Total
29947 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-0897 | 1 Magicscripts | 1 E-store Kit-2 | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in catalog.php in E-Store Kit-2 PayPal Edition allows remote attackers to execute arbitrary PHP code by modifying the menu and main parameters to reference a URL on a remote web server that contains the code. | ||||
| CVE-2005-2020 | 1 3com | 1 3c15100d | 2026-04-16 | N/A |
| Directory traversal vulnerability in the web server for 3Com Network Supervisor 5.0.2 allows remote attackers to read arbitrary files via ".." sequences in the URL to TCP port 21700. | ||||
| CVE-1999-0319 | 2026-04-16 | N/A | ||
| Buffer overflow in xmcd 2.1 allows local users to gain access through a user resource setting. | ||||
| CVE-1999-0402 | 1 Gnu | 1 Wget | 2026-04-16 | N/A |
| wget 1.5.3 follows symlinks to change permissions of the target file instead of the symlink itself. | ||||
| CVE-2005-0832 | 1 Php-post | 1 Php-post Web Forum | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in PHP-Post before 0.33 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | ||||
| CVE-1999-0418 | 2026-04-16 | N/A | ||
| Denial of service in SMTP applications such as Sendmail, when a remote attacker (e.g. spammer) uses many "RCPT TO" commands in the same connection. | ||||
| CVE-2004-0204 | 4 Bea, Borland Software, Businessobjects and 1 more | 9 Weblogic Server, J Builder, Crystal Enterprise and 6 more | 2026-04-16 | N/A |
| Directory traversal vulnerability in the web viewers for Business Objects Crystal Reports 9 and 10, and Crystal Enterprise 9 or 10, as used in Visual Studio .NET 2003 and Outlook 2003 with Business Contact Manager, Microsoft Business Solutions CRM 1.2, and other products, allows remote attackers to read and delete arbitrary files via ".." sequences in the dynamicimag argument to crystalimagehandler.aspx. | ||||
| CVE-2005-0842 | 1 Kayako | 1 Esupport | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Kayako eSupport 2.3 allows remote attackers to inject arbitrary web script or HTML via the (1) _i or (2) _c parameter. | ||||
| CVE-2005-2257 | 1 Phpslash | 1 Phpslash | 2026-04-16 | N/A |
| The saveProfile function in PhpSlash 0.8.0 allows remote attackers to modify arbitrary profiles and gain privileges by modifying the author_id parameter. | ||||
| CVE-1999-0420 | 1 Netbsd | 1 Umapfs | 2026-04-16 | N/A |
| umapfs allows local users to gain root privileges by changing their uid through a malicious mount_umap program. | ||||
| CVE-2001-1034 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| Format string vulnerability in Hylafax on FreeBSD allows local users to execute arbitrary code via format specifiers in the -h hostname argument for (1) faxrm or (2) faxalter. | ||||
| CVE-1999-0505 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2026-04-16 | N/A |
| A Windows NT domain user or administrator account has a guessable password. | ||||
| CVE-1999-0507 | 2026-04-16 | N/A | ||
| An account on a router, firewall, or other network device has a guessable password. | ||||
| CVE-1999-0510 | 2026-04-16 | N/A | ||
| A router or firewall allows source routed packets from arbitrary hosts. | ||||
| CVE-2005-0903 | 1 Apple | 1 Quicktime Pictureviewer | 2026-04-16 | N/A |
| Buffer overflow in QuickTime PictureViewer 6.5.1 allows remote attackers to cause a denial of service (application crash) via a JPEG file with crafted Huffman Table (marker DHT) data. | ||||
| CVE-2005-2021 | 1 Cpanel | 1 Cpanel | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in cPanel 9.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the user parameter in the login page. | ||||
| CVE-1999-0583 | 2026-04-16 | N/A | ||
| There is a one-way or two-way trust relationship between Windows NT domains. | ||||
| CVE-1999-0584 | 2026-04-16 | N/A | ||
| A Windows NT file system is not NTFS. | ||||
| CVE-1999-0585 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2026-04-16 | N/A |
| A Windows NT administrator account has the default name of Administrator. | ||||
| CVE-2004-0215 | 2 Avaya, Microsoft | 5 Definity One Media Server, Ip600 Media Servers, Modular Messaging Message Storage Server and 2 more | 2026-04-16 | N/A |
| Microsoft Outlook Express 5.5 and 6 allows attackers to cause a denial of service (application crash) via a malformed e-mail header. | ||||