Total
29947 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-2001 | 1 Sgi | 1 Irix | 2026-04-16 | N/A |
| ifconfig "-arp" in SGI IRIX 6.5 through 6.5.22m does not properly disable ARP requests from being sent or received. | ||||
| CVE-2004-1410 | 1 Gadu-gadu | 1 Gadu-gadu Instant Messenger | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Gadu-Gadu build 155 and earlier allows remote attackers to inject arbitrary web script via a URL, which is echoed in a popup window that displays a parsing error message, a different vulnerability than CVE-2004-1229. | ||||
| CVE-2006-0213 | 1 Kolab | 1 Kolab Groupware Server | 2026-04-16 | N/A |
| Kolab Server 2.0.1, 2.0.2 and development versions pre-2.1-20051215 and earlier, when authenticating users via secure SMTP, stores authentication credentials in plaintext in the postfix.log file, which allows local users to gain privileges. | ||||
| CVE-2006-3913 | 1 Freeciv | 1 Freeciv | 2026-04-16 | N/A |
| Buffer overflow in Freeciv 2.1.0-beta1 and earlier, and SVN 15 Jul 2006 and earlier, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a (1) negative chunk_length or a (2) large chunk->offset value in a PACKET_PLAYER_ATTRIBUTE_CHUNK packet in the generic_handle_player_attribute_chunk function in common/packets.c, and (3) a large packet->length value in the handle_unit_orders function in server/unithand.c. | ||||
| CVE-2005-3589 | 1 Filezilla | 1 Filezilla Server Terminal | 2026-04-16 | N/A |
| Buffer overflow in FileZilla Server Terminal 0.9.4d may allow remote attackers to cause a denial of service (terminal crash) via a long USER ftp command. | ||||
| CVE-2006-0219 | 1 Mybulletinboard | 1 Mybulletinboard | 2026-04-16 | N/A |
| The original distribution of MyBulletinBoard (MyBB) to update from older versions to 1.0.2 omits or includes older versions of certain critical files, which allows attackers to conduct (1) SQL injection attacks via an attachment name that is not properly handled by inc/functions_upload.php (CVE-2005-4602), and possibly (2) other attacks related to threadmode in usercp.php. | ||||
| CVE-2004-1422 | 1 Whm | 1 Whm Autopilot | 2026-04-16 | N/A |
| WHM AutoPilot 2.4.6.5 and earlier allows remote attackers to gain sensitive information via phpinfo, which reveals php settings. | ||||
| CVE-2004-2084 | 1 Jshop E-commerce | 2 Jshop Professional, Jshop Server | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in search.php in JShop E-Commerce Server allows remote attackers to inject arbitrary web script or HTML via the xSearch parameter. | ||||
| CVE-2004-2115 | 1 Oracle | 1 Http Server | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Oracle HTTP Server 1.3.22, based on Apache, allow remote attackers to execute arbitrary script as other users via the (1) action, (2) username, or (3) password parameters in an isqlplus request. | ||||
| CVE-2004-2117 | 1 Tinyserver | 1 Tinyserver | 2026-04-16 | N/A |
| Tiny Server 1.1 allows remote attackers to cause a denial of service (crash) via malformed HTTP requests such as (1) a GET request without the HTTP version (HTTP/1.1), or (2) a request without GET or the HTTP version. | ||||
| CVE-2005-1292 | 1 Elemental Software | 1 Cartwiz | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in CartWIZ ASP Cart allow remote attackers to inject arbitrary web script or HTML via the idProduct parameter to (1) tellAFriend.asp or (2) addToWishlist.asp, redirect parameter to (3) access.asp or (4) login.asp, message parameter to (5) login.asp or (6) error.asp, or (7) sku or (8) name parameter to searchResults.asp. | ||||
| CVE-2005-2112 | 1 Xoops | 1 Xoops | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in XOOPS 2.0.11 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) order parameter to edit.php or (2) cid parameter to comment_edit.php. | ||||
| CVE-2006-3931 | 1 Tuomas Airaksinen | 1 Midirecord | 2026-04-16 | N/A |
| Buffer overflow in the daemon function in midirecord.cc in Tuomas Airaksinen Midirecord 2.0 allows local users to execute arbitrary code via a long command line argument (filename). NOTE: This may not be a vulnerability if Midirecord is not installed setuid. | ||||
| CVE-1999-0778 | 1 Xi Graphics | 1 Accelerated-x Server | 2026-04-16 | N/A |
| Buffer overflow in Xi Graphics Accelerated-X server allows local users to gain root access via a long display or query parameter. | ||||
| CVE-2001-1213 | 1 Datawizard | 1 Ftpxq | 2026-04-16 | N/A |
| The default configuration of DataWizard FtpXQ 2.0 and 2.1 includes a default username and password, which allows remote attackers to read and write arbitrary files in the root folder. | ||||
| CVE-2005-3632 | 2 Netpbm, Redhat | 2 Netpbm, Enterprise Linux | 2026-04-16 | N/A |
| Multiple buffer overflows in pnmtopng in netpbm 10.0 and earlier allow attackers to execute arbitrary code via a crafted PNM file. | ||||
| CVE-1999-0781 | 3 Freebsd, Kde, Linux | 3 Freebsd, Kde, Linux Kernel | 2026-04-16 | N/A |
| KDE allows local users to execute arbitrary commands by setting the KDEDIR environmental variable to modify the search path that KDE uses to locate its executables. | ||||
| CVE-2001-1218 | 1 Microsoft | 1 Ie | 2026-04-16 | N/A |
| Microsoft Internet Explorer for Unix 5.0SP1 allows local users to possibly cause a denial of service (crash) in CDE or the X server on Solaris 2.6 by rapidly scrolling Chinese characters or maximizing the window. | ||||
| CVE-2004-1430 | 1 Ipbproarcade | 1 Ipbproarcade | 2026-04-16 | N/A |
| SQL injection vulnerability in the show_stats module in Arcade.php in IbProArcade allows remote attackers to execute arbitrary SQL code via the gameid parameter. | ||||
| CVE-2004-2200 | 1 Duware | 1 Duforum | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in DUware DUforum 3.0 through 3.1 allows remote attackers to inject arbitrary web script or HTML via via the message text. | ||||