Total
29947 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-1354 | 1 Typsoft | 1 Typsoft Ftp Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in TYPSoft FTP Server 0.99.8 allows local users to list the contents of arbitrary directories via a ... (dot dot dot) in the cd/CWD command. | ||||
| CVE-2006-4744 | 1 Abidia | 2 Abidia Wireless, O-anywhere | 2026-04-16 | N/A |
| Abidia (1) O-Anywhere and (2) Abidia Wireless transmit authentication credentials in cleartext, which allows remote attackers to obtain sensitive information by sniffing. | ||||
| CVE-2003-0228 | 1 Microsoft | 1 Windows Media Player | 2026-04-16 | N/A |
| Directory traversal vulnerability in Microsoft Windows Media Player 7.1 and Windows Media Player for Windows XP allows remote attackers to execute arbitrary code via a skins file with a URL containing hex-encoded backslash characters (%5C) that causes an executable to be placed in an arbitrary location. | ||||
| CVE-2005-2323 | 2 Class-1, Clever Copy | 2 Class-1 Forum, Clever Copy | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Class-1 Forum 0.24.4 and 0.23.2, and Clever Copy with forums installed, allow remote attackers to modify SQL statements via the (1) id parameter to viewattach.php, (2) viewuser_id parameter to users.php, or the (3) id or (4) forum parameter to viewforum.php. | ||||
| CVE-2005-2327 | 1 E107 | 1 E107 | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in e107 0.617 and earlier allows remote attackers to inject arbitrary web script or HTML via nested [url] BBCode tags. | ||||
| CVE-2005-4072 | 1 Cfmagic | 1 Magic Forum Personal | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in CFMagic Magic Forum Personal 2.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the Words parameter in search_forums.cfm, as used in the "Search For:" field. | ||||
| CVE-2004-1754 | 1 Symantec | 2 Enterprise Firewall, Gateway Security | 2026-04-16 | N/A |
| The DNS proxy (DNSd) for multiple Symantec Gateway Security products allows remote attackers to poison the DNS cache via a malicious DNS server query response that contains authoritative or additional records. | ||||
| CVE-2004-1836 | 1 Invision Power Services | 1 Invision Power Top Site List | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php in Invision Power Top Site List 1.1 RC 2 and earlier allows remote attackers to execute arbitrary SQL via the id parameter of the comments action. | ||||
| CVE-2005-1816 | 1 Invision Power Services | 1 Invision Board | 2026-04-16 | N/A |
| Invision Power Board (IPB) 1.0 through 2.0.4 allows non-root admins to add themselves or other users to the root admin group via the "Move users in this group to" screen. | ||||
| CVE-2003-0245 | 2 Apache, Redhat | 2 Http Server, Linux | 2026-04-16 | N/A |
| Vulnerability in the apr_psprintf function in the Apache Portable Runtime (APR) library for Apache 2.0.37 through 2.0.45 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long strings, as demonstrated using XML objects to mod_dav, and possibly other vectors. | ||||
| CVE-2006-1413 | 1 Htmljunction | 1 Ezhomepagepro | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in EZHomepagePro 1.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) adid or (2) aname parameter in (a) common/email.asp, (b) users/users_search.asp, or (c) users/users_profiles.asp; (3) page parameter in (d) users/users_calendar.asp; (4) usid parameter in (e) users/users_mgallery.asp; or (5) m parameter in (f) users/users_search.asp. | ||||
| CVE-2003-0247 | 1 Redhat | 2 Enterprise Linux, Linux | 2026-04-16 | N/A |
| Unknown vulnerability in the TTY layer of the Linux kernel 2.4 allows attackers to cause a denial of service ("kernel oops"). | ||||
| CVE-2003-0248 | 1 Redhat | 2 Enterprise Linux, Linux | 2026-04-16 | N/A |
| The mxcsr code in Linux kernel 2.4 allows attackers to modify CPU state registers via a malformed address. | ||||
| CVE-2003-0251 | 2 Nis, Redhat | 3 Ypserv Nis Server, Enterprise Linux, Linux | 2026-04-16 | N/A |
| ypserv NIS server before 2.7 allows remote attackers to cause a denial of service via a TCP client request that does not respond to the server, which causes ypserv to block. | ||||
| CVE-2005-2449 | 1 Sandbox | 1 Sandbox | 2026-04-16 | N/A |
| Race condition in sandbox before 1.2.11 allows local users to create or overwrite arbitrary files via symlink attack on sandboxpids.tmp. | ||||
| CVE-2005-4087 | 1 Sugarcrm | 1 Sugar Suite | 2026-04-16 | N/A |
| PHP remote file include vulnerability in acceptDecline.php in Sugar Suite Open Source Customer Relationship Management (SugarCRM) 4.0 beta and earlier allows remote attackers to execute arbitrary PHP code via a URL in the beanFiles array parameter. | ||||
| CVE-2005-2451 | 1 Cisco | 2 Ios, Ios Xr | 2026-04-16 | N/A |
| Cisco IOS 12.0 through 12.4 and IOS XR before 3.2, with IPv6 enabled, allows remote attackers on a local network segment to cause a denial of service (device reload) and possibly execute arbitrary code via a crafted IPv6 packet. | ||||
| CVE-2005-4088 | 1 W2b | 1 Phpforumpro | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php in phpForumPro 2.2 allows remote attackers to execute arbitrary SQL commands via the (1) parent and (2) day parameters. | ||||
| CVE-1999-0757 | 1 Allaire | 1 Coldfusion Server | 2026-04-16 | N/A |
| The ColdFusion CFCRYPT program for encrypting CFML templates has weak encryption, allowing attackers to decrypt the templates. | ||||
| CVE-2005-1924 | 1 Squirrelmail | 1 Gpg Plugin | 2026-04-16 | N/A |
| The G/PGP (GPG) Plugin 2.1 and earlier for Squirrelmail allow remote authenticated users to execute arbitrary commands via shell metacharacters in (1) the fpr parameter to the deleteKey function in gpg_keyring.php, as called by (a) import_key_file.php, (b) import_key_text.php, and (c) keyring_main.php; and (2) the keyserver parameter to the gpg_recv_key function in gpg_key_functions.php, as called by gpg_options.php. NOTE: this issue may overlap CVE-2007-3636. | ||||