Total
29935 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2003-0543 | 2 Openssl, Redhat | 4 Openssl, Enterprise Linux, Linux and 1 more | 2026-04-16 | N/A |
| Integer overflow in OpenSSL 0.9.6 and 0.9.7 allows remote attackers to cause a denial of service (crash) via an SSL client certificate with certain ASN.1 tag values. | ||||
| CVE-1999-0954 | 1 Matt Wright | 1 Wwwboard | 2026-04-16 | N/A |
| WWWBoard has a default username and default password. | ||||
| CVE-2002-0915 | 1 Harald Hoyer | 2 Autorun, Xandros Desktop Os | 2026-04-16 | N/A |
| autorun in Xandros based Linux distributions allows local users to read the first line of arbitrary files via the -c parameter, which causes autorun to print the first line of the file. | ||||
| CVE-1999-0959 | 1 Sgi | 1 Irix | 2026-04-16 | N/A |
| IRIX startmidi program allows local users to modify arbitrary files via a symlink attack. | ||||
| CVE-1999-0966 | 1 Sun | 1 Sunos | 2026-04-16 | N/A |
| Buffer overflow in Solaris getopt in libc allows local users to gain root privileges via a long argv[0]. | ||||
| CVE-1999-0982 | 1 Sun | 2 Solaris, Web-based Enterprise Management | 2026-04-16 | N/A |
| The Sun Web-Based Enterprise Management (WBEM) installation script stores a password in plaintext in a world readable file. | ||||
| CVE-2002-0922 | 1 Cgiscript.net | 1 Csnews | 2026-04-16 | N/A |
| CGIScript.net csNews.cgi allows remote attackers to obtain database files via a direct URL-encoded request to (1) default%2edb or (2) default%2edb.style, or remote authenticated users to perform administrative actions via (3) a database parameter set to default%2edb. | ||||
| CVE-2003-0551 | 1 Redhat | 2 Enterprise Linux, Linux | 2026-04-16 | N/A |
| The STP protocol implementation in Linux 2.4.x does not properly verify certain lengths, which could allow attackers to cause a denial of service. | ||||
| CVE-2002-0929 | 1 Novell | 1 Netware | 2026-04-16 | N/A |
| Buffer overflows in the DHCP server for NetWare 6.0 SP1 allow remote attackers to cause a denial of service (reboot) via long DHCP requests. | ||||
| CVE-1999-1005 | 2 Netscape, Novell | 2 Enterprise Server, Groupwise | 2026-04-16 | N/A |
| Groupwise web server GWWEB.EXE allows remote attackers to read arbitrary files with .htm extensions via a .. (dot dot) attack using the HELP parameter. | ||||
| CVE-1999-1010 | 1 Openbsd | 1 Openssh | 2026-04-16 | N/A |
| An SSH 1.2.27 server allows a client to use the "none" cipher, even if it is not allowed by the server policy. | ||||
| CVE-2005-3445 | 1 Oracle | 2 Application Server, Database Server | 2026-04-16 | N/A |
| Multiple unspecified vulnerabilities in HTTP Server in Oracle Database Server 8i up to 10.1.0.4.2 and Application Server 1.0.2.2 up to 10.1.2.0 have unknown impact and attack vectors, aka Oracle Vuln# (1) DB30 and AS03 or (2) DB31 and AS05. | ||||
| CVE-2005-3458 | 1 Oracle | 1 E-business Suite | 2026-04-16 | N/A |
| Unspecified vulnerability in Oracle E-Business Suite and Applications 11.0 up to 11.5.9 has unknown impact and attack vectors, as identified by Oracle Vuln# APPS19 in Workflow Cartridge. | ||||
| CVE-2006-2797 | 1 Phpcommunitycalendar | 1 Phpcommunitycalendar | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in phpCommunityCalendar 4.0.3 allow remote attackers to execute arbitrary SQL commands via the (1) CalendarDetailsID parameter in (a) month.php, (b) day.php, and (c) delCalendar.php; (2) ID parameter in (d) event.php; (3) AdminUserID parameter in (e) delAdmin.php; (4) EventLocationID parameter in (f) delAddress.php; and (5) LocationID parameter in (g) delCategory.php. | ||||
| CVE-2005-3469 | 1 News2net | 1 News2net | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php in News2Net 3.0.0.0 allows remote attackers to execute arbitrary SQL commands via the category parameter. | ||||
| CVE-2006-2817 | 1 Tekno.portal | 1 Tekno.portal | 2026-04-16 | N/A |
| SQL injection vulnerability in bolum.php in tekno.Portal allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2005-3474 | 1 Sony | 1 First4internet Xcp Content Management | 2026-04-16 | N/A |
| The aries.sys driver in Sony First4Internet XCP DRM software hides any file, registry key, or process with a name that starts with "$sys$", which allows attackers to hide activities on a system that uses XCP. | ||||
| CVE-2006-3944 | 1 Microsoft | 1 Ie | 2026-04-16 | N/A |
| Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) via a (1) Forms.ListBox.1 or (2) Forms.ListBox.1 object with the ListWidth property set to (a) 0x7fffffff, which triggers an integer overflow exception, or to (b) 0x7ffffffe, which triggers a null dereference. | ||||
| CVE-2006-2820 | 1 Hotwebscripts | 1 Weblog Oggi | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in HotWebScripts.com Weblog Oggi 1.0 allows remote attackers to inject arbitrary web script or HTML via a comment, possibly involving a javascript URI in the SRC attribute of an IMG element. | ||||
| CVE-2005-3480 | 1 Ringtail | 1 Casebook | 2026-04-16 | N/A |
| login.asp in Ringtail CaseBook 6.1.0 displays different error messages depending on whether a user exists or not, which allows remote attackers to determine valid usernames. | ||||