Filtered by NVD-CWE-Other
Total 29947 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-1999-0639 2026-04-16 N/A
The chargen service is running.
CVE-2005-4642 1 Hydrobb 1 Hydrobb 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in HydroBB 1.0.0 Beta 2 allow remote attackers to inject arbitrary web script or HTML via the s parameter to (1) search.php, (2) members.php, (3) stats.php, (4) viewforum.php, (5) register.php, (6) usercp.php, (7) groups.php, (8) pms.php, and (9) calendar.php.
CVE-1999-0640 2026-04-16 N/A
The Gopher service is running.
CVE-2004-0666 1 Popclient 1 Popclient 2026-04-16 N/A
Off-by-one error in the POP3_readmsg function in popclient 3.0b6 allows remote attackers to cause a denial of service (application crash) via an e-mail message with a certain line length, which leads to a buffer overflow.
CVE-2005-3376 1 Kaspersky Lab 1 Kaspersky Anti-virus 2026-04-16 N/A
Multiple interpretation error in Kaspersky 5.0.372 allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a dangerous file type by applications on the end system, as demonstrated by a "triple headed" program that contains EXE, EML, and HTML content, aka the "magic byte bug."
CVE-2004-0660 1 Cutephp 1 Cutenews 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in (1) show_archives.php, (2) show_news.php, and possibly other php files in CuteNews 1.3.1 allows remote attackers to inject arbitrary script or HTML via the id parameter.
CVE-2004-0662 1 Powerportal 1 Powerportal 2026-04-16 N/A
PowerPortal 1.x allows remote attackers to gain sensitive information via invalid or missing parameters in HTTP requests to (1) resize.php or (2) modules.php, which reveals the path in an error message.
CVE-2004-0664 1 Powerportal 1 Powerportal 2026-04-16 N/A
Directory traversal vulnerability in modules.php in PowerPortal 1.x allows remote attackers to list arbitrary directories via a .. (dot dot) in the files parameter.
CVE-1999-0662 2026-04-16 N/A
A system-critical program or library does not have the appropriate patch, hotfix, or service pack installed, or is outdated or obsolete.
CVE-2006-3640 1 Microsoft 2 Ie, Internet Explorer 2026-04-16 N/A
Microsoft Internet Explorer 5.01 and 6 allows certain script to persist across navigations between pages, which allows remote attackers to obtain the window location of visited web pages in other domains or zones, aka "Window Location Information Disclosure Vulnerability."
CVE-2004-0707 1 Mozilla 1 Bugzilla 2026-04-16 N/A
SQL injection vulnerability in editusers.cgi in Bugzilla 2.16.x before 2.16.6, and 2.18 before 2.18rc1, allows remote attackers with privileges to grant membership to any group to execute arbitrary SQL.
CVE-2004-2462 1 Cplay 1 Cplay 2026-04-16 N/A
cplay 1.49 on Linux allows local users to overwrite arbitrary files via a symlink attack on the cplay_control temporary file.
CVE-1999-0663 2026-04-16 N/A
A system-critical program, library, or file has a checksum or other integrity measurement that indicates that it has been modified.
CVE-2005-2415 1 Astalavista It Engineering 1 Contrexx 2026-04-16 N/A
Multiple SQL injection vulnerabilities in Contrexx before 1.0.5 allow remote attackers to execute arbitrary SQL commands via the (1) value parameter to the poll module or (2) pId parameter to the gallery module.
CVE-2001-1197 1 Kde 1 Kdeutils 2026-04-16 N/A
klprfax_filter in KDE2 KDEUtils allows local users to overwrite arbitrary files via a symlink attack on the klprfax.filter temporary file.
CVE-2005-4661 1 Campware.org 1 Campsite 2026-04-16 N/A
The notifyendsubs cron job in Campsite before 2.3.3 sends an e-mail message containing a certain unencrypted MySQL password, which allows remote attackers to sniff the password.
CVE-2004-0720 1 Apple 1 Safari 2026-04-16 N/A
Safari 1.2.2 does not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability.
CVE-2005-4662 1 Ocomon 1 Ocomon 2026-04-16 N/A
Multiple SQL injection vulnerabilities in OcoMon 1.20, and possibly earlier versions, allow remote attackers to execute arbitrary SQL commands via unknown attack vectors in an unspecified input form, a different vulnerability than CVE-2005-4664.
CVE-2006-1990 2 Php, Redhat 3 Php, Enterprise Linux, Rhel Stronghold 2026-04-16 N/A
Integer overflow in the wordwrap function in string.c in PHP 4.4.2 and 5.1.2 might allow context-dependent attackers to execute arbitrary code via certain long arguments that cause a small buffer to be allocated, which triggers a heap-based buffer overflow in a memcpy function call, a different vulnerability than CVE-2002-1396.
CVE-2004-0745 2 Redhat, Tsugio Okamoto 2 Enterprise Linux, Lha 2026-04-16 N/A
LHA 1.14 and earlier allows attackers to execute arbitrary commands via a directory with shell metacharacters in its name.