Total
29944 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-1887 | 1 Sun | 1 Solaris | 2026-04-16 | N/A |
| Unknown vulnerability in the Sun Solaris C library (libc and libproject) in Solaris 10 allows local users to gain privileges. | ||||
| CVE-2002-0568 | 1 Oracle | 3 Application Server, Oracle8i, Oracle9i | 2026-04-16 | N/A |
| Oracle 9i Application Server stores XSQL and SOAP configuration files insecurely, which allows local users to obtain sensitive information including usernames and passwords by requesting (1) XSQLConfig.xml or (2) soapConfig.xml through a virtual directory. | ||||
| CVE-1999-1289 | 1 Mirabilis | 1 Icq | 2026-04-16 | N/A |
| ICQ 98 beta on Windows NT leaks the internal IP address of a client in the TCP data segment of an ICQ packet instead of the public address (e.g. through NAT), which provides remote attackers with potentially sensitive information about the client or the internal network configuration. | ||||
| CVE-2005-1898 | 1 Phpthumb | 1 Phpthumb | 2026-04-16 | N/A |
| The passthrough functionality in phpThumb.php in phpThumb() before 1.5.4 allows remote attackers to read files that are not images. | ||||
| CVE-2002-0578 | 1 Aci | 1 4d Webserver | 2026-04-16 | N/A |
| Buffer overflow in 4D WebServer 6.7.3 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an HTTP request with Basic Authentication containing a long (1) user name or (2) password. | ||||
| CVE-1999-1293 | 1 Apache | 1 Http Server | 2026-04-16 | N/A |
| mod_proxy in Apache 1.2.5 and earlier allows remote attackers to cause a denial of service via malformed FTP commands, which causes Apache to dump core. | ||||
| CVE-2006-3758 | 1 Mybulletinboard | 1 Mybulletinboard | 2026-04-16 | N/A |
| inc/init.php in Archive Mode (Light) in MyBB (aka MyBulletinBoard) 1.1.4 calls the extract function with EXTR_OVERWRITE on HTTP POST and GET variables, which allows remote attackers to overwrite arbitrary variables, as demonstrated via an SQL injection using the _SERVER[HTTP_CLIENT_IP] parameter in archive/index.php. | ||||
| CVE-2006-3760 | 1 Mybulletinboard | 1 Mybulletinboard | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in MyBB (aka MyBulletinBoard) 1.1.4 allow remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2005-1914 | 1 Centericq | 1 Centericq | 2026-04-16 | N/A |
| CenterICQ 4.20.0 and earlier creates temporary files with predictable file names, which allows local users to overwrite arbitrary files via a symlink attack on the gg.token.PID temporary file. | ||||
| CVE-2006-3765 | 1 Huttenlocher Webdesign | 1 Hwdeguest | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Huttenlocher Webdesign hwdeGUEST 2.1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, as demonstrated by the "name input" field in new_entry.php. | ||||
| CVE-2002-0611 | 1 Craig Patchett | 1 Fileseek | 2026-04-16 | N/A |
| Directory traversal vulnerability in FileSeek.cgi allows remote attackers to read arbitrary files via a ....// (modified dot dot) in the (1) head or (2) foot parameters, which are not properly filtered. | ||||
| CVE-2001-0118 | 3 Immunix, Mandrakesoft, Redhat | 3 Immunix, Mandrake Linux, Linux | 2026-04-16 | N/A |
| rdist 6.1.5 allows local users to overwrite arbitrary files via a symlink attack. | ||||
| CVE-2006-3767 | 1 Darrens 5-dollar Script Archive | 1 Osdate | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in showprofile.php in Darren's $5 Script Archive osDate 1.1.7 and earlier allows remote attackers to inject arbitrary web script or HTML via the onerror attribute in an HTML IMG tag with a non-existent source file in txtcomment parameter, which is used when posting a comment. | ||||
| CVE-1999-1299 | 2 Redhat, Slackware | 2 Linux, Slackware Linux | 2026-04-16 | N/A |
| rcp on various Linux systems including Red Hat 4.0 allows a "nobody" user or other user with UID of 65535 to overwrite arbitrary files, since 65535 is interpreted as -1 by chown and other system calls, which causes the calls to fail to modify the ownership of the file. | ||||
| CVE-2005-1968 | 1 Early Impact | 1 Productcart | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in ProductCart Ecommerce before 2.7 allows remote attackers to inject arbitrary web script or HTML via the error parameter to techErr.asp. | ||||
| CVE-1999-1307 | 1 Novell | 1 Unixware | 2026-04-16 | N/A |
| Vulnerability in urestore in Novell UnixWare 1.1 allows local users to gain root privileges. | ||||
| CVE-1999-1334 | 1 Elm Development Group | 1 Elm | 2026-04-16 | N/A |
| Multiple buffer overflows in filter command in Elm 2.4 allows attackers to execute arbitrary commands via (1) long From: headers, (2) long Reply-To: headers, or (3) via a long -f (filterfile) command line argument. | ||||
| CVE-2001-0123 | 1 Extropia | 1 Bbs Forum.cgi | 2026-04-16 | N/A |
| Directory traversal vulnerability in eXtropia bbs_forum.cgi 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) attack on the file parameter. | ||||
| CVE-2005-2019 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| ipfw in FreeBSD 5.4, when running on Symmetric Multi-Processor (SMP) or Uni Processor (UP) systems with the PREEMPTION kernel option enabled, does not sufficiently lock certain resources while performing table lookups, which can cause the cache results to be corrupted during multiple concurrent lookups, allowing remote attackers to bypass intended access restrictions. | ||||
| CVE-2006-3783 | 1 Sun | 1 Solaris | 2026-04-16 | N/A |
| Sun Solaris 10 allows local users to cause a denial of service (panic) via unspecified vectors involving (1) the /net mount point and (2) the "-hosts" map in a mount point. | ||||