Total
29947 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-0680 | 1 Zoom | 1 Model 5560 X3 Ethernet Adsl Modem | 2026-04-16 | N/A |
| Zoom X3 ADSL modem has a terminal running on port 254 that can be accessed using the default HTML management password, even if the password has been changed for the HTTP interface, which could allow remote attackers to gain unauthorized access. | ||||
| CVE-2004-0682 | 1 Comersus Open Technologies | 1 Comersus Cart | 2026-04-16 | N/A |
| comersus_gatewayPayPal.asp in Comersus Cart 5.09, and possibly other versions before 5.098, allows remote attackers to change the prices of items by directly modifying them in the URL. | ||||
| CVE-2006-2145 | 1 Harold Bakker | 1 Hb-ns | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in index.php in HB-NS 1.1.6 allow remote attackers to execute arbitrary SQL commands via the (1) topic or (2) id parameter. | ||||
| CVE-2005-4616 | 1 Idevspot | 1 Isupport | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php in iSupport 1.06 allows remote attackers to execute arbitrary SQL commands via the include_file parameter. | ||||
| CVE-2006-2146 | 1 Harold Bakker | 1 Hb-ns | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index.php in HB-NS 1.1.6 allow remote attackers to inject arbitrary web script or HTML via the (1) poster_name, (2) poster_email, (3) poster_homepage, or (4) message parameter. | ||||
| CVE-2002-2041 | 1 Qnx | 1 Rtos | 2026-04-16 | N/A |
| Multiple buffer overflows in realtime operating system (RTOS) 6.1.0 allows local users to execute arbitrary code via (1) a long ABLANG environment variable in phlocale or (2) a long -u option to pkg-installer. | ||||
| CVE-2005-4621 | 1 Jelsoft | 1 Vbulletin | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the editavatar page in vBulletin 3.5.1 allows remote attackers to inject arbitrary web script or HTML via a URL in the remote avatar url field, in which the URL generates a parsing error, and possibly requiring a trailing extension such as .jpg. | ||||
| CVE-2006-2151 | 1 Phpbb Group | 1 Phpbb Toplist | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in toplist.php in phpBB TopList 1.3.8 and earlier, when register_globals is enabled, allows remote attackers to include arbitrary files via the phpbb_root_path parameter. | ||||
| CVE-2004-0723 | 1 Microsoft | 1 Java Virtual Machine | 2026-04-16 | N/A |
| Microsoft Java virtual machine (VM) 5.0.0.3810 allows remote attackers to bypass sandbox restrictions to read or write certain data between applets from different domains via the "GET/Key" and "PUT/Key/Value" commands, aka "cross-site Java." | ||||
| CVE-2002-2043 | 1 Cyrus | 1 Sasl | 2026-04-16 | N/A |
| SQL injection vulnerability in the LDAP and MySQL authentication patch for Cyrus SASL 1.5.24 and 1.5.27 allows remote attackers to execute arbitrary SQL commands and log in as arbitrary POP mail users via the password. | ||||
| CVE-2002-2047 | 1 Sketch | 1 Sketch | 2026-04-16 | N/A |
| The file preview functionality in Sketch 0.6.12 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the filename of an encapsulated Postscript (EPS) file. | ||||
| CVE-1999-0108 | 1 Sgi | 1 Irix | 2026-04-16 | N/A |
| The printers program in IRIX has a buffer overflow that gives root access to local users. | ||||
| CVE-2002-2053 | 1 Cisco | 1 Ios | 2026-04-16 | N/A |
| The design of the Hot Standby Routing Protocol (HSRP), as implemented on Cisco IOS 12.1, when using IRPAS, allows remote attackers to cause a denial of service (CPU consumption) via a router with the same IP address as the interface on which HSRP is running, which causes a loop. | ||||
| CVE-2004-0740 | 1 Lexmark | 1 T522 Network Printer | 2026-04-16 | N/A |
| The HTTP server in Lexmark T522 and possibly other models allows remote attackers to cause a denial of service (server crash, reload, or hang) via an HTTP header with a long Host field, possibly triggering a buffer overflow. | ||||
| CVE-2005-4626 | 1 Recruitment Software | 1 Recruitment Software | 2026-04-16 | N/A |
| The default configuration of Recruitment Software installs admin/site.xml under the web document root with insufficient access control, which might allow remote attackers to obtain sensitive information (MySQL database credentials) via a direct request. | ||||
| CVE-2002-2056 | 1 Teekai | 1 Teekai Forum | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in TeeKai Forum 1.2 allows remote attackers to inject arbitrary web script or HTML via the valid_username_online cookie. | ||||
| CVE-2005-4627 | 2 Gfhost, Gmailsite | 2 Gfhost, Gmailsite | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in (1) GmailSite 1.0 through 1.0.4 and (2) GFHost 0.1.1 through 0.4.2 allows remote attackers to inject arbitrary web script or HTML via the lng parameter. | ||||
| CVE-2002-2057 | 1 Teekai | 1 Teekai Forum | 2026-04-16 | N/A |
| TeeKai Forum 1.2 uses weak encryption of web usage statistics in data/member_log.txt, which is stored under the web document root with insufficient access control, which allows remote attackers to identify IP's visiting the site by dividing each octet by the MD5 hash of '20'. | ||||
| CVE-2002-2064 | 1 Phpwebgallery | 1 Phpwebgallery | 2026-04-16 | N/A |
| isadmin.php in PhpWebGallery 1.0 allows remote attackers to gain administrative access via by setting the photo_login cookie to pseudo. | ||||
| CVE-2006-2162 | 1 Nagios | 1 Nagios | 2026-04-16 | N/A |
| Buffer overflow in CGI scripts in Nagios 1.x before 1.4 and 2.x before 2.3 allows remote attackers to execute arbitrary code via a negative content length (Content-Length) HTTP header. | ||||