Filtered by NVD-CWE-Other
Total 29947 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2005-0651 1 Projectbb 1 Projectbb 2026-04-16 N/A
Multiple SQL injection vulnerabilities in ProjectBB 0.4.5.1 allow remote attackers to execute arbitrary SQL commands via (1) liste or (2) desc parameters to divers.php (incorrectly referred to as "drivers.php" by some sources), (3) the search feature text area, (4) post name in the post creation feature, (5) City, (6) Homepage, (7) ICQ, (8) AOL, (9) Yahoo!, (10) MSN, or (11) e-mail fields in the profile feature or (12) the new field in the moderator section.
CVE-2005-2569 1 Funkboard 1 Funkboard 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in FunkBoard 0.66CF, and possibly earlier versions, allow remote attackers to inject arbitrary web script or HTML via the fbusername or fbpassword parameter to (1) editpost.php, (2) prefs.php, (3) newtopic.php, (4) reply.php, or (5) profile.php, the (6) fbusername, (7) fmail, (8) www, (9) icq, (10) yim, (11) location, (12) sex, (13) interebbies, (14) sig or (15) aim parameter to register.php, or (16) subject parameter to newtopic.php.
CVE-2005-1449 1 S9y 1 Serendipity 2026-04-16 N/A
Unknown vulnerability in serendipity_config_local.inc.php for Serendipity before 0.8 has unknown impact.
CVE-2004-0729 1 Phpbb Group 1 Phpbb 2026-04-16 N/A
PhpBB 2.0.8 allows remote attackers to gain sensitive information via an invalid (1) category_rows parameter to index.php, (2) faq parameter to faq.php, or (3) ranksrow parameter to profile.php, which reveal the full path in an error message.
CVE-2004-0807 6 Conectiva, Mandrakesoft, Redhat and 3 more 6 Linux, Mandrake Linux, Enterprise Linux and 3 more 2026-04-16 N/A
Samba 3.0.6 and earlier allows remote attackers to cause a denial of service (infinite loop and memory exhaustion) via certain malformed requests that cause new processes to be spawned and enter an infinite loop.
CVE-2004-0761 2 Mozilla, Redhat 4 Firefox, Mozilla, Thunderbird and 1 more 2026-04-16 N/A
Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote attackers to use certain redirect sequences to spoof the security lock icon that makes a web page appear to be encrypted.
CVE-2004-0754 2 Redhat, Rob Flynn 2 Enterprise Linux, Gaim 2026-04-16 N/A
Integer overflow in Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the size variable in Groupware server messages.
CVE-2004-0736 1 Francisco Burzi 1 Php-nuke 2026-04-16 N/A
The search module in Php-Nuke allows remote attackers to gain sensitive information via the (1) "**" or (2) "+" search patterns, which reveals the path in an error message.
CVE-2004-0728 1 Microsoft 1 Systems Management Server 2026-04-16 N/A
The Remote Control Client service in Microsoft's Systems Management Server (SMS) 2.50.2726.0 allows remote attackers to cause a denial of service (crash) via a data packet to TCP port 2702 that causes the server to read or write to an invalid memory address.
CVE-2003-0349 1 Microsoft 1 Windows 2000 2026-04-16 N/A
Buffer overflow in the streaming media component for logging multicast requests in the ISAPI for the logging capability of Microsoft Windows Media Services (nsiislog.dll), as installed in IIS 5.0, allows remote attackers to execute arbitrary code via a large POST request to nsiislog.dll.
CVE-2004-0714 1 Cisco 3 Ios, Ons 15454e Optical Transport Platform, Optical Networking Systems Software 2026-04-16 N/A
Cisco Internetwork Operating System (IOS) 12.0S through 12.3T attempts to process SNMP solicited operations on improper ports (UDP 162 and a randomly chosen UDP port), which allows remote attackers to cause a denial of service (device reload and memory corruption).
CVE-2004-0712 1 Bea 1 Weblogic Server 2026-04-16 N/A
The configuration tools (1) config.sh in Unix or (2) config.cmd in Windows for BEA WebLogic Server 8.1 through SP2 create a log file that contains the administrative username and password in cleartext, which could allow local users to gain privileges.
CVE-2004-0710 1 Cisco 1 Ios 2026-04-16 N/A
IP Security VPN Services Module (VPNSM) in Cisco Catalyst 6500 Series Switch and the Cisco 7600 Series Internet Routers running IOS before 12.2(17b)SXA, before 12.2(17d)SXB, or before 12.2(14)SY03 could allow remote attackers to cause a denial of service (device crash and reload) via a malformed Internet Key Exchange (IKE) packet.
CVE-2003-0695 2 Openbsd, Redhat 3 Openssh, Enterprise Linux, Linux 2026-04-16 N/A
Multiple "buffer management errors" in OpenSSH before 3.7.1 may allow attackers to cause a denial of service or execute arbitrary code using (1) buffer_init in buffer.c, (2) buffer_free in buffer.c, or (3) a separate function in channels.c, a different vulnerability than CVE-2003-0693.
CVE-2003-0987 2 Apache, Redhat 4 Http Server, Enterprise Linux, Rhel Stronghold and 1 more 2026-04-16 N/A
mod_digest for Apache before 1.3.31 does not properly verify the nonce of a client response by using a AuthNonce secret.
CVE-2000-0191 1 Axis 1 Storpoint Cd 2026-04-16 N/A
Axis StorPoint CD allows remote attackers to access administrator URLs without authentication via a .. (dot dot) attack.
CVE-2002-0566 1 Oracle 4 Application Server, Application Server Web Cache, Oracle8i and 1 more 2026-04-16 N/A
PL/SQL module 3.0.9.8.2 in Oracle 9i Application Server 1.0.2.x allows remote attackers to cause a denial of service (crash) via an HTTP Authorization header without an authentication type.
CVE-2004-0116 1 Microsoft 3 Windows 2000, Windows 2003 Server, Windows Xp 2026-04-16 N/A
An Activation function in the RPCSS Service involved with DCOM activation for Microsoft Windows 2000, XP, and 2003 allows remote attackers to cause a denial of service (memory consumption) via an activation request with a large length field.
CVE-2002-1219 3 Freebsd, Isc, Openbsd 3 Freebsd, Bind, Openbsd 2026-04-16 N/A
Buffer overflow in named in BIND 4 versions 4.9.10 and earlier, and 8 versions 8.3.3 and earlier, allows remote attackers to execute arbitrary code via a certain DNS server response containing SIG resource records (RR).
CVE-2006-4957 1 The Myreview System 1 Myreview 2026-04-16 N/A
SQL injection vulnerability in the GetMember function in functions.php in MyReview 1.9.4 allows remote attackers to execute arbitrary SQL commands via the email parameter to Admin.php.