Total
29947 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-0679 | 1 Unreal | 1 Unrealircd | 2026-04-16 | N/A |
| The IP cloaking feature (cloak.c) in UnrealIRCd 3.2, and possibly other versions, uses a weak hashing scheme to hide IP addresses, which could allow remote attackers to use brute force methods to gain other user's IP addresses. | ||||
| CVE-2006-1534 | 1 Null News | 1 Null News | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Null news allow remote attackers to execute arbitrary SQL commands via (1) the user_email parameter in (a) lostpass.php, and the (2) user_email and (3) user_username parameters in (b) sub.php and (c) unsub.php. | ||||
| CVE-2002-2037 | 1 Cisco | 5 Bams, Pgw 2200, Sc2200 and 2 more | 2026-04-16 | N/A |
| The Cisco Media Gateway Controller (MGC) in (1) SC2200 7.4 and earlier, (2) VSC3000 9.1 and earlier, (3) PGW 2200 9.1 and earlier, (4) Billing and Management Server (BAMS) and (5) Voice Services Provisioning Tool (VSPT) runs on default installations of Solaris 2.6 with unnecessary services and without the latest security patches, which allows attackers to exploit known vulnerabilities. | ||||
| CVE-2006-2147 | 1 Resmgr | 1 Resmgrd | 2026-04-16 | N/A |
| resmgrd in resmgr for SUSE Linux and other distributions does not properly handle when access to a USB device is granted by using "usb:<bus>,<dev>" notation, which grants access to all USB devices and allows local users to bypass intended restrictions. NOTE: this is a different vulnerability than CVE-2005-4788. | ||||
| CVE-2005-4618 | 1 Linux | 1 Linux Kernel | 2026-04-16 | N/A |
| Buffer overflow in sysctl in the Linux Kernel 2.6 before 2.6.15 allows local users to corrupt user memory and possibly cause a denial of service via a long string, which causes sysctl to write a zero byte outside the buffer. NOTE: since the sysctl is called from a userland program that provides the argument, this might not be a vulnerability, unless a legitimate user-assisted or setuid scenario can be identified. | ||||
| CVE-2006-2155 | 1 Emc | 1 Retrospect | 2026-04-16 | N/A |
| EMC Retrospect for Windows 6.5 before 6.5.382, 7.0 before 7.0.344, and 7.5 before 7.5.1.105 allows local users to execute arbitrary code by replacing the Retrospect.exe file, possibly due to improper file permissions. | ||||
| CVE-2005-4622 | 1 Efilego | 1 Efilego | 2026-04-16 | N/A |
| Directory traversal vulnerability in eFileGo 3.01 allows remote attackers to execute arbitrary code, read arbitrary files, and upload arbitrary files via a ... (triple dot) in (1) the URL on port 608 and (2) the argument to upload.exe. | ||||
| CVE-2002-2045 | 1 Xqus | 1 X-stat | 2026-04-16 | N/A |
| x_stat_admin.php in x-stat 2.3 and earlier allows remote attackers to (1) execute PHP commands such as phpinfo or (2) obtain the full path of the web server via an invalid action parameter, which leaks the pathname in an error message. | ||||
| CVE-2004-0734 | 1 Extropia | 1 Extropia Webstore | 2026-04-16 | N/A |
| Web_Store.cgi allows remote attackers to execute arbitrary commands via shell metacharacters in the page parameter. | ||||
| CVE-2006-2158 | 1 Stadtaus | 1 Guestbook Script | 2026-04-16 | N/A |
| Dynamic variable evaluation vulnerability in index.php in Stadtaus Guestbook Script 1.7 and earlier, when register_globals is enabled, allows remote attackers to modify arbitrary program variables via parameters, which are evaluated as PHP variable variables, as demonstrated by performing PHP remote file inclusion using the include_files array parameter. | ||||
| CVE-2004-0741 | 1 Lionmax Software | 1 Www File Share Pro | 2026-04-16 | N/A |
| LionMax Software WWW File Share Pro 2.60 allows remote attackers to cause a denial of service (crash or hang) via a long URL, possibly triggering a buffer overflow. | ||||
| CVE-2004-0764 | 2 Mozilla, Redhat | 4 Firefox, Mozilla, Thunderbird and 1 more | 2026-04-16 | N/A |
| Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote web sites to hijack the user interface via the "chrome" flag and XML User Interface Language (XUL) files. | ||||
| CVE-2005-4631 | 1 Ryan Lath | 1 Zina | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php in Zina 0.12.07 and earlier allows remote attackers to execute arbitrary SQL commands via the p parameter. | ||||
| CVE-2002-2074 | 1 Erwin Lansing | 1 Mailidx | 2026-04-16 | N/A |
| SQL injection vulnerability in Mailidx before 20020105 allows remote attackers to execute arbitrary SQL commands via the search web page. | ||||
| CVE-2005-4643 | 1 Antharia | 1 Oncontent Cms | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php in Antharia OnContent // CMS allows remote attackers to execute arbitrary SQL commands via the pid parameter. NOTE: it is not clear, but this might be an application service provider, in which case it might be excluded from CVE. | ||||
| CVE-2006-2163 | 1 Desert Dog Software | 1 Pinnacle Cart | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Pinnacle Cart 3.33 and earlier allows remote attackers to inject arbitrary web script or HTML via the setbackurl parameter. | ||||
| CVE-2002-2093 | 1 Sgi | 1 Irix | 2026-04-16 | N/A |
| The Video Control Panel on SGI O2/IRIX 6.5, when the Default Input is set to "Output Video", allows attackers to access a console session by running videoout then videoin. | ||||
| CVE-2006-2168 | 1 Fileprotection Express | 1 Fileprotection Express | 2026-04-16 | N/A |
| FileProtection Express 1.0.1 and earlier allows remote attackers to bypass authentication via a cookie with an Admin value of 1. | ||||
| CVE-2002-2116 | 1 Netgear | 2 Rm356, Rt338 | 2026-04-16 | N/A |
| Netgear RM-356 and RT-338 series SOHO routers allow remote attackers to cause a denial of service (crash) via a UDP port scan, as demonstrated using nmap. | ||||
| CVE-2005-4652 | 1 Phlymail | 1 Phlymail | 2026-04-16 | N/A |
| SQL injection vulnerability in PHlyMail 3.02.01 allows remote attackers to execute arbitrary SQL commands via unknown attack vectors. | ||||