Total
29933 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-4432 | 1 Playsms | 1 Playsms | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in PlaySMS 0.8 allows remote attackers to inject arbitrary web script or HTML via the err parameter. | ||||
| CVE-2005-4450 | 1 Phpmyadmin | 1 Phpmyadmin | 2026-04-16 | N/A |
| Cross-site request forgery (CSRF) vulnerability in phpMyAdmin 2.7.0 allows remote attackers to perform unauthorized actions as a logged-in user via a link or IMG tag to server_privileges.php, as demonstrated using the dbname and checkprivs parameters. NOTE: the provenance of this issue is unknown, although third parties imply that it is related to the disclosure of CVE-2005-4349, which was labeled as SQL injection but disputed. | ||||
| CVE-2006-4587 | 1 Vtiger | 1 Vtiger Crm | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in vtiger CRM 4.2.4, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) description parameter in unspecified modules or the (2) solution parameter in the HelpDesk module. | ||||
| CVE-2006-4593 | 1 Softbb | 1 Softbb | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in SoftBB 0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the page parameter. | ||||
| CVE-2005-4519 | 1 Mantis | 1 Mantis | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in the manage user page (manage_user_page.php) in Mantis 1.0.0rc3 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) prefix and (2) sort parameters to the manage user page (manage_user_page.php), or (3) the sort parameter to view_all_set.php. | ||||
| CVE-2006-4598 | 1 Sslinks | 1 Sslinks | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in links.php in ssLinks 1.22 allow remote attackers to execute arbitrary SQL commands via the (1) go parameter and (2) id parameter in a rate action. | ||||
| CVE-2005-4520 | 1 Mantis | 1 Mantis | 2026-04-16 | N/A |
| Unspecified "port injection" vulnerabilities in filters in Mantis 1.0.0rc3 and earlier have unknown impact and attack vectors. NOTE: due to a lack of relevant details in the vendor changelog, which is the source of this description, it is unclear whether this is a duplicate of another CVE. | ||||
| CVE-2006-4600 | 2 Openldap, Redhat | 2 Openldap, Enterprise Linux | 2026-04-16 | N/A |
| slapd in OpenLDAP before 2.3.25 allows remote authenticated users with selfwrite Access Control List (ACL) privileges to modify arbitrary Distinguished Names (DN). | ||||
| CVE-2001-0409 | 1 Vim Development Group | 1 Vim | 2026-04-16 | N/A |
| vim (aka gvim) allows local users to modify files being edited by other users via a symlink attack on the backup and swap files, when the victim is editing the file in a world writable directory. | ||||
| CVE-2001-0417 | 1 Mit | 2 Kerberos, Kerberos 5 | 2026-04-16 | N/A |
| Kerberos 4 (aka krb4) allows local users to overwrite arbitrary files via a symlink attack on new ticket files. | ||||
| CVE-2001-0420 | 1 Way To The Web | 1 Talkback | 2026-04-16 | N/A |
| Directory traversal vulnerability in talkback.cgi program allows remote attackers to read arbitrary files via a .. (dot dot) in the article parameter. | ||||
| CVE-2001-0423 | 1 Sun | 1 Solaris | 2026-04-16 | N/A |
| Buffer overflow in ipcs in Solaris 7 x86 allows local users to execute arbitrary code via a long TZ (timezone) environmental variable, a different vulnerability than CAN-2002-0093. | ||||
| CVE-2001-0431 | 1 Iplanet | 1 Iplanet Web Server | 2026-04-16 | N/A |
| Vulnerability in iPlanet Web Server Enterprise Edition 4.x. | ||||
| CVE-2001-0437 | 1 Dcscripts | 2 Dcforum, Dcforum 2000 | 2026-04-16 | N/A |
| upload_file.pl in DCForum 2000 1.0 allows remote attackers to upload arbitrary files without authentication by setting the az parameter to upload_file. | ||||
| CVE-2001-0441 | 3 Debian, Mandrakesoft, Redhat | 4 Debian Linux, Mandrake Linux, Mandrake Linux Corporate Server and 1 more | 2026-04-16 | N/A |
| Buffer overflow in (1) wrapping and (2) unwrapping functions of slrn news reader before 0.9.7.0 allows remote attackers to execute arbitrary commands via a long message header. | ||||
| CVE-2001-0456 | 1 Debian | 1 Debian Linux | 2026-04-16 | N/A |
| postinst installation script for Proftpd in Debian 2.2 does not properly change the "run as uid/gid root" configuration when the user enables anonymous access, which causes the server to run at a higher privilege than intended. | ||||
| CVE-2001-0465 | 1 Intuit | 1 Turbo Tax | 2026-04-16 | N/A |
| TurboTax saves passwords in a temporary file when a user imports investment tax information from a financial institution, which could allow local users to obtain sensitive information. | ||||
| CVE-2001-0477 | 1 Webcalendar | 1 Webcalendar | 2026-04-16 | N/A |
| Vulnerability in WebCalendar 0.9.26 allows remote command execution. | ||||
| CVE-2005-1543 | 1 Novell | 5 Zenworks, Zenworks Desktops, Zenworks Remote Management and 2 more | 2026-04-16 | N/A |
| Multiple stack-based and heap-based buffer overflows in Remote Management authentication (zenrem32.exe) on Novell ZENworks 6.5 Desktop and Server Management, ZENworks for Desktops 4.x, ZENworks for Servers 3.x, and Remote Management allows remote attackers to execute arbitrary code via (1) unspecified vectors, (2) type 1 authentication requests, and (3) type 2 authentication requests. | ||||
| CVE-2001-0515 | 1 Oracle | 2 Database Server, Oracle8i | 2026-04-16 | N/A |
| Oracle Listener in Oracle 7.3 and 8i allows remote attackers to cause a denial of service via a malformed connection packet with a large offset_to_data value. | ||||