Total
29947 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-1893 | 1 Macromedia | 2 Dreamweaver, Dreamweaver Ultradev | 2026-04-16 | N/A |
| Dreamweaver MX, when "Using Driver On Testing Server" or "Using DSN on Testing Server" is selected, uploads the mmhttpdb.asp script to the web site but does not require authentication, which allows remote attackers to obtain sensitive information and possibly execute arbitrary SQL commands via a direct request to mmhttpdb.asp. | ||||
| CVE-2002-0420 | 1 Claymore Systems Inc | 1 Puretls | 2026-04-16 | N/A |
| Vulnerability in PureTLS before 0.9b2 related to injection attacks, which could possibly allow remote attackers to corrupt or hijack user sessions. | ||||
| CVE-2001-0271 | 1 Mailnews.cgi | 1 Mailnews.cgi | 2026-04-16 | N/A |
| mailnews.cgi 1.3 and earlier allows remote attackers to execute arbitrary commands via a user name that contains shell metacharacters. | ||||
| CVE-2001-0720 | 1 Apple | 1 Mac Os X | 2026-04-16 | N/A |
| Internet Explorer 5.1 for Macintosh on Mac OS X allows remote attackers to execute arbitrary commands by causing a BinHex or MacBinary file type to be downloaded, which causes the files to be executed if automatic decoding is enabled. | ||||
| CVE-2001-0721 | 1 Microsoft | 4 Windows 98, Windows 98se, Windows Me and 1 more | 2026-04-16 | N/A |
| Universal Plug and Play (UPnP) in Windows 98, 98SE, ME, and XP allows remote attackers to cause a denial of service (memory consumption or crash) via a malformed UPnP request. | ||||
| CVE-2001-0722 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| Internet Explorer 5.5 and 6.0 allows remote attackers to read and modify user cookies via Javascript in an about: URL, aka the "First Cookie Handling Vulnerability." | ||||
| CVE-2002-0433 | 1 Pi3 | 1 Pi3web | 2026-04-16 | N/A |
| Pi3Web 2.0.0 allows remote attackers to view restricted files via an HTTP request containing a "*" (wildcard or asterisk) character. | ||||
| CVE-2002-0450 | 1 Talentsoft | 1 Web\+ Server | 2026-04-16 | N/A |
| Buffer overflow in Talentsoft Web+ 5.0 and earlier allows remote attackers to execute arbitrary code via a long Web Markup Language (wml) file name to (1) webplus.dll or (2) webplus.exe. | ||||
| CVE-2001-0818 | 1 Marty Bochane | 1 Mdbms | 2026-04-16 | N/A |
| A buffer overflow the '\s' console command in MDBMS 0.99b9 and earlier allows remote attackers to execute arbitrary commands by sending the command a large amount of data. | ||||
| CVE-2002-0477 | 1 Macromedia | 1 Flash Player | 2026-04-16 | N/A |
| Standalone Macromedia Flash Player 5.0 before 5,0,30,2 allows remote attackers to execute arbitrary programs via a .SWF file containing the "exec" FSCommand. | ||||
| CVE-2004-2082 | 1 Karjasoft | 1 Sami Ftp Server | 2026-04-16 | N/A |
| The samiftp.dll library in Sami FTP Server 1.1.3 allows remote authenticated users to cause a denial of service (pmsystem.exe crash) via a GET request wit a large number of leading "/" (slash) characters. | ||||
| CVE-2004-2121 | 1 Borland Software | 1 Web Server For Corel Paradox | 2026-04-16 | N/A |
| Multiple directory traversal vulnerabilities in Borland Web Server (BWS) 1.0b3 and earlier allow remote attackers to read and download arbitrary files via (1) multi-dot "......" sequences, or (2) "%5c%2e%2e" (encoded "\..") sequences, in the URL. | ||||
| CVE-2004-2132 | 1 Pj Cgi Neo Review | 1 Pj Cgi Neo Review | 2026-04-16 | N/A |
| Directory traversal vulnerability in PJreview_Neo.cgi in PJ CGI Neo review allows remote attackers to read arbitrary files via a .. (dot dot) in the p parameter. | ||||
| CVE-2001-0824 | 1 Ibm | 1 Websphere Application Server | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in IBM WebSphere 3.02 and 3.5 FP2 allows remote attackers to execute Javascript by inserting the Javascript into (1) a request for a .JSP file, or (2) a request to the webapp/examples/ directory, which inserts the Javascript into an error page. | ||||
| CVE-2002-0487 | 1 Workforceroi | 1 Xpede | 2026-04-16 | N/A |
| Intellisol Xpede 4.1 stores passwords in plaintext in a Javascript "session timeout" re-authentication capability, which could allow local users with access to gain privileges of other Xpede users by reading the password from the source file, e.g. from the browser's cache. | ||||
| CVE-2004-2149 | 1 Oracle | 1 Mysql | 2026-04-16 | N/A |
| Buffer overflow in the prepared statements API in libmysqlclient for MySQL 4.1.3 beta and 4.1.4 allows remote attackers to cause a denial of service via a large number of placeholders. | ||||
| CVE-2004-2159 | 1 Xmlstarlet | 1 Command Line Xml Toolkit | 2026-04-16 | N/A |
| Multiple buffer overflows in XMLStarlet Command Line XML Toolkit 0.9.3 have unknown impact and attack vectors via (1) xml_elem.c and (2) xml_select.c. | ||||
| CVE-2001-0833 | 1 Oracle | 1 Database Server | 2026-04-16 | N/A |
| Buffer overflow in otrcrep in Oracle 8.0.x through 9.0.1 allows local users to execute arbitrary code via a long ORACLE_HOME environment variable, aka the "Oracle Trace Collection Security Vulnerability." | ||||
| CVE-2002-0490 | 1 Instant Web Mail | 1 Instant Web Mail | 2026-04-16 | N/A |
| Instant Web Mail before 0.60 does not properly filter CR/LF sequences, which allows remote attackers to (1) execute arbitrary POP commands via the id parameter in message.php, or (2) modify certain mail message headers via numerous parameters in write.php. | ||||
| CVE-2002-0510 | 1 Linux | 1 Linux Kernel | 2026-04-16 | N/A |
| The UDP implementation in Linux 2.4.x kernels keeps the IP Identification field at 0 for all non-fragmented packets, which could allow remote attackers to determine that a target system is running Linux. | ||||