Total
29947 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-1456 | 1 Khaled Mardam-bey | 1 Mirc | 2026-04-16 | N/A |
| Buffer overflow in mIRC 6.0.2 and earlier allows remote attackers to execute arbitrary code via a long $asctime value. | ||||
| CVE-2004-0609 | 1 Rssh | 1 Rssh | 2026-04-16 | N/A |
| rssh 2.0 through 2.1.x expands command line arguments before entering a chroot jail, which allows remote authenticated users to determine the existence of files in a directory outside the jail. | ||||
| CVE-2006-3094 | 1 Vincent Hor | 1 Calendarix Basic | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Calendarix Basic 0.7.20060401 and earlier, with magic_quotes_gpc disabled, allow remote attackers to execute arbitrary SQL commands via the id parameter in (1) cal_event.php and (2) cal_popup.php. | ||||
| CVE-2006-3124 | 1 Streamripper | 1 Streamripper | 2026-04-16 | N/A |
| Buffer overflow in the HTTP header parsing in Streamripper before 1.61.26 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted HTTP headers. | ||||
| CVE-2000-1080 | 2 Id Software, J. P. Grossman | 2 Quake, Proquake | 2026-04-16 | N/A |
| Quake 1 (quake1) and ProQuake 1.01 and earlier allow remote attackers to cause a denial of service via a malformed (empty) UDP packet. | ||||
| CVE-2005-3520 | 1 Mysource | 1 Mysource | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in MySource 2.14.0 allow remote attackers to inject arbitrary web script or HTML via (1) the target_url parameter in upgrade_in_progress_backend.php, (2) the stylesheet parameter in edit_table_cell_type_wysiwyg.php, and the bgcolor parameter in (3) insert_table.php, (4) edit_table_cell_props.php, (5) header.php, (6) edit_table_row_props.php, and (7) edit_table_props.php. | ||||
| CVE-1999-0570 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| Windows NT is not using a password filter utility, e.g. PASSFILT.DLL. | ||||
| CVE-2006-3848 | 1 Krischan Jodies | 1 Ip Calculator | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in CGI wrapper for IP Calculator (IPCalc) 0.40 allows remote attackers to inject arbitrary web script or HTML via the URI (REQUEST_URI environment variable), which is used in the actionurl variable. | ||||
| CVE-2001-1127 | 1 Progress | 1 Progress | 2026-04-16 | N/A |
| Buffer overflow in Progress database 8.3D and 9.1C could allow a local user to execute arbitrary code via (1) _proapsv, (2) _mprosrv, (3) _mprshut, (4) orarx, (5) sqlcpp, (6) _probrkr, (7) _sqlschema and (8) _sqldump. | ||||
| CVE-2000-0808 | 1 Checkpoint | 1 Firewall-1 | 2026-04-16 | N/A |
| The seed generation mechanism in the inter-module S/Key authentication mechanism in Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to bypass authentication via a brute force attack, aka "One-time (s/key) Password Authentication." | ||||
| CVE-2003-0967 | 2 Freeradius, Redhat | 2 Freeradius, Enterprise Linux | 2026-04-16 | N/A |
| rad_decode in FreeRADIUS 0.9.2 and earlier allows remote attackers to cause a denial of service (crash) via a short RADIUS string attribute with a tag, which causes memcpy to be called with a -1 length argument, as demonstrated using the Tunnel-Password attribute. | ||||
| CVE-2002-0410 | 1 Aeromail | 1 Aeromail | 2026-04-16 | N/A |
| send_message.php in AeroMail before 1.45 allows remote attackers to read arbitrary files on the server, instead of just uploaded files, via an attachment that modifies the filename to be uploaded. | ||||
| CVE-2000-0825 | 1 Ipswitch | 1 Imail | 2026-04-16 | N/A |
| Ipswitch Imail 6.0 allows remote attackers to cause a denial of service via a large number of connections in which a long Host: header is sent, which causes a thread to crash. | ||||
| CVE-2006-3910 | 1 Microsoft | 1 Ie | 2026-04-16 | N/A |
| Internet Explorer 6 on Windows XP SP2, when Outlook is installed, allows remote attackers to cause a denial of service (crash) by calling the NewDefaultItem function of an OVCtl (OVCtl.OVCtl.1) ActiveX object, which triggers a null dereference. | ||||
| CVE-2004-2294 | 1 Francisco Burzi | 1 Php-nuke | 2026-04-16 | N/A |
| Canonicalize-before-filter error in the send_review function in the Reviews module for PHP-Nuke 6.0 to 7.3 allows remote attackers to inject arbitrary web script or HTML via hex-encoded XSS sequences in the text parameter, which is checked for dangerous sequences before it is canonicalized, leading to a cross-site scripting (XSS) vulnerability. | ||||
| CVE-2006-0920 | 1 Oi | 1 Email Marketing System | 2026-04-16 | N/A |
| Oi! Email Marketing System 3.0 (aka Oi! 3) stores the server's FTP password in cleartext on a Configuration web page, which allows local users with superadministrator privileges, or attackers who have obtained access to the web page, to view the password. | ||||
| CVE-2006-0922 | 1 Devellion | 1 Cubecart | 2026-04-16 | N/A |
| CubeCart 3.0 through 3.6 does not properly check authorization for an administration session because of a missing auth.inc.php include, which results in an absolute path traversal vulnerability in FileUpload in connector.php (aka upload.php) that allows remote attackers to upload arbitrary files via a modified CurrentFolder parameter in a direct request to admin/filemanager/upload.php. | ||||
| CVE-2006-0720 | 1 Nullsoft | 1 Winamp | 2026-04-16 | N/A |
| Stack-based buffer overflow in Nullsoft Winamp 5.12 and 5.13 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted .m3u file that causes an incorrect strncpy function call when the player pauses or stops the file. | ||||
| CVE-2003-1160 | 1 Seyeon | 1 Flexwatch Network Video Server | 2026-04-16 | N/A |
| FlexWATCH Network video server 132 allows remote attackers to bypass authentication and gain administrative privileges via an HTTP request to aindex.htm that contains double leading slashes (//). | ||||
| CVE-2005-0707 | 1 Ipswitch | 1 Ipswitch Collaboration Suite | 2026-04-16 | N/A |
| Buffer overflow in the IMAP daemon (IMAP4d32.exe) for Ipswitch Collaboration Suite (ICS) before 8.15 Hotfix 1 allows remote authenticated users to execute arbitrary code via a long EXAMINE command. | ||||