Total
29944 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-3364 | 1 Platinum | 1 Dboardgear | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in DboardGear allow remote attackers to execute arbitrary SQL commands via (1) the buddy parameter in buddy.php, (2) the u2uid parameter in u2u.php, and (3) an invalid theme file in the themes action to ctrtools.php. | ||||
| CVE-2006-3018 | 1 Php Group | 1 Php | 2026-04-16 | N/A |
| Unspecified vulnerability in the session extension functionality in PHP before 5.1.3 has unknown impact and attack vectors related to heap corruption. | ||||
| CVE-2001-0105 | 1 Hp | 1 Hp-ux | 2026-04-16 | N/A |
| Vulnerability in top in HP-UX 11.04 and earlier allows local users to overwrite files owned by the "sys" group. | ||||
| CVE-2005-1915 | 1 Log4sh | 1 Log4sh | 2026-04-16 | N/A |
| The log4sh_readProperties function in log4sh 1.2.5 and earlier allows local users to overwrite arbitrary files via a symlink attack on predictable log4sh.$$ filenames. | ||||
| CVE-2005-2001 | 1 Php Arena | 1 Pafiledb | 2026-04-16 | N/A |
| Directory traversal vulnerability in pafiledb.php in paFileDB 3.1 and earlier allows remote attackers to include arbitrary files via a .. (dot dot) in the action parameter. | ||||
| CVE-2005-3375 | 1 Ikarus | 1 Ikarus Antivirus | 2026-04-16 | N/A |
| Multiple interpretation error in Ikarus demo version allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a dangerous file type by applications on the end system, as demonstrated by a "triple headed" program that contains EXE, EML, and HTML content, aka the "magic byte bug." | ||||
| CVE-2001-0137 | 1 Microsoft | 1 Windows Media Player | 2026-04-16 | N/A |
| Windows Media Player 7 allows remote attackers to execute malicious Java applets in Internet Explorer clients by enclosing the applet in a skin file named skin.wmz, then referencing that skin in the codebase parameter to an applet tag, aka the Windows Media Player Skins File Download" vulnerability. | ||||
| CVE-2005-1980 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2026-04-16 | N/A |
| Distributed Transaction Controller in Microsoft Windows allows remote servers to cause a denial of service (MSDTC service hang) via a crafted Transaction Internet Protocol (TIP) message that causes DTC to repeatedly connect to a target IP and port number after an error occurs, aka the "Distributed TIP Vulnerability." | ||||
| CVE-2005-2005 | 1 Ultimate Php Board | 1 Ultimate Php Board | 2026-04-16 | N/A |
| Ultimate PHP Board (UPB) 1.9.6 GOLD and earlier stores the users.dat file under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information on registered users via a direct request to db/users.dat. | ||||
| CVE-2001-0179 | 1 Macromedia | 1 Jrun | 2026-04-16 | N/A |
| Allaire JRun 3.0 allows remote attackers to list contents of the WEB-INF directory, and the web.xml file in the WEB-INF directory, via a malformed URL that contains a "." | ||||
| CVE-2001-0181 | 1 Caldera | 3 Openlinux Desktop, Openlinux Edesktop, Openlinux Eserver | 2026-04-16 | N/A |
| Format string vulnerability in the error logging code of DHCP server and client in Caldera Linux allows remote attackers to execute arbitrary commands. | ||||
| CVE-2006-3026 | 1 Clicktech | 1 Clickgallery | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in ClickGallery 5.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) gallery_id parameter in gallery.asp and (2) parentcurrentpage parameter in view_gallery.asp. | ||||
| CVE-2001-0177 | 1 Webmaster | 1 Conferenceroom | 2026-04-16 | N/A |
| WebMaster ConferenceRoom 1.8.1 allows remote attackers to cause a denial of service via a buddy relationship between the IRC server and a server clone. | ||||
| CVE-2005-2104 | 1 Redhat | 2 Enterprise Linux, Sysreport | 2026-04-16 | N/A |
| sysreport before 1.3.7 allows local users to obtain sensitive information via a symlink attack on a temporary directory. | ||||
| CVE-2006-3029 | 1 Clicktech | 1 Clickcart | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in default.asp in ClickTech Clickcart 6.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the cat parameter. | ||||
| CVE-2001-0205 | 1 Aol | 1 Aol Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in AOLserver 3.2 and earlier allows remote attackers to read arbitrary files by inserting "..." into the requested pathname, a modified .. (dot dot) attack. | ||||
| CVE-2005-2126 | 1 Microsoft | 4 Ie, Windows 2000, Windows 2003 Server and 1 more | 2026-04-16 | N/A |
| The FTP client in Windows XP SP1 and Server 2003, and Internet Explorer 6 SP1 on Windows 2000 SP4, when "Enable Folder View for FTP Sites" is enabled and the user manually initiates a file transfer, allows user-assisted, remote FTP servers to overwrite files in arbitrary locations via crafted filenames. | ||||
| CVE-2005-3392 | 1 Php | 1 Php | 2026-04-16 | N/A |
| Unspecified vulnerability in PHP before 4.4.1, when using the virtual function on Apache 2, allows remote attackers to bypass safe_mode and open_basedir directives. | ||||
| CVE-2001-0241 | 1 Microsoft | 1 Windows 2000 | 2026-04-16 | N/A |
| Buffer overflow in Internet Printing ISAPI extension in Windows 2000 allows remote attackers to gain root privileges via a long print request that is passed to the extension through IIS 5.0. | ||||
| CVE-2005-2045 | 1 Duware | 1 Duportal Pro | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in DUware DUportal PRO 3.4.3 allow remote attackers to execute arbitrary SQL commands via the (1) iChannel parameter to default.asp, (2) iData parameter to detail.asp, (3) iMem parameter to members.asp, (4) iCat parameter to cat.asp, (5) offset parameter to members_listing_approval.asp, or (6) iChannel parameter to channels_edit.asp. | ||||