Total
29947 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-3933 | 1 88script | 1 88script Event Calendar | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php in 88Script's Event Calendar 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the m parameter. | ||||
| CVE-2005-4355 | 1 Xmpie | 1 Ustore | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in UStore allow remote attackers to inject arbitrary web script or HTML via the (1) Cat parameter in default.asp and the (2) accessdenied parameter in admin/default.asp. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-1999-1284 | 1 Puppets Place | 1 Nukenabber | 2026-04-16 | N/A |
| NukeNabber allows remote attackers to cause a denial of service by connecting to the NukeNabber port (1080) without sending any data, which causes the CPU usage to rise to 100% from the report.exe program that is executed upon the connection. | ||||
| CVE-2005-4047 | 1 Iisworks | 1 Aspknowledgebase | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in kb.asp in IISWorks ASPKnowledgeBase 2.0 allows remote attackers to inject arbitrary web script or HTML via the a parameter. | ||||
| CVE-2005-1415 | 1 Globalscape | 1 Secure Ftp Server | 2026-04-16 | N/A |
| Buffer overflow in GlobalSCAPE Secure FTP Server 3.0.2 allows remote authenticated users to execute arbitrary code via a long FTP command. | ||||
| CVE-2005-4008 | 1 Jax Calendar | 1 Jax Calendar | 2026-04-16 | N/A |
| SQL injection vulnerability in jax_calendar.php in Jax Calendar 1.34 allows remote attackers to execute arbitrary SQL commands via the (1) cal_id parameter, and possibly the (2) Y and (3) m parameters. | ||||
| CVE-1999-1296 | 1 Mit | 1 Kerberos 5 | 2026-04-16 | N/A |
| Buffer overflow in Kerberos IV compatibility libraries as used in Kerberos V allows local users to gain root privileges via a long line in a kerberos configuration file, which can be specified via the KRB_CONF environmental variable. | ||||
| CVE-2005-4086 | 1 Sugarcrm | 1 Sugar Suite | 2026-04-16 | N/A |
| Directory traversal vulnerability in acceptDecline.php in Sugar Suite Open Source Customer Relationship Management (SugarCRM) 4.0 beta and earlier allows remote attackers to include arbitrary local files via ".." sequences in the beanFiles array parameter. | ||||
| CVE-1999-1299 | 2 Redhat, Slackware | 2 Linux, Slackware Linux | 2026-04-16 | N/A |
| rcp on various Linux systems including Red Hat 4.0 allows a "nobody" user or other user with UID of 65535 to overwrite arbitrary files, since 65535 is interpreted as -1 by chown and other system calls, which causes the calls to fail to modify the ownership of the file. | ||||
| CVE-2004-1786 | 1 Iatek | 1 Portalapp | 2026-04-16 | N/A |
| PortalApp places user credentials under the web root with insufficient access control, which allows remote attackers to gain access to sensitive information via a direct request to 8275.mdb. | ||||
| CVE-2005-1418 | 1 Netleaf Limited | 1 Notjustbrowsing | 2026-04-16 | N/A |
| NetLeaf Limited NotJustBrowsing 1.0.3 stores the View Lock Password in plaintext in the notjustbrowsing.prf file, which allows local users to gain privileges. | ||||
| CVE-2004-1791 | 1 Edimax | 1 Full Rate Adsl Router | 2026-04-16 | N/A |
| The web management interface in Edimax AR-6004 ADSL Routers uses a default administrator name and password, which also appear as the default login text for the management interface, which allows remote attackers to gain access. | ||||
| CVE-1999-1335 | 1 Redhat | 1 Linux | 2026-04-16 | N/A |
| snmpd server in cmu-snmp SNMP package before 3.3-1 in Red Hat Linux 4.0 is configured to allow remote attackers to read and write sensitive information. | ||||
| CVE-1999-1344 | 1 Auto Ftp | 1 Auto Ftp | 2026-04-16 | N/A |
| Auto_FTP.pl script in Auto_FTP 0.2 stores usernames and passwords in plaintext in the auto_ftp.conf configuration file. | ||||
| CVE-2005-4248 | 1 Quickpaypro | 1 Quickpaypro | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in QuickPayPro 3.1 allow remote attackers to inject arbitrary web script or HTML via various fields, such as those in (1) communication/subscribers.tracking.add.php, (2) support/tickets.add.php, and (3) mycompany/categories.php. | ||||
| CVE-2004-1798 | 1 Realnetworks | 3 Realone Enterprise Desktop, Realone Player, Realplayer | 2026-04-16 | N/A |
| RealOne player 6.0.11.868 allows remote attackers to execute arbitrary script in the "My Computer" zone via a Synchronized Multimedia Integration Language (SMIL) presentation with a "file:javascript:" URL, which is executed in the security context of the previously loaded URL, a different vulnerability than CVE-2003-0726. | ||||
| CVE-1999-1363 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| Windows NT 3.51 and 4.0 allow local users to cause a denial of service (crash) by running a program that creates a large number of locks on a file, which exhausts the NonPagedPool. | ||||
| CVE-2005-4350 | 1 Sun | 1 Wbem Services | 2026-04-16 | N/A |
| Unspecified vulnerability in WBEM Services A.01.x before A.01.05.12 and A.02.x before A.02.00.08 on HP-UX B.11.00 through B.11.23 allows remote attackers to cause an unspecified denial of service via unknown attack vectors. | ||||
| CVE-1999-1367 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| Internet Explorer 5.0 does not properly reset the username/password cache for Web sites that do not use standard cache controls, which could allow users on the same system to access restricted web sites that were visited by other users. | ||||
| CVE-2001-1296 | 1 Marc Logemann | 1 More.groupware | 2026-04-16 | N/A |
| More.groupware PHP script allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable. | ||||