Total
29947 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-4778 | 1 Cchost | 1 Cchost | 2026-04-16 | N/A |
| SQL injection vulnerability in Creative Commons Tools ccHost before 3.0 allows remote attackers to execute arbitrary SQL commands via a crafted URL, which is used to populate the file ID. NOTE: Some details are obtained from third party information. | ||||
| CVE-2006-4781 | 1 Futuresoft | 1 Tftp Server Multithreaded | 2026-04-16 | N/A |
| Heap-based buffer overflow in FutureSoft TFTP Server Multithreaded (MT) 1.1 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code by sending a crafted packet to port 69/UDP, which triggers the overflow when constructing an absolute path name. NOTE: Some details are obtained from third party information. | ||||
| CVE-2004-2437 | 1 Php Fusion | 1 Php Fusion | 2026-04-16 | N/A |
| SQL injection vulnerability in PHP-Fusion 4.01 allows remote attackers to execute arbitrary SQL commands via the rowstart parameter to (1) index.php or (2) members.php, or (3) the comment_id parameter to comments.php. | ||||
| CVE-2006-4784 | 1 Moodle | 1 Moodle | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Moodle 1.6.1 and earlier might allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to (1) doc/index.php or (2) files/index.php. | ||||
| CVE-2004-2440 | 1 Proxytunnel | 1 Proxytunnel | 2026-04-16 | N/A |
| Unspecified vulnerability in cmdline.c in proxytunnel 1.1.3 and earlier allows local users to obtain proxy credentials (username or password) of other users. | ||||
| CVE-2006-4786 | 1 Moodle | 1 Moodle | 2026-04-16 | N/A |
| Moodle 1.6.1 and earlier allows remote attackers to obtain sensitive information via (1) help.php and (2) other unspecified vectors involving scheduled backups. | ||||
| CVE-2004-2450 | 1 Gamespy | 4 Roger Wilco, Roger Wilco Dedicated Server, Roger Wilco Graphical Server and 1 more | 2026-04-16 | N/A |
| The client and server for Roger Wilco 1.4.1.6 and earlier or Roger Wilco Base Station 0.30a and earlier report sensitive information such as IDs and source IP addresses, which allows remote attackers to obtain sensitive information. | ||||
| CVE-2006-4800 | 1 Ffmpeg | 1 Ffmpeg | 2026-04-16 | N/A |
| Multiple buffer overflows in libavcodec in ffmpeg before 0.4.9_p20060530 allow remote attackers to cause a denial of service or possibly execute arbitrary code via multiple unspecified vectors in (1) dtsdec.c, (2) vorbis.c, (3) rm.c, (4) sierravmd.c, (5) smacker.c, (6) tta.c, (7) 4xm.c, (8) alac.c, (9) cook.c, (10) shorten.c, (11) smacker.c, (12) snow.c, and (13) tta.c. NOTE: it is likely that this is a different vulnerability than CVE-2005-4048 and CVE-2006-2802. | ||||
| CVE-2006-4803 | 1 Netiq | 1 Identity Manager | 2026-04-16 | N/A |
| The Fan-Out Linux and UNIX receiver scripts in Novell Identity Manager (IDM) 3.0.1 allows local users to execute arbitrary commands via unspecified vectors involving certain environment variables and "code injection." | ||||
| CVE-2004-2454 | 1 Amsn | 1 Amsn | 2026-04-16 | N/A |
| aMSN 0.90 for Microsoft Windows allows local users to obtain sensitive information such as hashed passwords from (1) hotlog.htm and (2) config.xml. | ||||
| CVE-2004-2456 | 1 Minibb | 1 Minibb | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php in miniBB 1.7f and earlier allows remote attackers to execute arbitrary SQL commands via the user parameter in a userinfo action. | ||||
| CVE-2005-2175 | 1 Ibm | 1 Lotus Notes | 2026-04-16 | N/A |
| The web interface for Lotus Notes mail automatically processes HTML in an attachment without prompting the user to save or open it, which makes it easier for remote attackers to conduct web-based attacks and steal cookies. | ||||
| CVE-2000-0851 | 1 Microsoft | 1 Windows 2000 | 2026-04-16 | N/A |
| Buffer overflow in the Still Image Service in Windows 2000 allows local users to gain additional privileges via a long WM_USER message, aka the "Still Image Service Privilege Escalation" vulnerability. | ||||
| CVE-2004-2457 | 1 3com | 1 3crwe754g72-a | 2026-04-16 | N/A |
| Unspecified vulnerability in 3Com OfficeConnect ADSL 11g Router allows remote attackers to cause a denial of service (crash) via a large amount of UDP traffic. | ||||
| CVE-2000-0853 | 1 Yabb | 1 Yabb | 2026-04-16 | N/A |
| YaBB Bulletin Board 9.1.2000 allows remote attackers to read arbitrary files via a .. (dot dot) attack. | ||||
| CVE-2002-0483 | 1 Francisco Burzi | 1 Php-nuke | 2026-04-16 | N/A |
| index.php for PHP-Nuke 5.4 and earlier allows remote attackers to determine the physical pathname of the web server when the file parameter is set to index.php, which triggers an error message that leaks the pathname. | ||||
| CVE-2004-2467 | 1 Efs Software | 1 Easy Chat Server | 2026-04-16 | N/A |
| chat.ghp in Easy Chat Server 1.2 allows remote attackers to add a large number of fake users, then eventually cause a denial of service (server crash). | ||||
| CVE-2005-2176 | 1 Novell | 1 Netmail | 2026-04-16 | N/A |
| Novell NetMail automatically processes HTML in an attachment without prompting the user to save or open it, which makes it easier for remote attackers to conduct web-based attacks and steal cookies. | ||||
| CVE-2000-0854 | 1 Microsoft | 1 Office | 2026-04-16 | N/A |
| When a Microsoft Office 2000 document is launched, the directory of that document is first used to locate DLL's such as riched20.dll and msi.dll, which could allow an attacker to execute arbitrary commands by inserting a Trojan Horse DLL into the same directory as the document. | ||||
| CVE-2004-2475 | 1 Google | 1 Toolbar | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Google Toolbar 2.0.114.1 allows remote attackers to inject arbitrary web script via about.html in the About section. NOTE: some followup posts suggest that the demonstration code's use of the res:// protocol does not cross privilege boundaries, since it is not allowed in the Internet Zone. Thus this might not be a vulnerability. | ||||