Total
29944 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2001-0887 | 2 Oliver Rauch, Redhat | 3 Xsane, Linux, Powertools | 2026-04-16 | N/A |
| xSANE 0.81 and earlier allows local users to modify files of other xSANE users via a symlink attack on temporary files. | ||||
| CVE-2002-1791 | 1 Sgi | 1 Irix | 2026-04-16 | N/A |
| SGI IRIX 6.5 through 6.5.17 creates temporary desktop files with world-writable permissions, which allows local users to overwrite or corrupt those files. | ||||
| CVE-2006-4837 | 1 Codeworx Technologies | 1 Dcp-portal | 2026-04-16 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in DCP-Portal SE 6.0 allow remote attackers to execute arbitrary PHP code via a URL in the root parameter in (1) library/lib.php and (2) library/editor/editor.php. NOTE: the same primary issue can be used for full path disclosure with an invalid parameter that reveals the installation path in an error message. | ||||
| CVE-2000-0909 | 1 University Of Washington | 1 Pine | 2026-04-16 | N/A |
| Buffer overflow in the automatic mail checking component of Pine 4.21 and earlier allows remote attackers to execute arbitrary commands via a long From: header. | ||||
| CVE-2000-0911 | 1 Horde | 1 Imp | 2026-04-16 | N/A |
| IMP 2.2 and earlier allows attackers to read and delete arbitrary files by modifying the attachment_name hidden form variable, which causes IMP to send the file to the attacker as an attachment. | ||||
| CVE-2002-1840 | 1 Irssi | 1 Irssi | 2026-04-16 | N/A |
| irssi IRC client 0.8.4, when downloaded after 14-March-2002, could contain a backdoor in the configuration file, which allows remote attackers to access the system. | ||||
| CVE-2002-1856 | 1 Hp | 1 Application Server | 2026-04-16 | N/A |
| HP Application Server 8.0, when running on Windows, allows remote attackers to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF directory with a trailing dot ("WEB-INF."). | ||||
| CVE-2006-4857 | 1 Clicktech | 1 Clickblog | 2026-04-16 | N/A |
| SQL injection vulnerability in default.asp (aka the login page) in ClickTech ClickBlog 2.0 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) form_codeword (aka the Password field) parameters. | ||||
| CVE-2006-0942 | 1 Pwsphp | 1 Pwsphp | 2026-04-16 | N/A |
| SQL injection vulnerability in profil.php in PwsPHP 1.2.3, and possibly earlier versions, allows remote attackers to execute arbitrary SQL commands via the aff_news_form parameter, a different vulnerability than CVE-2005-1509. | ||||
| CVE-2002-1881 | 1 Macromedia | 1 Flash Player | 2026-04-16 | N/A |
| Macromedia Flash Player 4.0 r12 through 6.0.47.0 allows remote attackers to cause a denial of service (web browser crash) via malformed content in a Flash Shockwave (.SWF) file, as demonstrated by by ROT13 encoding the body of the file but not the headers. | ||||
| CVE-2002-1885 | 1 Powerphlogger | 1 Powerphlogger | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in showhits.php3 for PowerPhlogger (PPhlogger) 2.0.9 through 2.2.2 allows remote attackers to execute arbitrary PHP code via the rel_path parameter. | ||||
| CVE-2000-0929 | 1 Microsoft | 1 Windows Media Player | 2026-04-16 | N/A |
| Microsoft Windows Media Player 7 allows attackers to cause a denial of service in RTF-enabled email clients via an embedded OCX control that is not closed properly, aka the "OCX Attachment" vulnerability. | ||||
| CVE-2002-1889 | 1 Logsurfer | 1 Logsurfer | 2026-04-16 | N/A |
| Off-by-one buffer overflow in the context_action function in context.c of Logsurfer 1.41 through 1.5a allows remote attackers to cause a denial of service (crash) via a malformed log entry. | ||||
| CVE-2001-0894 | 2 Redhat, Wietse Venema | 2 Powertools, Postfix | 2026-04-16 | N/A |
| Vulnerability in Postfix SMTP server before 20010228-pl07, when configured to email the postmaster when SMTP errors cause the session to terminate, allows remote attackers to cause a denial of service (memory exhaustion) by generating a large number of SMTP errors, which forces the SMTP session log to grow too large. | ||||
| CVE-2002-1892 | 1 Netgear | 1 Fvs318 | 2026-04-16 | N/A |
| NETGEAR FVS318 running firmware 1.1 stores the username and password in a readable format when a backup of the configuration file is made, which allows local users to obtain sensitive information. | ||||
| CVE-2002-1894 | 1 Phpbb Group | 1 Phpbb | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in viewtopic.php in phpBB 2.0.3 allows remote attackers to inject arbitrary web script or HTML via the highlight parameter. | ||||
| CVE-2002-1896 | 1 Alsaplayer | 1 Alsaplayer | 2026-04-16 | N/A |
| Buffer overflow in Alsaplayer 0.99.71, when installed setuid root, allows local users to execute arbitrary code via a long (1) -f or (2) -o command line argument. | ||||
| CVE-1999-0974 | 1 Sun | 2 Solaris, Sunos | 2026-04-16 | N/A |
| Buffer overflow in Solaris snoop allows remote attackers to gain root privileges via GETQUOTA requests to the rpc.rquotad service. | ||||
| CVE-2002-1900 | 1 Pinboard | 1 Pinboard | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Pinboard 1.0 allows remote attackers to inject arbitrary web script or HTML via tasklists. | ||||
| CVE-2000-0710 | 1 Microsoft | 1 Frontpage | 2026-04-16 | N/A |
| The shtml.exe component of Microsoft FrontPage 2000 Server Extensions 1.1 allows remote attackers to determine the physical path of the server components by requesting an invalid URL whose name includes a standard DOS device name. | ||||