Total
29947 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2003-0834 | 1 Sco | 2 Open Unix, Unixware | 2026-04-16 | N/A |
| Buffer overflow in CDE libDtHelp library allows local users to execute arbitrary code via (1) a modified DTHELPUSERSEARCHPATH environment variable and the Help feature, (2) DTSEARCHPATH, or (3) LOGNAME. | ||||
| CVE-2001-0378 | 1 Openbsd | 1 Openbsd | 2026-04-16 | N/A |
| readline prior to 4.1, in OpenBSD 2.8 and earlier, creates history files with insecure permissions, which allows a local attacker to recover potentially sensitive information via readline history files. | ||||
| CVE-2003-0839 | 1 Microsoft | 1 Windows 2003 Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in the "Shell Folders" capability in Microsoft Windows Server 2003 allows remote attackers to read arbitrary files via .. (dot dot) sequences in a "shell:" link. | ||||
| CVE-2006-0190 | 1 Sun | 1 Solaris | 2026-04-16 | N/A |
| Unspecified vulnerability in Sun Solaris 9 and 10 for the x86 platform allows local users to gain privileges or cause a denial of service (panic) via unspecified vectors, possibly involving functions from the mm driver. | ||||
| CVE-2001-0383 | 1 Francisco Burzi | 1 Php-nuke | 2026-04-16 | N/A |
| banners.php in PHP-Nuke 4.4 and earlier allows remote attackers to modify banner ad URLs by directly calling the Change operation, which does not require authentication. | ||||
| CVE-2003-0841 | 1 Oracle | 1 Peopletools | 2026-04-16 | N/A |
| The grid option in PeopleSoft 8.42 stores temporary .xls files in guessable directories under the web document root, which allows remote attackers to steal search results by directly accessing the files via a URL request. | ||||
| CVE-2001-0387 | 1 Hylafax | 1 Hylafax | 2026-04-16 | N/A |
| Format string vulnerability in hfaxd in HylaFAX before 4.1.b2_2 allows local users to gain privileges via the -q command line argument. | ||||
| CVE-2006-1704 | 1 Hubert Plisson | 1 Sire | 2026-04-16 | N/A |
| Sire 2.0 nws allows remote attackers to upload arbitrary image files without authentication via a direct request to upload.php. | ||||
| CVE-2003-0843 | 1 Dag Apt Repository | 1 Mod Gzip | 2026-04-16 | N/A |
| Format string vulnerability in mod_gzip_printf for mod_gzip 1.3.26.1a and earlier, and possibly later official versions, when running in debug mode and using the Apache log, allows remote attackers to execute arbitrary code via format string characters in an HTTP GET request with an "Accept-Encoding: gzip" header. | ||||
| CVE-2001-0392 | 1 Navision | 1 Financials Server | 2026-04-16 | N/A |
| Navision Financials Server 2.60 and earlier allows remote attackers to cause a denial of service by sending a null character and a long string to the server port (2407), which causes the server to crash. | ||||
| CVE-2006-0193 | 1 Positive Software | 1 H-sphere | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the Hosting Control Panel (psoft.hsphere.CP) in Positive Software H-Sphere 2.4.3 Patch 8 and earlier allows remote attackers to inject arbitrary web script or HTML via the login parameter in a login action. | ||||
| CVE-2003-0853 | 3 Gnu, Redhat, Washington University | 4 Fileutils, Enterprise Linux, Linux and 1 more | 2026-04-16 | N/A |
| An integer overflow in ls in the fileutils or coreutils packages may allow local users to cause a denial of service or execute arbitrary code via a large -w value, which could be remotely exploited via applications that use ls, such as wu-ftpd. | ||||
| CVE-2003-0854 | 3 Gnu, Redhat, Washington University | 4 Fileutils, Enterprise Linux, Linux and 1 more | 2026-04-16 | N/A |
| ls in the fileutils or coreutils packages allows local users to consume a large amount of memory via a large -w value, which can be remotely exploited via applications that use ls, such as wu-ftpd. | ||||
| CVE-2003-0855 | 2 Charles Kerr, Redhat | 3 Pan, Enterprise Linux, Linux | 2026-04-16 | N/A |
| Pan 0.13.3 and earlier allows remote attackers to cause a denial of service (crash) via a news post with a long author email address. | ||||
| CVE-2006-0194 | 1 Fog Creek Software | 1 Fogbugz | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in default.asp in FogBugz 4.029, and other versions before 4.0.33, allows remote attackers to inject arbitrary web script or HTML via the dest parameter in the pgLogon page. | ||||
| CVE-2006-1706 | 1 Kansok Communications | 1 Shopweezle | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Shopweezle 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) itemID parameter to (a) login.php and (b) memo.php; and the (2) itemgr, (3) brandID, and (4) album parameters to (c) index.php. NOTE: this issue also produces resultant full path disclosure from invalid SQL queries. | ||||
| CVE-2006-1707 | 1 Kansok Communications | 1 Shopweezle | 2026-04-16 | N/A |
| index.php in Shopweezle 2.0 allows remote attackers to include arbitrary local files via the url parameter. | ||||
| CVE-2003-0859 | 5 Gnu, Intel, Quagga and 2 more | 8 Glibc, Zebra, Ia64 and 5 more | 2026-04-16 | N/A |
| The getifaddrs function in GNU libc (glibc) 2.2.4 and earlier allows local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface. | ||||
| CVE-2001-0406 | 2 Redhat, Samba | 2 Linux, Samba | 2026-04-16 | N/A |
| Samba before 2.2.0 allows local attackers to overwrite arbitrary files via a symlink attack using (1) a printer queue query, (2) the more command in smbclient, or (3) the mput command in smbclient. | ||||
| CVE-2003-0863 | 1 Php | 1 Php | 2026-04-16 | N/A |
| The php_check_safe_mode_include_dir function in fopen_wrappers.c of PHP 4.3.x returns a success value (0) when the safe_mode_include_dir variable is not specified in configuration, which differs from the previous failure value and may allow remote attackers to exploit file include vulnerabilities in PHP applications. | ||||