Filtered by NVD-CWE-Other
Total 29947 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2004-0679 1 Unreal 1 Unrealircd 2026-04-16 N/A
The IP cloaking feature (cloak.c) in UnrealIRCd 3.2, and possibly other versions, uses a weak hashing scheme to hide IP addresses, which could allow remote attackers to use brute force methods to gain other user's IP addresses.
CVE-2006-1534 1 Null News 1 Null News 2026-04-16 N/A
Multiple SQL injection vulnerabilities in Null news allow remote attackers to execute arbitrary SQL commands via (1) the user_email parameter in (a) lostpass.php, and the (2) user_email and (3) user_username parameters in (b) sub.php and (c) unsub.php.
CVE-2002-2037 1 Cisco 5 Bams, Pgw 2200, Sc2200 and 2 more 2026-04-16 N/A
The Cisco Media Gateway Controller (MGC) in (1) SC2200 7.4 and earlier, (2) VSC3000 9.1 and earlier, (3) PGW 2200 9.1 and earlier, (4) Billing and Management Server (BAMS) and (5) Voice Services Provisioning Tool (VSPT) runs on default installations of Solaris 2.6 with unnecessary services and without the latest security patches, which allows attackers to exploit known vulnerabilities.
CVE-2006-2147 1 Resmgr 1 Resmgrd 2026-04-16 N/A
resmgrd in resmgr for SUSE Linux and other distributions does not properly handle when access to a USB device is granted by using "usb:<bus>,<dev>" notation, which grants access to all USB devices and allows local users to bypass intended restrictions. NOTE: this is a different vulnerability than CVE-2005-4788.
CVE-2005-4618 1 Linux 1 Linux Kernel 2026-04-16 N/A
Buffer overflow in sysctl in the Linux Kernel 2.6 before 2.6.15 allows local users to corrupt user memory and possibly cause a denial of service via a long string, which causes sysctl to write a zero byte outside the buffer. NOTE: since the sysctl is called from a userland program that provides the argument, this might not be a vulnerability, unless a legitimate user-assisted or setuid scenario can be identified.
CVE-2006-2155 1 Emc 1 Retrospect 2026-04-16 N/A
EMC Retrospect for Windows 6.5 before 6.5.382, 7.0 before 7.0.344, and 7.5 before 7.5.1.105 allows local users to execute arbitrary code by replacing the Retrospect.exe file, possibly due to improper file permissions.
CVE-2005-4622 1 Efilego 1 Efilego 2026-04-16 N/A
Directory traversal vulnerability in eFileGo 3.01 allows remote attackers to execute arbitrary code, read arbitrary files, and upload arbitrary files via a ... (triple dot) in (1) the URL on port 608 and (2) the argument to upload.exe.
CVE-2002-2045 1 Xqus 1 X-stat 2026-04-16 N/A
x_stat_admin.php in x-stat 2.3 and earlier allows remote attackers to (1) execute PHP commands such as phpinfo or (2) obtain the full path of the web server via an invalid action parameter, which leaks the pathname in an error message.
CVE-2004-0734 1 Extropia 1 Extropia Webstore 2026-04-16 N/A
Web_Store.cgi allows remote attackers to execute arbitrary commands via shell metacharacters in the page parameter.
CVE-2006-2158 1 Stadtaus 1 Guestbook Script 2026-04-16 N/A
Dynamic variable evaluation vulnerability in index.php in Stadtaus Guestbook Script 1.7 and earlier, when register_globals is enabled, allows remote attackers to modify arbitrary program variables via parameters, which are evaluated as PHP variable variables, as demonstrated by performing PHP remote file inclusion using the include_files array parameter.
CVE-2004-0741 1 Lionmax Software 1 Www File Share Pro 2026-04-16 N/A
LionMax Software WWW File Share Pro 2.60 allows remote attackers to cause a denial of service (crash or hang) via a long URL, possibly triggering a buffer overflow.
CVE-2004-0764 2 Mozilla, Redhat 4 Firefox, Mozilla, Thunderbird and 1 more 2026-04-16 N/A
Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote web sites to hijack the user interface via the "chrome" flag and XML User Interface Language (XUL) files.
CVE-2005-4631 1 Ryan Lath 1 Zina 2026-04-16 N/A
SQL injection vulnerability in index.php in Zina 0.12.07 and earlier allows remote attackers to execute arbitrary SQL commands via the p parameter.
CVE-2002-2074 1 Erwin Lansing 1 Mailidx 2026-04-16 N/A
SQL injection vulnerability in Mailidx before 20020105 allows remote attackers to execute arbitrary SQL commands via the search web page.
CVE-2005-4643 1 Antharia 1 Oncontent Cms 2026-04-16 N/A
SQL injection vulnerability in index.php in Antharia OnContent // CMS allows remote attackers to execute arbitrary SQL commands via the pid parameter. NOTE: it is not clear, but this might be an application service provider, in which case it might be excluded from CVE.
CVE-2006-2163 1 Desert Dog Software 1 Pinnacle Cart 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in index.php in Pinnacle Cart 3.33 and earlier allows remote attackers to inject arbitrary web script or HTML via the setbackurl parameter.
CVE-2002-2093 1 Sgi 1 Irix 2026-04-16 N/A
The Video Control Panel on SGI O2/IRIX 6.5, when the Default Input is set to "Output Video", allows attackers to access a console session by running videoout then videoin.
CVE-2006-2168 1 Fileprotection Express 1 Fileprotection Express 2026-04-16 N/A
FileProtection Express 1.0.1 and earlier allows remote attackers to bypass authentication via a cookie with an Admin value of 1.
CVE-2002-2116 1 Netgear 2 Rm356, Rt338 2026-04-16 N/A
Netgear RM-356 and RT-338 series SOHO routers allow remote attackers to cause a denial of service (crash) via a UDP port scan, as demonstrated using nmap.
CVE-2005-4652 1 Phlymail 1 Phlymail 2026-04-16 N/A
SQL injection vulnerability in PHlyMail 3.02.01 allows remote attackers to execute arbitrary SQL commands via unknown attack vectors.