1 Dasblog | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the Activity and Events Viewer for Newtelligence DasBlog allows remote attackers to inject arbitrary web script or HTML via the (1) User Agent or (2) Referrer HTTP headers. | ||||
| CVE-2004-1662 | 1 Yabb | 1 Yabb | 2026-04-16 | N/A |
| YaBB SE 1.5.1 allows remote attackers to obtain sensitive information via a direct HTTP request to Admin.php, which reveals the full path in a PHP error message. | ||||
| CVE-2000-1194 | 1 Argosoft | 1 Ftp Server | 2026-04-16 | N/A |
| Argosoft FRP server 1.0 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long string to the (1) USER or (2) CWD commands. | ||||
| CVE-2000-1195 | 1 Caldera | 2 Openlinux Edesktop, Openlinux Eserver | 2026-04-16 | N/A |
| telnet daemon (telnetd) from the Linux netkit package before netkit-telnet-0.16 allows remote attackers to bypass authentication when telnetd is running with the -L command line option. | ||||
| CVE-2000-1197 | 1 University Of Washington | 1 Imap | 2026-04-16 | N/A |
| POP2 or POP3 server (pop3d) in imap-uw IMAP package on FreeBSD and other operating systems creates lock files with predictable names, which allows local users to cause a denial of service (lack of mail access) for other users by creating lock files for other mail boxes. | ||||
| CVE-2004-1665 | 1 Psnews | 1 Psnews | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in PsNews 1.1 allows remote attackers to inject arbitrary web script or HTML via the no parameter. | ||||
| CVE-2004-1673 | 1 Icewarp | 1 Web Mail | 2026-04-16 | N/A |
| accountsettings_add.html in Merak Mail Server 7.4.5 with Icewarp Web Mail 5.2.7 and possibly other versions allow remote attackers to create text files with arbitrary content via the accountid parameter. | ||||
| CVE-2002-0335 | 1 Galacticomm Technologies | 2 Worldgroup, Worldgroup Lite Personal Server | 2026-04-16 | N/A |
| Buffer overflow in Galacticomm Worldgroup web server 3.20 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long HTTP GET request. | ||||
| CVE-2006-1795 | 1 Updi Network Enterprise | 1 At1 Event Publisher | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in tablepublisher.cgi in UPDI Network Enterprise @1 Table Publisher 2006-03-23 allows remote attackers to inject arbitrary web script or HTML via the Title of Table field. | ||||
| CVE-2006-1810 | 1 Flexbb | 1 Flexbb | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in FlexBB 0.5.5 BETA allow remote attackers to inject arbitrary web script or HTML via the (1) ICQ, (2) AIM, (3) MSN, (4) Google Talk, (5) Website Name, (6) Website Address, (7) Email Address, (8) Location, (9) Signature, and (10) Sub-Titles fields in the user profile. | ||||
| CVE-2006-1818 | 1 The War Forge | 1 Warforge.news | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in warforge.NEWS 1.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly including the (1) first_name and (2) last_name parameter in myaccounts.php. NOTE: portions of these details were obtained from third party sources instead of the original disclosure. | ||||
| CVE-2006-1832 | 1 Coder-world | 1 Sysinfo | 2026-04-16 | N/A |
| sysinfo.cgi in sysinfo 1.21 allows remote attackers to obtain the installation path via the debugger action. | ||||
| CVE-2006-1835 | 1 Vincent Hor | 2 Calendarix, Calendarix Advanced | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in yearcal.php in Calendarix allows remote attackers to inject arbitrary web script or HTML via the ycyear parameter. | ||||
| CVE-2006-1853 | 1 Moderngigabyte | 1 Modernbill | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in ModernBill 4.3.2 and earlier allow remote attackers or administrators to execute arbitrary SQL commands via the (1) id parameter in (a) user.php, or (2) where and (3) order parameters to (b) admin.php. | ||||
| CVE-2006-1884 | 3 Jdedwards, Oneworld, Oracle | 12 Enterpriseone Tools, Oneworld Tools, Application Server and 9 more | 2026-04-16 | N/A |
| Unspecified vulnerability in the Oracle Thesaurus Management System component in Oracle E-Business Suite and OPA 4.5.2 Applications has unknown impact and attack vectors, aka Vuln# OPA01. | ||||
| CVE-2006-1913 | 1 Jax Scripts | 1 Jax Guestbook | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in jax_guestbook.php in Jax Guestbook 3.1, 3.31, and 3.50 allows remote attackers to inject arbitrary web script or HTML via the page parameter. | ||||