Total
29944 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-3275 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2026-04-16 | N/A |
| The NAT code (1) ip_nat_proto_tcp.c and (2) ip_nat_proto_udp.c in Linux kernel 2.6 before 2.6.13 and 2.4 before 2.4.32-rc1 incorrectly declares a variable to be static, which allows remote attackers to cause a denial of service (memory corruption) by causing two packets for the same protocol to be NATed at the same time, which leads to memory corruption. | ||||
| CVE-2002-1093 | 1 Cisco | 1 Vpn 3000 Concentrator Series Software | 2026-04-16 | N/A |
| HTML interface for Cisco VPN 3000 Concentrator 2.x.x and 3.x.x before 3.0.3(B) allows remote attackers to cause a denial of service (CPU consumption) via a long URL request. | ||||
| CVE-2005-3284 | 1 Ahnlab | 3 Myv3, V3net, V3pro 2004 | 2026-04-16 | N/A |
| Multiple buffer overflows in AhnLab V3 AntiVirus V3Pro 2004 before 6.0.0.488, V3Net for Windows Server 6.0 before 6.0.0.488, and MyV3, with compressed file scanning enabled, allow remote attackers to execute arbitrary code via crafted (1) ALZ, (2) UUE, or (3) XXE archives. | ||||
| CVE-2004-0970 | 1 Gnu | 1 Gzip | 2026-04-16 | N/A |
| The (1) gzexe, (2) zdiff, and (3) znew scripts in the gzip package, as used by other packages such as ncompress, allows local users to overwrite files via a symlink attack on temporary files. NOTE: the znew vulnerability may overlap CVE-2003-0367. | ||||
| CVE-2005-3291 | 1 Stani | 1 Stanis Python Editor | 2026-04-16 | N/A |
| Stani's Python Editor (SPE) 0.7.5 is installed with world-writable permissions, which allows local users to gain privileges by modifying executable files. | ||||
| CVE-2006-1044 | 1 Lsoft | 1 Listserv | 2026-04-16 | N/A |
| Multiple buffer overflows in LISTSERV 14.3 and 14.4, including LISTSERV Lite and HPO, with the web archive interface enabled, allow remote attackers to execute arbitrary code via unknown attack vectors related to the WA CGI. NOTE: technical details will be released after the grace period has ended on 20060603. | ||||
| CVE-2002-1095 | 1 Cisco | 3 Secure Access Control Server, Vpn 3000 Concentrator Series Software, Vpn 3002 Hardware Client | 2026-04-16 | N/A |
| Cisco VPN 3000 Concentrator before 2.5.2(F), with encryption enabled, allows remote attackers to cause a denial of service (reload) via a Windows-based PPTP client with the "No Encryption" option set. | ||||
| CVE-2002-1096 | 1 Cisco | 2 Vpn 3000 Concentrator Series Software, Vpn 3002 Hardware Client | 2026-04-16 | N/A |
| Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.1, allows restricted administrators to obtain user passwords that are stored in plaintext in HTML source code. | ||||
| CVE-2005-3303 | 1 Clam Anti-virus | 1 Clamav | 2026-04-16 | N/A |
| The FSG unpacker (fsg.c) in Clam AntiVirus (ClamAV) 0.80 through 0.87 allows remote attackers to cause "memory corruption" and execute arbitrary code via a crafted FSG 1.33 file. | ||||
| CVE-2005-3304 | 1 Francisco Burzi | 1 Php-nuke | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in PHP-Nuke 7.8 allow remote attackers to modify SQL queries and execute arbitrary PHP code via (1) the username parameter in the Your Account page, (2) the url parameter in the Downloads module, and (3) the description parameter in the Web_Links module. | ||||
| CVE-2006-1046 | 1 Monopd | 1 Monopd | 2026-04-16 | N/A |
| server.cpp in Monopd 0.9.3 allows remote attackers to cause a denial of service (CPU and memory consumption) via a string containing a large number of characters that are escaped when Monopd produces XML output. | ||||
| CVE-2002-1101 | 1 Cisco | 2 Vpn 3000 Concentrator Series Software, Vpn 3002 Hardware Client | 2026-04-16 | N/A |
| Cisco VPN 3000 Concentrator 2.2.x, 3.6(Rel), and 3.x before 3.5.5, allows remote attackers to cause a denial of service via a long user name. | ||||
| CVE-2002-1116 | 1 Mantis | 1 Mantis | 2026-04-16 | N/A |
| The "View Bugs" page (view_all_bug_page.php) in Mantis 0.17.4a and earlier includes summaries of private bugs for users that do not have access to any projects. | ||||
| CVE-2005-3305 | 1 Nuked-klan | 1 Nuked-klan | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Nuked Klan 1.7 allow remote attackers to execute arbitrary SQL commands via the (1) forum_id or (2) thread_id parameter in the Forum file, (3) the link_id in the Links file, (4) the artid parameter in the Sections file, and (5) the dl_id parameter in the Download file. | ||||
| CVE-2002-1121 | 4 Gfi, Network Associates, Roaring Penguin and 1 more | 5 Mailsecurity, Webshield Smtp, Canit and 2 more | 2026-04-16 | N/A |
| SMTP content filter engines, including (1) GFI MailSecurity for Exchange/SMTP before 7.2, (2) InterScan VirusWall before 3.52 build 1494, (3) the default configuration of MIMEDefang before 2.21, and possibly other products, do not detect fragmented emails as defined in RFC2046 ("Message Fragmentation and Reassembly") and supported in such products as Outlook Express, which allows remote attackers to bypass content filtering, including virus checking, via fragmented emails of the message/partial content type. | ||||
| CVE-2002-1124 | 1 Purity | 1 Purity | 2026-04-16 | N/A |
| Multiple buffer overflows in purity 1-16 allow local users to gain privileges and modify high scores tables. | ||||
| CVE-2005-3307 | 1 Flatnuke | 1 Flatnuke | 2026-04-16 | N/A |
| Directory traversal vulnerability in index.php for FlatNuke 2.5.6 allows remote attackers to read arbitrary files via ".." sequences in the (1) user parameter in a profile operation or (2) quale parameter in a newtopic operation. | ||||
| CVE-2005-3310 | 1 Phpbb Group | 1 Phpbb | 2026-04-16 | N/A |
| Interpretation conflict in phpBB 2.0.17, with remote avatars and avatar uploading enabled, allows remote authenticated users to inject arbitrary web script or HTML via an HTML file with a GIF or JPEG file extension, which causes the HTML to be executed by a victim who views the file in Internet Explorer, which renders malformed image types as HTML, enabling cross-site scripting (XSS) attacks. NOTE: it could be argued that this vulnerability is due to a design flaw in Internet Explorer (CVE-2005-3312) and the proper fix should be in that browser; if so, then this should not be treated as a vulnerability in phpBB. | ||||
| CVE-2002-1125 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| FreeBSD port programs that use libkvm for FreeBSD 4.6.2-RELEASE and earlier, including (1) asmon, (2) ascpu, (3) bubblemon, (4) wmmon, and (5) wmnet2, leave open file descriptors for /dev/mem and /dev/kmem, which allows local users to read kernel memory. | ||||
| CVE-2005-3312 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| The HTML rendering engine in Microsoft Internet Explorer 6.0 allows remote attackers to conduct cross-site scripting (XSS) attacks via HTML in corrupted images and other files such as .GIF, JPG, and WAV, which is rendered as HTML when the user clicks on the link, even though the web server response and file extension indicate that it should be treated as a different file type. | ||||