Total
29945 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-1999-0443 | 1 Bmc | 1 Patrol Agent | 2026-04-16 | N/A |
| Patrol management software allows a remote attacker to conduct a replay attack to steal the administrator password. | ||||
| CVE-1999-0447 | 1 Hp | 1 Mpe Ix | 2026-04-16 | N/A |
| Local users can gain privileges using the debug utility in the MPE/iX operating system. | ||||
| CVE-2002-2109 | 1 Matt Wright | 1 Formmail | 2026-04-16 | N/A |
| Matt Wright FormMail 1.9 and earlier allows remote attackers to bypass the HTTP_REFERER check and conduct unauthorized activities via (1) a blank referer, (2) a spoofed referer with a trusted domain/URL after the beginning of the referer, or (3) a spoofed referer with a trusted domain/URL in the beginning (hostname) portion of the referer. | ||||
| CVE-1999-0452 | 2026-04-16 | N/A | ||
| A service or application has a backdoor password that was placed there by the developer. | ||||
| CVE-1999-0454 | 2026-04-16 | N/A | ||
| A remote attacker can sometimes identify the operating system of a host based on how it reacts to some IP or ICMP packets, using a tool such as nmap or queso. | ||||
| CVE-2006-4635 | 1 Squiz | 1 Mysource Classic | 2026-04-16 | N/A |
| Unspecified vulnerability in MySource Classic 2.14.6, and possibly earlier, allows remote authenticated users, with superuser privileges, to inject arbitrary PHP code via unspecified vectors related to the Equation attribute in Web_Extensions - Notitia (I/II). NOTE: due to lack of details, it is not clear whether this issue is file inclusion, static code injection, or another type of issue. | ||||
| CVE-2002-0265 | 1 Sawmill | 1 Sawmill | 2026-04-16 | N/A |
| Sawmill for Solaris 6.2.14 and earlier creates the AdminPassword file with world-writable permissions, which allows local users to gain privileges by modifying the file. | ||||
| CVE-2002-0914 | 1 Double Precision Incorporated | 1 Courier Mta | 2026-04-16 | N/A |
| Double Precision Courier e-mail MTA allows remote attackers to cause a denial of service (CPU consumption) via a message with an extremely large or negative value for the year, which causes a tight loop. | ||||
| CVE-2002-0909 | 1 Matsushita Research | 1 Mnews | 2026-04-16 | N/A |
| Multiple buffer overflows in mnews 1.22 and earlier allow (1) a remote NNTP server to execute arbitrary code via long responses, or local users can gain privileges via long command line arguments (2) -f, (3) -n, (4) -D, (5) -M, or (6) -P, or via long environment variables (7) JNAMES or (8) MAILSERVER. | ||||
| CVE-2006-0639 | 1 Mybulletinboard | 1 Mybulletinboard | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in search.php in MyBB (aka MyBulletinBoard) 1.0.2 allows remote attackers with knowledge of the table prefix to inject arbitrary web script or HTML via a URL encoded value of the keywords parameter, as demonstrated by %3Cscript%3E. | ||||
| CVE-2006-4634 | 1 Vbzoom | 1 Vbzoom | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in VBZooM allows remote attackers to inject arbitrary web script or HTML via the UserID parameter, a different vector than CVE-2006-1133 and CVE-2005-2441. | ||||
| CVE-2006-0638 | 1 Mybulletinboard | 1 Mybulletinboard | 2026-04-16 | N/A |
| SQL injection vulnerability in moderation.php in MyBB (aka MyBulletinBoard) 1.0.3 allows remote authenticated users, with certain privileges for moderating and merging posts, to execute arbitrary SQL commands via the posts parameter. | ||||
| CVE-2002-0897 | 1 Intranet-server | 1 Localweb2000 | 2026-04-16 | N/A |
| LocalWEB2000 2.1.0 web server allows remote attackers to bypass access restrictions for restricted files via a URL that contains the "/./" directory. | ||||
| CVE-2002-0888 | 1 3com | 1 3cp4144 | 2026-04-16 | N/A |
| 3Com OfficeConnect Remote 812 ADSL Router, firmware 1.1.9 and 1.1.7, allows remote attackers to bypass port access restrictions by connecting to an approved port and quickly connecting to the desired port, which is allowed by the router. | ||||
| CVE-2006-4628 | 1 Vcd-db | 1 Vcd-db | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in VCD-db before 0.983 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors when handling comments. | ||||
| CVE-1999-0201 | 1 Ftp | 1 Ftp | 2026-04-16 | N/A |
| A quote cwd command on FTP servers can reveal the full path of the home directory of the "ftp" user. | ||||
| CVE-2006-4625 | 1 Php | 1 Php | 2026-04-16 | N/A |
| PHP 4.x up to 4.4.4 and PHP 5 up to 5.1.6 allows local users to bypass certain Apache HTTP Server httpd.conf options, such as safe_mode and open_basedir, via the ini_restore function, which resets the values to their php.ini (Master Value) defaults. | ||||
| CVE-2006-4621 | 1 Bare Concept Media | 1 Pheap Cms | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in settings.php in Pheap 1.2, and possibly earlier, allows remote attackers to execute arbitrary PHP code via a URL in the lpref parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information. The lib/config.php vector is already covered by CVE-2006-4531. | ||||
| CVE-2006-0631 | 1 Erik C. Thauvin | 1 Mailback | 2026-04-16 | N/A |
| CRLF injection vulnerability in mailback.pl in Erik C. Thauvin mailback allows remote attackers to use mailback as a "spam proxy" by modifying mail headers, including recipient e-mail addresses, via newline characters in the Subject field. | ||||
| CVE-2005-2696 | 1 Ibm | 1 Lotus Notes | 2026-04-16 | N/A |
| IBM Lotus Notes does not properly restrict access to password hashes in the Notes Address Book (NAB), which allows remote attackers to obtain sensitive information via the (1) password digest field in the Administration tab of a Lotus Notes client, (2) "PasswordDigest" and "HTTPPassword" fields in the document properties in the NAB, or (3) a direct query to the Domino LDAP server, a different vulnerability than CVE-2005-2428. | ||||