Total
29947 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-0701 | 1 Imagevue | 1 Imagevue | 2026-04-16 | N/A |
| readfolder.php in imageVue 16.1 allows remote attackers to list directories via modified path and ext parameters. | ||||
| CVE-2006-1895 | 1 Phpbb Group | 1 Phpbb | 2026-04-16 | N/A |
| Direct static code injection vulnerability in includes/template.php in phpBB allows remote authenticated users with write access to execute arbitrary PHP code by modifying a template in a way that (1) bypasses a loose ".*" regular expression to match BEGIN and END statements in overall_header.tpl, or (2) is used in an eval statement by includes/bbcode.php for bbcode.tpl. | ||||
| CVE-2006-2290 | 1 Www.goel.ch | 1 2005-comments-script | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in kommentar.php in 2005-Comments-Script allow remote attackers to inject arbitrary web script or HTML via the (1) id, (2) email, and (3) url parameter. | ||||
| CVE-2001-1290 | 1 Active Web Suite Technologies | 1 Active Classifieds | 2026-04-16 | N/A |
| admin.cgi in Active Classifieds Free Edition 1.0, and possibly commercial versions, allows remote attackers to modify the configuration, gain privileges, and execute arbitrary Perl code via the table_width parameter. | ||||
| CVE-2003-0167 | 1 Mutt | 1 Mutt | 2026-04-16 | N/A |
| Multiple off-by-one buffer overflows in the IMAP capability for Mutt 1.3.28 and earlier, and Balsa 1.2.4 and earlier, allow a remote malicious IMAP server to cause a denial of service (crash) and possibly execute arbitrary code via a specially crafted mail folder, a different vulnerability than CVE-2003-0140. | ||||
| CVE-2003-0168 | 1 Apple | 1 Quicktime | 2026-04-16 | N/A |
| Buffer overflow in Apple QuickTime Player 5.x and 6.0 for Windows allows remote attackers to execute arbitrary code via a long QuickTime URL. | ||||
| CVE-2006-0703 | 1 Imagevue | 1 Imagevue | 2026-04-16 | N/A |
| Unspecified vulnerability in index.php in imageVue 16.1 has unknown impact, probably a cross-site scripting (XSS) vulnerability involving the query string that is not quoted when inserted into style and body tags, as demonstrated using a bgcol parameter. | ||||
| CVE-2003-0169 | 1 Hp | 1 Instant Toptools | 2026-04-16 | N/A |
| hpnst.exe in the GoAhead-Webs webserver for HP Instant TopTools before 5.55 allows remote attackers to cause a denial of service (CPU consumption) via a request to hpnst.exe that calls itself, which causes an infinite loop. | ||||
| CVE-2001-1293 | 1 3com | 1 3cr29223 | 2026-04-16 | N/A |
| Buffer overflow in web server of 3com HomeConnect Cable Modem External with USB (#3CR29223) allows remote attackers to cause a denial of service (crash) via a long HTTP request. | ||||
| CVE-2003-0170 | 1 Ibm | 1 Aix | 2026-04-16 | N/A |
| Unknown vulnerability in ftpd in IBM AIX 5.2, when configured to use Kerberos 5 for authentication, allows remote attackers to gain privileges via unknown attack vectors. | ||||
| CVE-2002-1614 | 1 Hp | 2 Hp-ux, Tru64 | 2026-04-16 | N/A |
| Buffer overflow in HP Tru64 UNIX allows local users to execute arbitrary code via a long argument to /usr/bin/at. | ||||
| CVE-2003-0172 | 1 Php | 1 Php | 2026-04-16 | N/A |
| Buffer overflow in openlog function for PHP 4.3.1 on Windows operating system, and possibly other OSes, allows remote attackers to cause a crash and possibly execute arbitrary code via a long filename argument. | ||||
| CVE-2003-0173 | 2 Sgi, Xfsdump | 2 Irix, Xfsdump | 2026-04-16 | N/A |
| xfsdq in xfsdump does not create quota information files securely, which allows local users to gain root privileges. | ||||
| CVE-2001-1297 | 1 Actionpoll | 1 Actionpoll | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in Actionpoll PHP script before 1.1.2 allows remote attackers to execute arbitrary PHP code via a URL in the includedir parameter. | ||||
| CVE-2006-0704 | 1 Ie | 1 Ie Integrator | 2026-04-16 | N/A |
| iE Integrator 4.4.220114, when configured without a "bespoke error page" in acm.ini, allows remote attackers to obtain sensitive information via a URL that calls a non-existent .aspx script in the integrator/apps directory, which results in an error message that displays the installation path, web server name, IP, and port, session cookie information, and the IIS system username. | ||||
| CVE-2006-1897 | 1 Talentsoft | 1 Web\+ Shop | 2026-04-16 | N/A |
| Webplus (aka talentsoft) Web+Shop 5.3.6, when Redirect URL for "Script Not Found" Error is not configured, allows remote attackers to obtain sensitive information via a quote (') or possibly other invalid value in the storeid parameter in store.wml in webplus.exe, which reveals the path in a "Script Not Found" error message. | ||||
| CVE-2001-1307 | 1 Sun | 1 Iplanet Directory Server | 2026-04-16 | N/A |
| Buffer overflows in iPlanet Directory Server 4.1.4 and earlier (LDAP) allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite. | ||||
| CVE-2003-0177 | 1 Sgi | 1 Irix | 2026-04-16 | N/A |
| SGI IRIX 6.5.x through 6.5.20f, and possibly earlier versions, does not follow "-" entries in the /etc/group file, which may cause subsequent group membership entries to be processed inadvertently. | ||||
| CVE-2003-0178 | 1 Ibm | 1 Lotus Domino Web Server | 2026-04-16 | N/A |
| Multiple buffer overflows in Lotus Domino Web Server before 6.0.1 allow remote attackers to cause a denial of service or execute arbitrary code via (1) the s_ViewName option in the PresetFields parameter for iNotes, (2) the Foldername option in the PresetFields parameter for iNotes, or (3) a long Host header, which is inserted into a long Location header and used during a redirect operation. | ||||
| CVE-2001-1311 | 1 Ibm | 1 Lotus Domino R5 | 2026-04-16 | N/A |
| Buffer overflows in Lotus Domino R5 before R5.0.7a allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite. | ||||