Total
29947 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-4497 | 1 Iwebnegar | 1 Iwebnegar | 2026-04-16 | N/A |
| SQL injection vulnerability in comments.php in IwebNegar 1.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2001-0151 | 1 Microsoft | 1 Internet Information Services | 2026-04-16 | N/A |
| IIS 5.0 allows remote attackers to cause a denial of service via a series of malformed WebDAV requests. | ||||
| CVE-2002-0968 | 1 Analogx | 1 Simpleserver Www | 2026-04-16 | N/A |
| Buffer overflow in AnalogX SimpleServer:WWW 1.16 and earlier allows remote attackers to cause a denial of service (crash) and execute code via a long HTTP request method name. | ||||
| CVE-2006-0985 | 1 Wordpress | 1 Wordpress | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the "post comment" functionality of WordPress 2.0.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) website, and (3) comment parameters. | ||||
| CVE-2005-0124 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2026-04-16 | N/A |
| The coda_pioctl function in the coda functionality (pioctl.c) for Linux kernel 2.6.9 and 2.4.x before 2.4.29 may allow local users to cause a denial of service (crash) or execute arbitrary code via negative vi.in_size or vi.out_size values, which may trigger a buffer overflow. | ||||
| CVE-2006-3022 | 1 Fipsasp | 1 Fipsgallery | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in zoom.php in fipsGallery 1.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the path parameter. | ||||
| CVE-2005-1528 | 1 Qnx | 1 Rtos | 2026-04-16 | N/A |
| Untrusted search path vulnerability in the crttrap command in QNX Neutrino RTOS 6.2.1 allows local users to load arbitrary libraries via a LD_LIBRARY_PATH environment variable that references a malicious library. | ||||
| CVE-2001-0032 | 1 Eric Rescorla | 1 Ssldump | 2026-04-16 | N/A |
| Format string vulnerability in ssldump possibly allows remote attackers to cause a denial of service and possibly gain root privileges via malicious format string specifiers in a URL. | ||||
| CVE-2005-2797 | 1 Openbsd | 1 Openssh | 2026-04-16 | N/A |
| OpenSSH 4.0, and other versions before 4.2, does not properly handle dynamic port forwarding ("-D" option) when a listen address is not provided, which may cause OpenSSH to enable the GatewayPorts functionality. | ||||
| CVE-2005-4659 | 1 Ipcop | 1 Ipcop | 2026-04-16 | N/A |
| IPCop (aka IPCop Firewall) before 1.4.10 has world-readable permissions for the backup.key file, which might allow local users to overwrite system configuration files and gain privileges by creating a malicious encrypted backup archive owned by "nobody", then executing ipcoprscfg to restore from this backup. | ||||
| CVE-2006-0107 | 1 Idea Development Id Oy | 1 Timecan Cms | 2026-04-16 | N/A |
| SQL injection vulnerability in Timecan CMS allows remote attackers to execute arbitrary SQL commands via the viewID parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. Due to the unavailability of the original source, it cannot be determined if this is the same issue as identified by CVE-2006-0108. | ||||
| CVE-2005-3188 | 1 Nullsoft | 1 Winamp | 2026-04-16 | N/A |
| Buffer overflow in Nullsoft Winamp 5.094 allows remote attackers to execute arbitrary code via (1) an m3u file containing a long line ending in .wma or (2) a pls file containing a long File1 value ending in .wma, a different vulnerability than CVE-2006-0476. | ||||
| CVE-2005-4666 | 1 Phlymail | 1 Phlymail | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in PHlyMail before 3.3 Beta1 allows remote attackers to inject arbitrary Javascript via unknown attack vectors. | ||||
| CVE-2001-0155 | 1 Van Dyke Technologies | 1 Vshell | 2026-04-16 | N/A |
| Format string vulnerability in VShell SSH gateway 1.0.1 and earlier allows remote attackers to execute arbitrary commands via a user name that contains format string specifiers. | ||||
| CVE-2006-3069 | 1 Iglooweb | 1 Doublespeak | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in DoubleSpeak 0.1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via the config[private] parameter in multiple files, as demonstrated by (1) index.php, (2) faq.php, and (3) hardware.php. NOTE: this issue has been disputed by multiple third-party researchers, who state that config[private] is initialized in an include file before being used | ||||
| CVE-2001-0075 | 1 Technote Inc | 1 Technote | 2026-04-16 | N/A |
| Directory traversal vulnerability in main.cgi in Technote allows remote attackers to read arbitrary files via a .. (dot dot) attack in the filename parameter. | ||||
| CVE-2001-0157 | 1 Palm | 1 Palm Os | 2026-04-16 | N/A |
| Debugging utility in the backdoor mode of Palm OS 3.5.2 and earlier allows attackers with physical access to a Palm device to bypass access restrictions and obtain passwords, even if the system lockout mechanism is enabled. | ||||
| CVE-2000-0684 | 1 Bea | 1 Weblogic Server | 2026-04-16 | N/A |
| BEA WebLogic 5.1.x does not properly restrict access to the JSPServlet, which could allow remote attackers to compile and execute Java JSP code by directly invoking the servlet on any source file. | ||||
| CVE-2001-0170 | 4 Conectiva, Debian, Immunix and 1 more | 4 Linux, Debian Linux, Immunix and 1 more | 2026-04-16 | N/A |
| glibc 2.1.9x and earlier does not properly clear the RESOLV_HOST_CONF, HOSTALIASES, or RES_OPTIONS environmental variables when executing setuid/setgid programs, which could allow local users to read arbitrary files. | ||||
| CVE-2001-0171 | 1 Whitsoft | 1 Slimserve | 2026-04-16 | N/A |
| Buffer overflow in SlimServe HTTPd 1.0 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long GET request. | ||||