Total
29947 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2001-0593 | 1 Anaconda Partners | 1 Clipper | 2026-04-16 | N/A |
| Anaconda Partners Clipper 3.3 and earlier allows a remote attacker to read arbitrary files via a '..' (dot dot) attack in the template parameter. | ||||
| CVE-2005-0439 | 1 Stefan Ritt | 1 Elog Web Logbook | 2026-04-16 | N/A |
| Buffer overflow in the decode_post function in ELOG before 2.5.7 allows remote attackers to execute arbitrary code via attachments with long file names. | ||||
| CVE-2005-0440 | 1 Stefan Ritt | 1 Elog Web Logbook | 2026-04-16 | N/A |
| ELOG before 2.5.7 allows remote attackers to bypass authentication and download a configuration file that contains a sensitive write password via a modified URL. | ||||
| CVE-2001-0603 | 1 Lotus | 1 Domino R5 Server | 2026-04-16 | N/A |
| Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a denial of service via repeatedly sending large (> 10Kb) amounts of data to the DIIOP - CORBA service on TCP port 63148. | ||||
| CVE-2005-0443 | 1 Devellion | 1 Cubecart | 2026-04-16 | N/A |
| index.php in CubeCart 2.0.4 allows remote attackers to (1) obtain the full path for the web server or (2) conduct cross-site scripting (XSS) attacks via an invalid language parameter, which echoes the parameter in a PHP error message. | ||||
| CVE-2005-0446 | 2 Redhat, Squid | 2 Enterprise Linux, Squid | 2026-04-16 | N/A |
| Squid 2.5.STABLE8 and earlier allows remote attackers to cause a denial of service (crash) via certain DNS responses regarding (1) Fully Qualified Domain Names (FQDN) in fqdncache.c or (2) IP addresses in ipcache.c, which trigger an assertion failure. | ||||
| CVE-2005-0454 | 1 Codeworx Technologies | 1 Dcp-portal | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in DCP-Portal 6.1.1 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the lcat, doc, or uid parameters to index.php, or (2) the mid or bid parameters to forums.php. | ||||
| CVE-2005-1895 | 1 Flatnuke | 1 Flatnuke | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in FlatNuke 2.5.3 allows remote attackers to inject arbitrary web script or HTML via the border or back parameters to (1) help.php or (2) footer.php. | ||||
| CVE-2005-0465 | 1 Sgi | 1 Irix | 2026-04-16 | N/A |
| gr_osview in SGI IRIX does not drop privileges before opening files, which allows local users to overwrite arbitrary files via the -s option. | ||||
| CVE-2005-1902 | 1 E-post Corporation | 1 Spa-pro Mail Atsolomon | 2026-04-16 | N/A |
| Directory traversal vulnerability in the IMAP service for SPA-PRO Mail @Solomon 4.00 allows remote authenticated users to read other users' mail and perform operations on arbitrary directories via .. sequences in the (1) SELECT, (2) CREATE, (3) DELETE, and (4) RENAME commands. | ||||
| CVE-2005-2218 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| The device file system (devfs) in FreeBSD 5.x does not properly check parameters of the node type when creating a device node, which makes hidden devices available to attackers, who can then bypass restrictions on a jailed process. | ||||
| CVE-2005-0469 | 2 Ncsa, Redhat | 2 Telnet, Enterprise Linux | 2026-04-16 | N/A |
| Buffer overflow in the slc_add_reply function in various BSD-based Telnet clients, when handling LINEMODE suboptions, allows remote attackers to execute arbitrary code via a reply with a large number of Set Local Character (SLC) commands. | ||||
| CVE-2005-1903 | 1 E-post Corporation | 1 Spa-pro Mail Atsolomon | 2026-04-16 | N/A |
| Buffer overflow in the IMAP service for SPA-PRO Mail @Solomon 4.00 allows remote authenticated users to execute arbitrary code via a long CREATE command. | ||||
| CVE-2005-0471 | 1 Sun | 2 Jdk, Jre | 2026-04-16 | N/A |
| Sun Java JRE 1.1.x through 1.4.x writes temporary files with long filenames that become predictable on a file system that uses 8.3 style short names, which allows remote attackers to write arbitrary files to known locations and facilitates the exploitation of vulnerabilities in applications that rely on unpredictable file names. | ||||
| CVE-2001-0623 | 1 Sendfile | 1 Sendfile | 2026-04-16 | N/A |
| sendfiled, as included with Simple Asynchronous File Transfer (SAFT), on various Linux systems does not properly drop privileges when sending notification emails, which allows local attackers to gain privileges. | ||||
| CVE-2001-0625 | 1 Broadcom | 1 Inoculateit | 2026-04-16 | N/A |
| ftpdownload in Computer Associates InoculateIT 6.0 allows a local attacker to overwrite arbitrary files via a symlink attack on /tmp/ftpdownload.log . | ||||
| CVE-2001-0630 | 1 Mimanet | 1 Source Viewer | 2026-04-16 | N/A |
| Directory traversal vulnerability in MIMAnet viewsrc.cgi 2.0 allows a remote attacker to read arbitrary files via a '..' (dot dot) attack in the 'loc' variable. | ||||
| CVE-2001-0632 | 1 Sun | 1 Chilisoft | 2026-04-16 | N/A |
| Sun Chili!Soft 3.5.2 on Linux and 3.6 on AIX creates a default admin username and password in the default installation, which can allow a remote attacker to gain additional privileges. | ||||
| CVE-2002-0615 | 1 Microsoft | 2 Excel, Office | 2026-04-16 | N/A |
| The Windows Media Active Playlist in Microsoft Windows Media Player 7.1 stores information in a well known location on the local file system, allowing attackers to execute HTML scripts in the Local Computer zone, aka "Media Playback Script Invocation". | ||||
| CVE-2005-0491 | 1 Knox Software | 1 Arkeia Server Backup | 2026-04-16 | N/A |
| Stack-based buffer overflow in Knox Arkeia Server Backup 5.3.x allows remote attackers to execute arbitrary code via a long type 77 request. | ||||