Total
29944 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-0833 | 1 Debian | 1 Debian Linux | 2026-04-16 | N/A |
| Sendmail before 8.12.3 on Debian GNU/Linux, when using sasl and sasl-bin, uses a Sendmail configuration script with a fixed username and password, which could allow remote attackers to use Sendmail as an open mail relay and send spam messages. | ||||
| CVE-2004-1072 | 5 Linux, Redhat, Suse and 2 more | 9 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop and 6 more | 2026-04-16 | N/A |
| The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, may create an interpreter name string that is not NULL terminated, which could cause strings longer than PATH_MAX to be used, leading to buffer overflows that allow local users to cause a denial of service (hang) and possibly execute arbitrary code. | ||||
| CVE-2002-1938 | 1 Virgil | 1 Cgi Scanner | 2026-04-16 | N/A |
| Virgil CGI Scanner 0.9 allows remote attackers to execute arbitrary commands via the (1) tar (TARGET) or (2) zielport (ZIELPORT) parameters. | ||||
| CVE-2005-4487 | 1 Ramsite | 1 R1 Cms | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in RAMSite R|1 CMS 1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the searchfield parameter. | ||||
| CVE-2002-1940 | 1 Jacob Navia | 1 Lcc-win32 | 2026-04-16 | N/A |
| LCC-Win32 3.2 compiler, when running on Windows 95, 98, or ME, writes portions of previously used memory after the import table, which could allow attackers to gain sensitive information. NOTE: it has been reported that this problem is due to the OS and not the application. | ||||
| CVE-2005-4493 | 1 Speartek | 1 Speartek | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in SpearTek 6.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters. | ||||
| CVE-2004-1080 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Nt | 2026-04-16 | N/A |
| The WINS service (wins.exe) on Microsoft Windows NT Server 4.0, Windows 2000 Server, and Windows Server 2003 allows remote attackers to write to arbitrary memory locations and possibly execute arbitrary code via a modified memory pointer in a WINS replication packet to TCP port 42, aka the "Association Context Vulnerability." | ||||
| CVE-2006-1484 | 1 Kye | 1 Genius Videocam Nb | 2026-04-16 | N/A |
| Genius VideoCAM NB Driver does not drop privileges when saving files, which allows local users to gain privileges by opening arbitrary files via the "save as" dialog. | ||||
| CVE-2004-1084 | 1 Apple | 4 Darwin Streaming Server, Mac Os X, Mac Os X Server and 1 more | 2026-04-16 | N/A |
| Apache for Apple Mac OS X 10.2.8 and 10.3.6 allows remote attackers to read files and resource fork content via HTTP requests to certain special file names related to multiple data streams in HFS+, which bypass Apache file handles. | ||||
| CVE-2005-4496 | 1 Forum One | 1 Syntaxcms | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in search in SyntaxCMS 1.2.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the search_query parameter. | ||||
| CVE-2005-4497 | 1 Tangora | 1 Tangora Portal Cms | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Tangora Portal CMS 4.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the action parameter in a search page, as demonstrated using (1) page1631.aspx and (2) page496.aspx. | ||||
| CVE-2006-1489 | 1 Fusionzone | 1 Couponzone | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in FusionZONE CouponZONE local.cfm in 4.2 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) companyid, (2) scat, and (3) coid parameters. | ||||
| CVE-2002-1964 | 1 Wesmo | 1 Phpeventcalendar | 2026-04-16 | N/A |
| Unknown vulnerability in WesMo phpEventCalendar 1.1 allows remote attackers to execute arbitrary commands via unknown attack vectors. | ||||
| CVE-2006-1498 | 1 Mediawiki | 1 Mediawiki | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in MediaWiki before 1.5.8 and 1.4.15 allows remote attackers to inject arbitrary web script or HTML via crafted encoded links. | ||||
| CVE-2005-4503 | 1 Net-square | 1 Httprint | 2026-04-16 | N/A |
| httprint v202, and possibly other versions before v301, allows remote attackers to cause a denial of service (crash) via a long Server field in an HTTP response. | ||||
| CVE-2005-4508 | 1 Nexus Concepts | 1 Dev Hound | 2026-04-16 | N/A |
| Nexus Concepts Dev Hound 2.24 and earlier allows remote attackers to obtain the installation path via a URL containing a non-existent .dll file. | ||||
| CVE-2005-4513 | 1 Wandsoft | 1 E-search | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in WANDSOFT e-SEARCH allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters, possibly the keywords parameter. | ||||
| CVE-2005-4520 | 1 Mantis | 1 Mantis | 2026-04-16 | N/A |
| Unspecified "port injection" vulnerabilities in filters in Mantis 1.0.0rc3 and earlier have unknown impact and attack vectors. NOTE: due to a lack of relevant details in the vendor changelog, which is the source of this description, it is unclear whether this is a duplicate of another CVE. | ||||
| CVE-2004-0699 | 1 Checkpoint | 2 Firewall-1, Vpn-1 | 2026-04-16 | N/A |
| Heap-based buffer overflow in ASN.1 decoding library in Check Point VPN-1 products, when Aggressive Mode IKE is implemented, allows remote attackers to execute arbitrary code by initiating an IKE negotiation and then sending an IKE packet with malformed ASN.1 data. | ||||
| CVE-2005-4533 | 1 Scponly | 1 Scponly | 2026-04-16 | N/A |
| Argument injection vulnerability in scponlyc in scponly 4.1 and earlier, when both scp and rsync compatibility are enabled, allows local users to execute arbitrary applications via "getopt" style argument specifications, which are not filtered. | ||||