Total
29926 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-1999-1285 | 1 Linux | 1 Linux Kernel | 2026-04-16 | N/A |
| Linux 2.1.132 and earlier allows local users to cause a denial of service (resource exhaustion) by reading a large buffer from a random device (e.g. /dev/urandom), which cannot be interrupted until the read has completed. | ||||
| CVE-2005-1883 | 1 Yapig | 1 Yapig | 2026-04-16 | N/A |
| global.php in YaPiG 0.92b allows remote attackers to include arbitrary local files via the BASE_DIR parameter. | ||||
| CVE-2002-0542 | 1 Openbsd | 1 Openbsd | 2026-04-16 | N/A |
| mail in OpenBSD 2.9 and 3.0 processes a tilde (~) escape character in a message even when it is not in interactive mode, which could allow local users to gain root privileges via calls to mail in cron. | ||||
| CVE-2006-3752 | 1 Professional Home Page Tools | 1 Professional Home Page Tools Guestbook | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in class.php in Professional Home Page Tools Guestbook allow remote attackers to execute arbitrary SQL commands via the (1) hidemail, (2) name, (3) mail, (4) ip, or (5) text parameters. | ||||
| CVE-2002-0556 | 1 Deep Forest Software | 1 Quik-serv Webserver | 2026-04-16 | N/A |
| Directory traversal vulnerability in Quik-Serv HTTP server 1.1B allows remote attackers to read arbitrary files via a .. (dot dot) in a URL. | ||||
| CVE-2005-1893 | 1 Flatnuke | 1 Flatnuke | 2026-04-16 | N/A |
| FlatNuke 2.5.3 allows remote attackers to obtain sensitive information via invalid parameters to certain scripts, which leaks the web document root in an error message. | ||||
| CVE-1999-1289 | 1 Mirabilis | 1 Icq | 2026-04-16 | N/A |
| ICQ 98 beta on Windows NT leaks the internal IP address of a client in the TCP data segment of an ICQ packet instead of the public address (e.g. through NAT), which provides remote attackers with potentially sensitive information about the client or the internal network configuration. | ||||
| CVE-2002-0577 | 1 Hp | 1 Hp-ux | 2026-04-16 | N/A |
| Vulnerability in passwd for HP-UX 11.00 and 11.11 allows local users to corrupt the password file and cause a denial of service. | ||||
| CVE-2006-3758 | 1 Mybulletinboard | 1 Mybulletinboard | 2026-04-16 | N/A |
| inc/init.php in Archive Mode (Light) in MyBB (aka MyBulletinBoard) 1.1.4 calls the extract function with EXTR_OVERWRITE on HTTP POST and GET variables, which allows remote attackers to overwrite arbitrary variables, as demonstrated via an SQL injection using the _SERVER[HTTP_CLIENT_IP] parameter in archive/index.php. | ||||
| CVE-1999-1293 | 1 Apache | 1 Http Server | 2026-04-16 | N/A |
| mod_proxy in Apache 1.2.5 and earlier allows remote attackers to cause a denial of service via malformed FTP commands, which causes Apache to dump core. | ||||
| CVE-2005-1914 | 1 Centericq | 1 Centericq | 2026-04-16 | N/A |
| CenterICQ 4.20.0 and earlier creates temporary files with predictable file names, which allows local users to overwrite arbitrary files via a symlink attack on the gg.token.PID temporary file. | ||||
| CVE-2001-0118 | 3 Immunix, Mandrakesoft, Redhat | 3 Immunix, Mandrake Linux, Linux | 2026-04-16 | N/A |
| rdist 6.1.5 allows local users to overwrite arbitrary files via a symlink attack. | ||||
| CVE-2006-3767 | 1 Darrens 5-dollar Script Archive | 1 Osdate | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in showprofile.php in Darren's $5 Script Archive osDate 1.1.7 and earlier allows remote attackers to inject arbitrary web script or HTML via the onerror attribute in an HTML IMG tag with a non-existent source file in txtcomment parameter, which is used when posting a comment. | ||||
| CVE-1999-1299 | 2 Redhat, Slackware | 2 Linux, Slackware Linux | 2026-04-16 | N/A |
| rcp on various Linux systems including Red Hat 4.0 allows a "nobody" user or other user with UID of 65535 to overwrite arbitrary files, since 65535 is interpreted as -1 by chown and other system calls, which causes the calls to fail to modify the ownership of the file. | ||||
| CVE-2002-0627 | 1 Polycom | 8 Viewstation 128, Viewstation 512, Viewstation Dcp and 5 more | 2026-04-16 | N/A |
| The Web server for Polycom ViewStation before 7.2.4 allows remote attackers to bypass authentication and read files via Unicode encoded requests. | ||||
| CVE-1999-1334 | 1 Elm Development Group | 1 Elm | 2026-04-16 | N/A |
| Multiple buffer overflows in filter command in Elm 2.4 allows attackers to execute arbitrary commands via (1) long From: headers, (2) long Reply-To: headers, or (3) via a long -f (filterfile) command line argument. | ||||
| CVE-2001-0123 | 1 Extropia | 1 Bbs Forum.cgi | 2026-04-16 | N/A |
| Directory traversal vulnerability in eXtropia bbs_forum.cgi 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) attack on the file parameter. | ||||
| CVE-2005-2027 | 1 Enterasys | 1 Vertical Horizon-2402s | 2026-04-16 | N/A |
| Enterasys Vertical Horizon VH-2402S before firmware 2.05.05.09 does not properly restrict certain debugging commands to the ADMIN account, which could allow attackers to obtain sensitive information or modify the registry. | ||||
| CVE-2006-3783 | 1 Sun | 1 Solaris | 2026-04-16 | N/A |
| Sun Solaris 10 allows local users to cause a denial of service (panic) via unspecified vectors involving (1) the /net mount point and (2) the "-hosts" map in a mount point. | ||||
| CVE-2005-2044 | 1 Adaptive Technology Resource Centre | 1 Atutor | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in ATutor 1.4.3 and 1.5 RC 1 allow remote attackers to inject arbitrary web script or HTML via the (1) show_course parameter to browse.php, (2) subject parameter to contact.php, (3) cid parameter to content.php, (4) l parameter to inbox/send_message.php, the (5) search, (6) words, (7) include, (8) find_in, (9) display_as, or (10) search parameter to search.php, the (11) submit, (12) query, or (13) field parameter to tile.php, the (14) us parameter to forum/subscribe_forum.php, or the (15) roles[], (16) status, (17) submit, or (18) reset_filter parameters to directory.php. | ||||