Total
29894 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-1107 | 1 Mcafee | 1 Internet Security Suite | 2026-04-16 | N/A |
| McAfee Internet Security Suite 2005 uses insecure default ACLs for installed files, which allows local users to gain privileges or disable protection by modifying certain files. | ||||
| CVE-2004-2574 | 1 Phpgroupware | 1 Phpgroupware | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in phpGroupWare 0.9.14.005 and earlier allows remote attackers to inject arbitrary web script or HTML via the date parameter in a calendar.uicalendar.planner menuaction. | ||||
| CVE-2003-1476 | 1 Cerberus | 1 Ftp Server | 2026-04-16 | N/A |
| Cerberus FTP Server 2.1 stores usernames and passwords in plaintext, which could allow local users to gain access. | ||||
| CVE-2005-1114 | 2 Phpbb Group, Smartor | 2 Phpbb, Photo Album | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in album_search.php in Photo Album 2.0.53 for phpBB allow remote attackers to execute arbitrary SQL commands via the (1) mode or (2) search parameters. | ||||
| CVE-2004-2575 | 1 Phpgroupware | 1 Phpgroupware | 2026-04-16 | N/A |
| phpGroupWare 0.9.14.005 and earlier allow remote attackers to obtain sensitive information via a direct request to (1) hook_admin.inc.php, (2) hook_home.inc.php, (3) class.holidaycalc.inc.php, and (4) setup.inc.php.sample, which reveals the path in an error message. | ||||
| CVE-2004-0004 | 1 Openca | 1 Openca | 2026-04-16 | N/A |
| The libCheckSignature function in crypto-utils.lib for OpenCA 0.9.1.6 and earlier only compares the serial of the signer's certificate and the one in the database, which can cause OpenCA to incorrectly accept a signature if the certificate's chain is trusted by OpenCA's chain directory, allowing remote attackers to spoof requests from other users. | ||||
| CVE-2005-1001 | 1 Francisco Burzi | 1 Php-nuke | 2026-04-16 | N/A |
| PHP-Nuke 7.6 allows remote attackers to obtain sensitive information via direct requests to (1) the Surveys module with the file parameter set to comments or (2) 3D-Fantasy/theme.php, which leaks the full pathname of the web server in a PHP error message. | ||||
| CVE-2004-0032 | 1 Phpgedview | 1 Phpgedview | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in search.php in PHPGEDVIEW 2.61 allows remote attackers to inject arbitrary HTML and web script via the firstname parameter. | ||||
| CVE-2005-1002 | 1 Logics Software | 1 Log-ft | 2026-04-16 | N/A |
| logwebftbs2000.exe in Logics Software File Transfer (LOG-FT) allows remote attackers to read arbitrary files via modified (1) VAR_FT_LANG and (2) VAR_FT_TMPL parameters. | ||||
| CVE-2004-2577 | 1 Phpgroupware | 1 Phpgroupware | 2026-04-16 | N/A |
| The acl_check function in phpGroupWare 0.9.16RC2 always returns True, even when mkdir does not behave as expected, which could allow remote attackers to obtain sensitive information via WebDAV from users' home directories that lack .htaccess files, and possibly has other unknown impacts. | ||||
| CVE-2004-0036 | 1 Jelsoft | 1 Vbulletin | 2026-04-16 | N/A |
| SQL injection vulnerability in calendar.php for vBulletin Forum 2.3.x before 2.3.4 allows remote attackers to steal sensitive information via the eventid parameter. | ||||
| CVE-2004-0037 | 1 Opentext | 1 Opentext Firstclass Desktop Client | 2026-04-16 | N/A |
| FirstClass Desktop Client 7.1 allows remote attackers to execute arbitrary commands via hyperlinks in FirstClass RTF messages. | ||||
| CVE-1999-1038 | 1 Tamu | 1 Tiger | 2026-04-16 | N/A |
| Tiger 2.2.3 allows local users to overwrite arbitrary files via a symlink attack on various temporary files in Tiger's default working directory, as defined by the WORKDIR variable. | ||||
| CVE-1999-1042 | 1 Cisco | 1 Resource Manager | 2026-04-16 | N/A |
| Cisco Resource Manager (CRM) 1.0 and 1.1 creates world-readable log files and temporary files, which may expose sensitive information, to local users such as user IDs, passwords and SNMP community strings. | ||||
| CVE-2004-0038 | 1 Mcafee | 1 Epolicy Orchestrator | 2026-04-16 | N/A |
| McAfee ePolicy Orchestrator (ePO) 2.5.1 Patch 13 and 3.0 SP2a Patch 3 allows remote attackers to execute arbitrary commands via certain HTTP POST requests to the spipe/file handler on ePO TCP port 81. | ||||
| CVE-2004-0043 | 1 Yahoo | 1 Messenger | 2026-04-16 | N/A |
| Buffer overflow in Yahoo Instant Messenger 5.6.0.1351 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long filename in the download feature. | ||||
| CVE-2004-0046 | 1 Snapstream | 1 Snapstream Pvs | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in SnapStream PVS LITE allows remote attackers to inject arbitrary web script or HTML via a GET request containing a terminating '"' (double quote) character. | ||||
| CVE-1999-1079 | 1 Ibm | 1 Aix | 2026-04-16 | N/A |
| Vulnerability in ptrace in AIX 4.3 allows local users to gain privileges by attaching to a setgid program. | ||||
| CVE-2003-1521 | 1 Sun | 1 Java Plug-in | 2026-04-16 | N/A |
| Sun Java Plug-In 1.4 through 1.4.2_02 allows remote attackers to repeatedly access the floppy drive via the createXmlDocument method in the org.apache.crimson.tree.XmlDocument class, which violates the Java security model. | ||||
| CVE-2003-1527 | 2 Ibm, Iss | 2 Internet Security Systems Blackice Defender, Blackice Server Protection | 2026-04-16 | N/A |
| BlackICE Defender 2.9.cap and Server Protection 3.5.cdf, when configured to automatically block attacks, allows remote attackers to block IP addresses and cause a denial of service via spoofed packets. | ||||