Total
29936 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-2928 | 1 Cms-bandits | 1 Cms-bandits | 2026-04-16 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in CMS-Bandits 2.5 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the spaw_root parameter in (1) dialogs/img.php and (2) dialogs/td.php. | ||||
| CVE-2006-4420 | 1 Phaos | 1 Phaos | 2026-04-16 | N/A |
| Directory traversal vulnerability in include_lang.php in Phaos 0.9.2 allows remote attackers to include arbitrary local files via ".." sequences in the lang parameter. | ||||
| CVE-2000-0396 | 1 Pacific Software | 1 Carello | 2026-04-16 | N/A |
| The add.exe program in the Carello shopping cart software allows remote attackers to duplicate files on the server, which could allow the attacker to read source code for web scripts such as .ASP files. | ||||
| CVE-2000-0419 | 1 Microsoft | 10 Access, Excel, Frontpage and 7 more | 2026-04-16 | N/A |
| The Office 2000 UA ActiveX Control is marked as "safe for scripting," which allows remote attackers to conduct unauthorized activities via the "Show Me" function in Office Help, aka the "Office 2000 UA Control" vulnerability. | ||||
| CVE-2000-0150 | 2 Checkpoint, Cisco | 2 Firewall-1, Pix Firewall Software | 2026-04-16 | N/A |
| Check Point Firewall-1 allows remote attackers to bypass port access restrictions on an FTP server by forcing it to send malicious packets that Firewall-1 misinterprets as a valid 227 response to a client's PASV attempt. | ||||
| CVE-2002-0065 | 2 Bindview, Funk Software | 2 Netrc, Funk Software Proxy | 2026-04-16 | N/A |
| Funk Software Proxy Host 3.x uses weak encryption for the Proxy Host password, which allows local users to gain privileges by recovering the passwords from the PHOST.INI file or the Windows registry. | ||||
| CVE-2002-1847 | 1 Microsoft | 1 Windows Media Player | 2026-04-16 | N/A |
| Buffer overflow in mplay32.exe of Microsoft Windows Media Player (WMP) 6.3 through 7.1 allows remote attackers to execute arbitrary commands via a long mp3 filename command line argument. NOTE: since the only known attack vector requires command line access, this may not be a vulnerability. | ||||
| CVE-2000-0509 | 1 Sambar | 1 Sambar Server | 2026-04-16 | N/A |
| Buffer overflows in the finger and whois demonstration scripts in Sambar Server 4.3 allow remote attackers to execute arbitrary commands via a long hostname. | ||||
| CVE-2003-0260 | 1 Cisco | 6 Vpn 3000 Concentrator Series Software, Vpn 3002 Hardware Client, Vpn 3015 Concentrator and 3 more | 2026-04-16 | N/A |
| Cisco VPN 3000 series concentrators and Cisco VPN 3002 Hardware Client 2.x.x through 3.6.7A allow remote attackers to cause a denial of service (slowdown and possibly reload) via a flood of malformed ICMP packets. | ||||
| CVE-2005-1637 | 1 Npds | 1 Npds | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in NPDS 4.8 and 5.0 allow remote attackers to execute arbitrary SQL commands via the thold parameter to (1) comments.php or (2) pollcomments.php. | ||||
| CVE-2000-0655 | 2 Mozilla, Netscape | 2 Mozilla, Communicator | 2026-04-16 | N/A |
| Netscape Communicator 4.73 and earlier allows remote attackers to cause a denial of service or execute arbitrary commands via a JPEG image containing a comment with an illegal field length of 1. | ||||
| CVE-2000-0742 | 1 Microsoft | 2 Windows 95, Windows 98 | 2026-04-16 | N/A |
| The IPX protocol implementation in Microsoft Windows 95 and 98 allows remote attackers to cause a denial of service by sending a ping packet with a source IP address that is a broadcast address, aka the "Malformed IPX Ping Packet" vulnerability. | ||||
| CVE-2000-0882 | 1 Intel | 4 Express 510t, Express 520t, Express 550f and 1 more | 2026-04-16 | N/A |
| Intel Express 500 series switches allow a remote attacker to cause a denial of service via a malformed ICMP packet, which causes the CPU to crash. | ||||
| CVE-2002-0499 | 1 Linux | 1 Linux Kernel | 2026-04-16 | N/A |
| The d_path function in Linux kernel 2.2.20 and earlier, and 2.4.18 and earlier, truncates long pathnames without generating an error, which could allow local users to force programs to perform inappropriate operations on the wrong directories. | ||||
| CVE-2000-0940 | 1 Metertek | 1 Pagelog.cgi | 2026-04-16 | N/A |
| Directory traversal vulnerability in Metertek pagelog.cgi allows remote attackers to read arbitrary files via a .. (dot dot) attack on the "name" or "display" parameter. | ||||
| CVE-2000-0982 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| Internet Explorer before 5.5 forwards cached user credentials for a secure web site to insecure pages on the same web site, which could allow remote attackers to obtain the credentials by monitoring connections to the web server, aka the "Cached Web Credentials" vulnerability. | ||||
| CVE-2000-0991 | 1 Hilgraeve | 1 Hyperterminal | 2026-04-16 | N/A |
| Buffer overflow in Hilgraeve, Inc. HyperTerminal client on Windows 98, ME, and 2000 allows remote attackers to execute arbitrary commands via a long telnet URL, aka the "HyperTerminal Buffer Overflow" vulnerability. | ||||
| CVE-2000-1010 | 2 Openbsd, Redhat | 2 Openbsd, Linux | 2026-04-16 | N/A |
| Format string vulnerability in talkd in OpenBSD and possibly other BSD-based OSes allows remote attackers to execute arbitrary commands via a user name that contains format characters. | ||||
| CVE-2000-1042 | 1 Mandrakesoft | 1 Mandrake Linux | 2026-04-16 | N/A |
| Buffer overflow in ypserv in Mandrake Linux 7.1 and earlier, and possibly other Linux operating systems, allows an attacker to gain root privileges when ypserv is built without a vsyslog() function. | ||||
| CVE-1999-0174 | 1 Netscape | 1 Communicator | 2026-04-16 | N/A |
| The view-source CGI program allows remote attackers to read arbitrary files via a .. (dot dot) attack. | ||||