Total
29947 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2003-0734 | 1 Padl Software | 1 Pam Ldap | 2026-04-16 | N/A |
| Unknown vulnerability in the pam_filter mechanism in pam_ldap before version 162, when LDAP based authentication is being used, allows users to bypass host-based access restrictions and log onto the system. | ||||
| CVE-2006-0037 | 1 Linux | 1 Linux Kernel | 2026-04-16 | N/A |
| ip_nat_pptp in the PPTP NAT helper (netfilter/ip_nat_helper_pptp.c) in Linux kernel 2.6.14, and other versions, allows local users to cause a denial of service (memory corruption or crash) via a crafted outbound packet that causes an incorrect offset to be calculated from pointer arithmetic when non-linear SKBs (socket buffers) are used. | ||||
| CVE-2006-0049 | 2 Gnu, Redhat | 2 Privacy Guard, Enterprise Linux | 2026-04-16 | N/A |
| gpg in GnuPG before 1.4.2.2 does not properly verify non-detached signatures, which allows attackers to inject unsigned data via a data packet that is not associated with a control packet, which causes the check for concatenated signatures to report that the signature is valid, a different vulnerability than CVE-2006-0455. | ||||
| CVE-2003-0742 | 1 Sco | 1 Openserver | 2026-04-16 | N/A |
| SCO Internet Manager (mana) allows local users to execute arbitrary programs by setting the REMOTE_ADDR environment variable to cause menu.mana to run as if it were called from ncsa_httpd, then modifying the PATH environment variable to point to a malicious "hostname" program. | ||||
| CVE-2006-0065 | 1 Vego | 1 Vego Web Forum | 2026-04-16 | N/A |
| SQL injection vulnerability in (1) functions.php, (2) functions_update.php, and (3) functions_display.php in VEGO Web Forum 1.26 and earlier allows remote attackers to execute arbitrary SQL commands via the theme_id parameter in index.php. | ||||
| CVE-2001-0300 | 1 Oracle | 1 Internet Directory | 2026-04-16 | N/A |
| oidldapd 2.1.1.1 in Oracle 8.1.7 records log files in a directory (ldaplog) that has world-writable permissions, which may allow local users to delete logs and/or overwrite other files via a symlink attack. | ||||
| CVE-2006-0068 | 1 Primo Place | 1 Primo Cart | 2026-04-16 | N/A |
| SQL injection vulnerability in Primo Cart 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) q parameter to search.php and (2) email parameter to user.php. | ||||
| CVE-2006-1657 | 1 Chucky A. Ivey | 1 N.t. | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Chucky A. Ivey N.T. 1.1.0 allows remote attackers to inject arbitrary web script or HTML via the username parameter, which is not filtered when the administrator views the "Login Log" page. | ||||
| CVE-2006-0070 | 1 Drupal | 1 Drupal | 2026-04-16 | N/A |
| Drupal allows remote attackers to conduct cross-site scripting (XSS) attacks via an IMG tag with an unusual encoded Javascript function name, as demonstrated using variations of the alert() function. NOTE: a followup by the vendor suggests that the issue does not exist in 4.5.6 or 4.6.4 when "Filtered HTML" is enabled, and since "Full HTML" would not filter HTML by design, perhaps this should not be included in CVE | ||||
| CVE-2004-2669 | 1 Neocrome | 1 Land Down Under | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Land Down Under (LDU) v701 allow remote attackers to execute arbitrary SQL commands or obtain the installation path via parameters including (1) s, w, and d in users.php, (2) id in comments.php, (3) rusername in auth.php, or (4) h in plug.php. | ||||
| CVE-2006-1670 | 1 Cisco | 5 Ons 15310-cl Series, Ons 15454 Mspp, Ons 15454 Mstp and 2 more | 2026-04-16 | N/A |
| Control cards for Cisco Optical Networking System (ONS) 15000 series nodes before 20060405 allow remote attackers to cause a denial of service (memory exhaustion and possibly card reset) by sending an invalid response when the final ACK is expected, aka bug ID CSCei45910. | ||||
| CVE-2006-0104 | 1 Ralph Capper | 1 Tinyphpforum | 2026-04-16 | N/A |
| Directory traversal vulnerability in TinyPHPForum 3.6 and earlier allows remote attackers to create a new user account, create a new topic, or view the profile of a user account, as demonstrated via a .. (dot dot) in the uname parameter to profile.php. | ||||
| CVE-2003-0770 | 1 Ikonboard.com | 1 Ikonboard | 2026-04-16 | N/A |
| FUNC.pm in IkonBoard 3.1.2a and earlier, including 3.1.1, does not properly cleanse the "lang" cookie when it contains illegal characters, which allows remote attackers to execute arbitrary code when the cookie is inserted into a Perl "eval" statement. | ||||
| CVE-2003-0776 | 2 Redhat, Sane | 4 Enterprise Linux, Linux, Sane and 1 more | 2026-04-16 | N/A |
| saned in sane-backends 1.0.7 and earlier does not properly "check the validity of the RPC numbers it gets before getting the parameters," with unknown consequences. | ||||
| CVE-2006-0116 | 1 Inetstore | 1 Inetstore Online | 2026-04-16 | N/A |
| Cross-site scripting vulnerability search.inetstore in iNETstore Ebusiness Software 2.0 allows remote attackers to inject arbitrary web script or HTML via the searchterm parameter. | ||||
| CVE-2006-1683 | 1 Chipmunk Scripts | 1 Chipmunk Guestbook | 2026-04-16 | N/A |
| SQL injection vulnerability in admin/login.php in Chipmunk Guestbook allows remote attackers to execute arbitrary SQL commands and bypass login authentication via the User name. | ||||
| CVE-2001-0344 | 1 Microsoft | 1 Sql Server | 2026-04-16 | N/A |
| An SQL query method in Microsoft SQL Server 2000 Gold and 7.0 using Mixed Mode allows local database users to gain privileges by reusing a cached connection of the sa administrator account. | ||||
| CVE-2006-0128 | 1 Rockliffe | 1 Mailsite | 2026-04-16 | N/A |
| Buffer overflow in the IMAP service of Rockliffe MailSite before 6.1.22.1 allows remote attackers to have an unknown impact via unknown attack vectors. | ||||
| CVE-2001-0351 | 1 Microsoft | 1 Windows 2000 | 2026-04-16 | N/A |
| Microsoft Windows 2000 telnet service allows a local user to make a certain system call that allows the user to terminate a Telnet session and cause a denial of service. | ||||
| CVE-2006-0131 | 1 Boastmachine | 1 Boastmachine | 2026-04-16 | N/A |
| boastMachine 3.1 allows remote attackers to obtain sensitive information via a direct request to (1) footer.php and (2) side_menu.php, which reveals the path in an error message. | ||||