Total
29947 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-1941 | 1 Radiobird Software | 1 Web Server 4 Everyone | 2026-04-16 | N/A |
| Buffer overflow in RadioBird WebServer 4 Everyone 1.28 allows remote attackers to cause a denial of service (crash) via a long HTTP GET request with the Host header set. | ||||
| CVE-2005-4492 | 1 Starphire Technologies | 5 Sitesage, Sitesage-ee, Sitesage-le and 2 more | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Starphire SiteSage 5.0.18 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters, possibly the norelay_highlight_words parameter. | ||||
| CVE-2006-1482 | 1 Conftool | 1 Conftool | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in ConfTool 1.1 allows remote attackers to inject arbitrary web script or HTML via the page parameter. | ||||
| CVE-2004-1080 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Nt | 2026-04-16 | N/A |
| The WINS service (wins.exe) on Microsoft Windows NT Server 4.0, Windows 2000 Server, and Windows Server 2003 allows remote attackers to write to arbitrary memory locations and possibly execute arbitrary code via a modified memory pointer in a WINS replication packet to TCP port 42, aka the "Association Context Vulnerability." | ||||
| CVE-2006-1484 | 1 Kye | 1 Genius Videocam Nb | 2026-04-16 | N/A |
| Genius VideoCAM NB Driver does not drop privileges when saving files, which allows local users to gain privileges by opening arbitrary files via the "save as" dialog. | ||||
| CVE-2002-1943 | 1 Safetp | 1 Safetp Server | 2026-04-16 | N/A |
| SafeTP 1.46, when network address translation (NAT) is being used, leaks the internal IP address of the FTP server in a response to a passive mode (PASV) file transfer request. | ||||
| CVE-2004-1084 | 1 Apple | 4 Darwin Streaming Server, Mac Os X, Mac Os X Server and 1 more | 2026-04-16 | N/A |
| Apache for Apple Mac OS X 10.2.8 and 10.3.6 allows remote attackers to read files and resource fork content via HTTP requests to certain special file names related to multiple data streams in HFS+, which bypass Apache file handles. | ||||
| CVE-2004-1089 | 1 Apple | 4 Darwin Streaming Server, Mac Os X, Mac Os X Server and 1 more | 2026-04-16 | N/A |
| Unknown vulnerability in Apple Mac OS X 10.3.6 server, when using Kerberos authentication and Cyrus IMAP allows local users to access mailboxes of other users. | ||||
| CVE-2002-1951 | 1 Goahead Software | 1 Goahead Webserver | 2026-04-16 | N/A |
| Buffer overflow in GoAhead WebServer 2.1 allows remote attackers to execute arbitrary code via a long HTTP GET request with a large number of subdirectories. | ||||
| CVE-2005-4497 | 1 Tangora | 1 Tangora Portal Cms | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Tangora Portal CMS 4.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the action parameter in a search page, as demonstrated using (1) page1631.aspx and (2) page496.aspx. | ||||
| CVE-2006-1489 | 1 Fusionzone | 1 Couponzone | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in FusionZONE CouponZONE local.cfm in 4.2 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) companyid, (2) scat, and (3) coid parameters. | ||||
| CVE-2002-1960 | 1 Cybozu | 1 Share360 | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Cybozu Share360 1.1 allows remote attackers to inject arbitrary web script or HTML via an HTML link. | ||||
| CVE-2002-1962 | 1 Finjan Software | 1 Surfingate | 2026-04-16 | N/A |
| Finjan Software SurfinGate 6.0 and 6.0 1 allows remote attackers to bypass URL access restrictions via a URL with an IP address instead of a hostname. | ||||
| CVE-2006-2120 | 2 Libtiff, Redhat | 2 Libtiff, Enterprise Linux | 2026-04-16 | N/A |
| The TIFFToRGB function in libtiff before 3.8.1 allows remote attackers to cause a denial of service (crash) via a crafted TIFF image with Yr/Yg/Yb values that exceed the YCR/YCG/YCB values, which triggers an out-of-bounds read. | ||||
| CVE-2002-1965 | 1 Imatix | 1 Xitami | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Errors.gsl in Imatix Xitami 2.5b4 and 2.5b5 allows remote attackers to inject arbitrary web script or HTML via the (1) Javascript events, as demonstrated via an onerror event in an IMG SRC tag or (2) User-Agent field in an HTTP GET request. | ||||
| CVE-2002-1966 | 1 My Postcards | 1 My Postcards Platinum | 2026-04-16 | N/A |
| Directory traversal vulnerability in magiccard.cgi in My Postcards Platinum 5.0 and 6.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter. | ||||
| CVE-2005-4499 | 1 Cisco | 21 Adaptive Security Appliance Software, Pix Asa Ids, Pix Firewall and 18 more | 2026-04-16 | N/A |
| The Downloadable RADIUS ACLs feature in Cisco PIX and VPN 3000 concentrators, when creating an ACL on the Cisco Secure Access Control Server (CS ACS), generates a random internal name for an ACL that is also used as a hidden user name and password, which allows remote attackers to gain privileges by sniffing the username from the cleartext portion of a RADIUS session, then using the password to log in to another device that uses CS ACS. | ||||
| CVE-2006-1497 | 1 Vihor | 1 Vihordesign | 2026-04-16 | N/A |
| Directory traversal vulnerability in index.php in ViHor Design allows remote attackers to read arbitrary files via the page parameter. | ||||
| CVE-2006-2121 | 1 I-rater | 1 I-rater Platinum | 2026-04-16 | N/A |
| PHP remote file include vulnerability in admin/config_settings.tpl.php in I-RATER Platinum allows remote attackers to execute arbitrary code via a URL in the include_path parameter. NOTE: this is a different vector, and possibly a different vulnerability, than CVE-2006-1929. | ||||
| CVE-2005-4501 | 1 Mediawiki | 1 Mediawiki | 2026-04-16 | N/A |
| MediaWiki before 1.5.4 uses a hard-coded "internal placeholder string", which allows remote attackers to bypass protection against cross-site scripting (XSS) attacks and execute Javascript using inline style attributes, which are processed by Internet Explorer. | ||||