Total
29945 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-1640 | 1 Oracle | 1 Configurator | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Oracle Configurator before 11.5.7.17.32 and 11.5.6.16.53 allows remote attackers to inject arbitrary web script or HTML via (1) Text Features in the DHTML UI or (2) the test parameter to the oracle.apps.cz.servlet.UiServlet servlet. | ||||
| CVE-2002-1642 | 1 Postgresql | 1 Postgresql | 2026-04-16 | N/A |
| PostgreSQL 7.2.1 and 7.2.2 allows local users to delete transaction log (pg_clog) data and cause a denial of service (data loss) via the VACUUM command. | ||||
| CVE-2002-1645 | 1 Ssh | 1 Ssh2 | 2026-04-16 | N/A |
| Buffer overflow in the URL catcher feature for SSH Secure Shell for Workstations client 3.1 to 3.2.0 allows remote attackers to execute arbitrary code via a long URL. | ||||
| CVE-2002-1648 | 1 Squirrelmail | 1 Squirrelmail | 2026-04-16 | N/A |
| Cross-site request forgery (CSRF) vulnerability in compose.php in SquirrelMail before 1.2.3 allows remote attackers to send email as other users via an IMG URL with modified send_to and subject parameters. | ||||
| CVE-2005-4059 | 1 Locazo | 1 Locazolist | 2026-04-16 | N/A |
| SQL injection vulnerability in searchdb.asp in LocazoList 1.03c and earlier allows remote attackers to execute arbitrary SQL commands via the q parameter. | ||||
| CVE-2002-1649 | 1 Squirrelmail | 1 Squirrelmail | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in read_body.php in SquirrelMail before 1.2.3 allows remote attackers to execute arbitrary Javascript via a javascript: URL in an IMG tag. | ||||
| CVE-2004-0994 | 2 Debian, Zgv | 3 Debian Linux, Xzgv Image Viewer, Zgv Image Viewer | 2026-04-16 | N/A |
| Multiple integer overflows in xzgv 0.8 and earlier allow remote attackers to execute arbitrary code via images with large width and height values, which trigger a heap-based buffer overflow, as demonstrated in the read_prf_file function in readprf.c. NOTE: CVE-2004-0994 and CVE-2004-1095 identify sets of bugs that only partially overlap, despite having the same developer. Therefore, they should be regarded as distinct. | ||||
| CVE-2004-0996 | 4 Cscope, Debian, Gentoo and 1 more | 4 Cscope, Debian Linux, Linux and 1 more | 2026-04-16 | N/A |
| main.c in cscope 15-4 and 15-5 creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack. | ||||
| CVE-2002-1653 | 1 Farm9 | 1 Cryptcat | 2026-04-16 | N/A |
| Farm9 Cryptcat, when started in server mode with the -e option, does not enable encryption, which allows clients to communicate without encryption despite intended configuration, and may allow remote attackers to sniff sensitive information. | ||||
| CVE-2002-1656 | 1 Xqus | 1 X-news | 2026-04-16 | N/A |
| X-News (x_news) 1.1 and earlier allows attackers to authenticate as other users by obtaining the MD5 checksum of the password, e.g. via sniffing or the users.txt data file, and providing it in a cookie. | ||||
| CVE-2005-4079 | 1 Phpmyadmin | 1 Phpmyadmin | 2026-04-16 | N/A |
| The register_globals emulation in phpMyAdmin 2.7.0 rc1 allows remote attackers to exploit other vulnerabilities in phpMyAdmin by modifying the import_blacklist variable in grab_globals.php, which can then be used to overwrite other variables. | ||||
| CVE-2004-0999 | 1 Zgv | 1 Zgv Image Viewer | 2026-04-16 | N/A |
| zgv 5.5.3 allows remote attackers to cause a denial of service (application crash via segmentation fault) via crafted multiple-image (animated) GIF images. | ||||
| CVE-2002-1661 | 1 Leafnode | 1 Leafnode | 2026-04-16 | N/A |
| The leafnode server in leafnode 1.9.20 to 1.9.29 allows remote attackers to cause a denial of service (infinite loop) when leafnode requests a cross-posted article to one group whose name is a prefix of another group. | ||||
| CVE-2005-4081 | 1 Alisveristr | 1 Alisveristr E-commerce | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Alisveristr E-commerce allow remote attackers to bypass authentication and possibly execute arbitrary SQL commands via the username and password parameters in (1) the user login and (2) administrator login pages. | ||||
| CVE-2002-1662 | 1 Mambo | 1 Mambo Site Server | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Mambo Site Server 4.0.11 allow remote attackers to execute arbitrary script on other clients via (1) search.php and (2) the "Your name" field during account registration. | ||||
| CVE-2005-4084 | 1 Phpbb Styles | 1 Phpbb Extreme Styles | 2026-04-16 | N/A |
| xs_edit.php in the phpBB eXtreme Styles module 2.2.1 and earlier allows remote attackers to obtain the installation path of the application via an invalid viewbackup parameter. | ||||
| CVE-2005-4091 | 1 1-script | 1 1-search | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in 1search.cgi in 1-Script 1-Search 1.8 allows remote attackers to inject arbitrary web script or HTML via the q parameter. | ||||
| CVE-2002-1668 | 1 Hp | 3 Hp-ux, Hp-ux Series 700, Hp-ux Series 800 | 2026-04-16 | N/A |
| HP-UX 11.11 and earlier allows local users to cause a denial of service (kernel deadlock), due to a "file system weakness" that is possibly via an mmap() system call and performing an I/O operation using data from the mapped buffer on the file descriptor for the mapped file. | ||||
| CVE-2002-1671 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| Microsoft Internet Explorer 5.0, 5.01, and 5.5 allows remote attackers to monitor the contents of the clipboard via the getData method of the clipboardData object. | ||||
| CVE-2005-4135 | 1 Simplemedia | 1 Simplebbs | 2026-04-16 | N/A |
| Direct static code injection vulnerability in includes/newtopic.php in SimpleBBS 1.1 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the Host header (possibly the name parameter or variable), which is then written to data/topics.php. | ||||