Total
29936 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-0580 | 1 Krzysztof Dabrowski | 1 Cmd5checkpw | 2026-04-16 | N/A |
| cmd5checkpw, when running setuid, does not properly drop privileges before calling the execvp function, which allows local users to read the poppasswd file. | ||||
| CVE-2001-0034 | 1 Kth | 1 Kth Kerberos | 2026-04-16 | N/A |
| KTH Kerberos IV allows local users to specify an alternate proxy using the krb4_proxy variable, which allows the user to generate false proxy responses and possibly gain privileges. | ||||
| CVE-2005-1245 | 1 Mediawiki | 1 Mediawiki | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in MediaWiki before 1.4.2, when using HTML Tidy ($wgUseTidy), allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | ||||
| CVE-2005-1437 | 1 Osticket | 1 Osticket | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in osTicket allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to admin.php or (2) cat parameter to view.php. | ||||
| CVE-2005-1865 | 1 Vincent Hor | 1 Calendarix Advanced | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Calendarix Advanced 1.5 allow remote attackers to execute arbitrary SQL commands via the catview parameter to (1) cal_week.php, (2) cal_cat.php, or (3) cal_day.php, or (4) id parameter to cal_pophols.php. | ||||
| CVE-2001-0075 | 1 Technote Inc | 1 Technote | 2026-04-16 | N/A |
| Directory traversal vulnerability in main.cgi in Technote allows remote attackers to read arbitrary files via a .. (dot dot) attack in the filename parameter. | ||||
| CVE-2001-0106 | 1 Hp | 1 Hp-ux | 2026-04-16 | N/A |
| Vulnerability in inetd server in HP-UX 11.04 and earlier allows attackers to cause a denial of service when the "swait" state is used by a server. | ||||
| CVE-2005-0418 | 1 Sun | 1 J2se | 2026-04-16 | N/A |
| Argument injection vulnerability in Java Web Start for J2SE 1.4.2 up to 1.4.2_06, on Mac OS X, allows untrusted applications to gain privileges via the value parameter of a property tag in a JNLP file. NOTE: it is highly likely that this item will be MERGED with CVE-2005-0836. | ||||
| CVE-2001-0129 | 1 Tinyproxy | 1 Tinyproxy | 2026-04-16 | N/A |
| Buffer overflow in Tinyproxy HTTP proxy 1.3.3 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long connect request. | ||||
| CVE-2005-0589 | 2 Mozilla, Redhat | 2 Firefox, Enterprise Linux | 2026-04-16 | N/A |
| The Form Fill feature in Firefox before 1.0.1 allows remote attackers to steal potentially sensitive information via an input control that monitors the values that are generated by the autocomplete capability. | ||||
| CVE-2001-0133 | 1 Trend Micro | 1 Interscan Viruswall | 2026-04-16 | N/A |
| The web administration interface for Interscan VirusWall 3.6.x and earlier does not use encryption, which could allow remote attackers to obtain the administrator password to sniff the administrator password via the setpasswd.cgi program or other HTTP GET requests that contain base64 encoded usernames and passwords. | ||||
| CVE-2001-0166 | 1 Macromedia | 1 Shockwave Flash Plugin | 2026-04-16 | N/A |
| Macromedia Shockwave Flash plugin version 8 and earlier allows remote attackers to cause a denial of service via malformed tag length specifiers in a SWF file. | ||||
| CVE-2004-0987 | 2 Yard Radius, Yard Radius Project | 2 Yard Radius, Yard Radius | 2026-04-16 | N/A |
| Buffer overflow in the process_menu function in yardradius 1.0.20 allows remote attackers to execute arbitrary code. | ||||
| CVE-2001-0184 | 1 Eeye Digital Security | 1 Iris | 2026-04-16 | N/A |
| eEye Iris 1.01 beta allows remote attackers to cause a denial of service via a malformed packet, which causes Iris to crash when a user views the packet. | ||||
| CVE-2005-0594 | 1 Apple | 1 Mac Os X Server | 2026-04-16 | N/A |
| Buffer overflow in the Netinfo Setup Tool (NeST) allows local users to execute arbitrary code. | ||||
| CVE-2001-0200 | 1 Heat-on Software | 1 Hsweb | 2026-04-16 | N/A |
| HSWeb 2.0 HTTP server allows remote attackers to obtain the physical path of the server via a request to the /cgi/ directory, which will list the path if directory browsing is enabled. | ||||
| CVE-2001-0251 | 1 Netscape | 1 Enterprise Server | 2026-04-16 | N/A |
| The Web Publishing feature in Netscape Enterprise Server 3.x allows remote attackers to cause a denial of service via the REVLOG command. | ||||
| CVE-2005-1883 | 1 Yapig | 1 Yapig | 2026-04-16 | N/A |
| global.php in YaPiG 0.92b allows remote attackers to include arbitrary local files via the BASE_DIR parameter. | ||||
| CVE-2005-0460 | 1 Mercuryboard | 1 Mercuryboard | 2026-04-16 | N/A |
| index.php in MercuryBoard 1.0.x and 1.1.x allows remote attackers to obtain sensitive information by setting the debug parameter. | ||||
| CVE-2005-0599 | 1 Cisco | 1 Application And Content Networking Software | 2026-04-16 | N/A |
| Cisco devices running Application and Content Networking System (ACNS) 4.x, 5.0, or 5.1 before 5.1.11.6 allow remote attackers to cause a denial of service (CPU consumption) via malformed IP packets. | ||||