Total
29901 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-1955 | 1 Phprofession | 1 Phprofession | 2026-04-16 | N/A |
| SQL injection vulnerability in modules.php in phProfession 2.5 allows remote attackers to execute arbitrary SQL code via the offset parameter. | ||||
| CVE-2002-0831 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| The kqueue mechanism in FreeBSD 4.3 through 4.6 STABLE allows local users to cause a denial of service (kernel panic) via a pipe call in which one end is terminated and an EVFILT_WRITE filter is registered for the other end. | ||||
| CVE-2005-0929 | 1 Photopost | 1 Photopost Php Pro | 2026-04-16 | N/A |
| SQL injection vulnerability in PhotoPost PHP Pro 5.x may allow remote attackers to execute arbitrary SQL commands via (1) the sl parameter to showmembers.php or (2) the photo parameter to showphoto.php. | ||||
| CVE-2001-1295 | 1 Grant Averett | 1 Cerberus Ftp Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in Cerberus FTP Server 1.5 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the CD command. | ||||
| CVE-2000-1227 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2026-04-16 | N/A |
| Windows NT 4.0 and Windows 2000 hosts allow remote attackers to cause a denial of service (unavailable connections) by sending multiple SMB SMBnegprots requests but not reading the response that is sent back. | ||||
| CVE-2001-1313 | 1 Ibm | 1 Lotus Domino R5 | 2026-04-16 | N/A |
| Lotus Domino R5 before R5.0.7a allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via miscellaneous packets with semi-valid BER encodings, as demonstrated by the PROTOS LDAPv3 test suite. | ||||
| CVE-2001-0014 | 1 Microsoft | 1 Windows 2000 | 2026-04-16 | N/A |
| Remote Data Protocol (RDP) in Windows 2000 Terminal Service does not properly handle certain malformed packets, which allows remote attackers to cause a denial of service, aka the "Invalid RDP Data" vulnerability. | ||||
| CVE-2006-3737 | 1 Swsoft | 1 Plesk Control Panel | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in filemanager/filemanager.php in the control panel in SWsoft Plesk 8.0 and earlier allows remote authenticated users to inject arbitrary web script or HTML via the file parameter. | ||||
| CVE-2001-0324 | 1 Microsoft | 2 Windows 2000, Windows 98 | 2026-04-16 | N/A |
| Windows 98 and Windows 2000 Java clients allow remote attackers to cause a denial of service via a Java applet that opens a large number of UDP sockets, which prevents the host from establishing any additional UDP connections, and possibly causes a crash. | ||||
| CVE-2004-1425 | 1 Moodle | 1 Moodle | 2026-04-16 | N/A |
| Directory traversal vulnerability in file.php in Moodle 1.4.2 and earlier allows remote attackers to read arbitrary session files for known session IDs via a .. (dot dot) in the file parameter. | ||||
| CVE-2001-1351 | 2 Namazu, Redhat | 2 Namazu, Linux | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in Namazu 2.0.8 and earlier allows remote attackers to execute arbitrary Javascript as other web users via the index file name that is displayed when displaying hit numbers. | ||||
| CVE-2004-1427 | 1 Korweblog | 1 Korweblog | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in main.inc in KorWeblog 1.6.2-cvs and earlier allows remote attackers to execute arbitrary PHP code by modifying the G_PATH parameter to reference a URL on a remote web server that contains the code, as demonstrated in index.php when using .. (dot dot) sequences in the lng parameter to cause main.inc to be loaded. | ||||
| CVE-2005-0810 | 1 Notify Technology | 1 Notifylink | 2026-04-16 | N/A |
| SQL injection vulnerability in NotifyLink before 3.0 allows remote attackers to execute arbitrary SQL commands via the URL. | ||||
| CVE-2001-1360 | 1 Mostang | 1 Sane | 2026-04-16 | N/A |
| Vulnerability in Scanner Access Now Easy (SANE) before 1.0.5, related to pnm and saned. | ||||
| CVE-2001-1369 | 1 Leon J Breedt | 1 Pam-pgsql | 2026-04-16 | N/A |
| Leon J Breedt pam-pgsql before 0.5.2 allows remote attackers to execute arbitrary SQL code and bypass authentication or modify user account records by injecting SQL statements into user or password fields. | ||||
| CVE-2001-0529 | 1 Openbsd | 1 Openssh | 2026-04-16 | N/A |
| OpenSSH version 2.9 and earlier, with X forwarding enabled, allows a local attacker to delete any file named 'cookies' via a symlink attack. | ||||
| CVE-2002-0867 | 1 Microsoft | 1 Virtual Machine | 2026-04-16 | N/A |
| Microsoft Virtual Machine (VM) up to and including build 5.0.3805 allows remote attackers to cause a denial of service (crash) in Internet Explorer via invalid handle data in a Java applet, aka "Handle Validation Flaw." | ||||
| CVE-1999-0347 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| Internet Explorer 4.01 allows remote attackers to read local files and spoof web pages via a "%01" character in an "about:" Javascript URL, which causes Internet Explorer to use the domain specified after the character. | ||||
| CVE-2002-0878 | 1 Logisense | 2 Dns Manager System, Hawk-i | 2026-04-16 | N/A |
| SQL injection vulnerability in the login form for LogiSense software including (1) Hawk-i Billing, (2) Hawk-i ASP and (3) DNS Manager allows remote attackers to bypass authentication via SQL code in the password field. | ||||
| CVE-2001-1390 | 2 Linux, Redhat | 2 Linux Kernel, Linux | 2026-04-16 | N/A |
| Unknown vulnerability in binfmt_misc in the Linux kernel before 2.2.19, related to user pages. | ||||