Total
29947 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2000-0369 | 1 Caldera | 1 Openlinux | 2026-04-16 | N/A |
| The IDENT server in Caldera Linux 2.3 creates multiple threads for each IDENT request, which allows remote attackers to cause a denial of service. | ||||
| CVE-2000-0370 | 1 Caldera | 1 Openlinux | 2026-04-16 | N/A |
| The debug option in Caldera Linux smail allows remote attackers to execute commands via shell metacharacters in the -D option for the rmail command. | ||||
| CVE-2000-0375 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| The kernel in FreeBSD 3.2 follows symbolic links when it creates core dump files, which allows local attackers to modify arbitrary files. | ||||
| CVE-2001-1428 | 1 Beck Ipc Gmbh | 1 Ipc At Chip Embedded-webserver | 2026-04-16 | N/A |
| The (1) FTP and (2) Telnet services in Beck GmbH IPC@Chip are shipped with a default password, which allows remote attackers to gain unauthorized access. | ||||
| CVE-2002-0430 | 1 Sun | 3 Cobalt Raq 2, Cobalt Raq 3i, Cobalt Raq 4 | 2026-04-16 | N/A |
| MultiFileUploadHandler.php in the Sun Cobalt RaQ XTR administration interface allows local users to bypass authentication and overwrite arbitrary files via a symlink attack on a temporary file, followed by a request to MultiFileUpload.php. | ||||
| CVE-2000-0379 | 1 Netopia | 1 R-series Routers | 2026-04-16 | N/A |
| The Netopia R9100 router does not prevent authenticated users from modifying SNMP tables, even if the administrator has configured it to do so. | ||||
| CVE-2004-2236 | 1 Moodle | 1 Moodle | 2026-04-16 | N/A |
| Unknown vulnerability in Moodle before 1.3.3 has unknown impact and attack vectors, related to language setting. | ||||
| CVE-2005-1578 | 1 Guidance Software | 1 Encase | 2026-04-16 | N/A |
| EnCase Forensic Edition 4.18a does not support Device Configuration Overlays (DCO), which allows attackers to hide information without detection. | ||||
| CVE-2004-2238 | 1 Inter7 | 1 Vpopmail \(vchkpw\) | 2026-04-16 | N/A |
| Format string vulnerability in vsybase.c in vpopmail 5.4.2 and earlier has unknown impact and attack vectors. NOTE: in a followup post, it was observed that the source code used constants that, when compiled, became static format strings. Thus this is not a vulnerability | ||||
| CVE-2000-0381 | 1 Gossamer Threads | 1 Dbman | 2026-04-16 | N/A |
| The Gossamer Threads DBMan db.cgi CGI script allows remote attackers to view environmental variables and setup information by referencing a non-existing database in the db parameter. | ||||
| CVE-2000-0385 | 1 Filemaker | 1 Filemaker | 2026-04-16 | N/A |
| FileMaker Pro 5 Web Companion allows remote attackers to bypass Field-Level database security restrictions via the XML publishing or email capabilities. | ||||
| CVE-2004-2240 | 1 Phorum | 1 Phorum | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Phorum 5.0.11 and earlier allow remote attackers to modify SQL statements via (1) the query string in read.php or (2) unknown vectors in file.php. | ||||
| CVE-2005-1581 | 1 Eric Fichot | 1 Bug Report | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Bug Report 1.0 allows remote attackers to inject arbitrary web script or HTML via various fields to bug_report.php, which are not filtered or quoted when processed by bug_list.php or admin/index.php. | ||||
| CVE-2000-0393 | 1 Kde | 1 Kde | 2026-04-16 | N/A |
| The KDE kscd program does not drop privileges when executing a program specified in a user's SHELL environmental variable, which allows the user to gain privileges by specifying an alternate program to execute. | ||||
| CVE-2006-4737 | 1 Jetbox | 1 Jetbox Cms | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php in Jetbox CMS allows remote attackers to inject arbitrary web script or HTML via the item parameter. NOTE: The view vector is already covered by CVE-2006-3586.2. | ||||
| CVE-2006-4758 | 1 Phpbb Group | 1 Phpbb | 2026-04-16 | N/A |
| phpBB 2.0.21 does not properly handle pathnames ending in %00, which allows remote authenticated administrative users to upload arbitrary files, as demonstrated by a query to admin/admin_board.php with an avatar_path parameter ending in .php%00. | ||||
| CVE-2000-0405 | 1 Atstake | 1 Antisniff | 2026-04-16 | N/A |
| Buffer overflow in L0pht AntiSniff allows remote attackers to execute arbitrary commands via a malformed DNS response packet. | ||||
| CVE-2006-4796 | 1 Snitz Communications | 1 Snitz Forums 2000 | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in forum.asp in Snitz Forums 2000 3.4.06 allows remote attackers to inject arbitrary web script or HTML via the sortorder parameter (strtopicsortord variable). | ||||
| CVE-2006-4797 | 1 Cj Design | 1 Cj Tag Board | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in tag.php in CloudNine Interactive CJ Tag Board 3.0 allows remote attackers to inject arbitrary web script or HTML via a JavaScript event in a url BBcode tag in the cjmsg parameter. | ||||
| CVE-2006-4798 | 1 Dws Systems Inc. | 1 Sql-ledger | 2026-04-16 | N/A |
| SQL-Ledger before 2.4.4 stores a password in a query string, which might allow context-dependent attackers to obtain the password via a Referer field or browser history. | ||||