Total
29901 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-2342 | 1 Rim | 2 Blackberry Enterprise Server, Blackberry Router | 2026-04-16 | N/A |
| Research in Motion (RIM) BlackBerry Router allows remote attackers to cause a denial of service (communication disruption) via crafted Server Routing Protocol (SRP) packets. | ||||
| CVE-2002-1431 | 1 Belkin | 1 F5d5230-4 4-port Cable Dsl Gateway Router | 2026-04-16 | N/A |
| Belkin F5D5230-4 4-Port Cable/DSL Gateway Router 1.20.000 modifies the source IP address of internal packets to that of the router's external interface when forwarding a request from an internal host to an internal web server, which allows remote attackers to hide which host is being used to access the web server. | ||||
| CVE-2006-1429 | 1 Fusionzone | 1 Classifiedzone | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in accountlogon.cfm in classifiedZONE 1.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the rtn parameter. | ||||
| CVE-2002-0497 | 1 Mtr | 1 Mtr | 2026-04-16 | N/A |
| Buffer overflow in mtr 0.46 and earlier, when installed setuid root, allows local users to access a raw socket via a long MTR_OPTIONS environment variable. | ||||
| CVE-2005-3337 | 1 Mantis | 1 Mantis | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Mantis before 0.19.3 allow remote attackers to inject arbitrary web script or HTML via (1) unknown vectors involving Javascript and (2) mantis/view_all_set.php. | ||||
| CVE-2002-0521 | 1 Asp-nuke | 1 Asp-nuke | 2026-04-16 | N/A |
| Cross-site scripting vulnerabilities in ASP-Nuke RC2 and earlier allow remote attackers to execute script or gain privileges as other ASP-Nuke users via script in (1) the name parameter in downloads.asp, (2) the message parameter in Post.asp, or (3) a web site URL in profile.asp. | ||||
| CVE-2005-0976 | 3 Apple, Hmdt, Omnigroup | 3 Safari, Shiira, Omniweb | 2026-04-16 | N/A |
| AppleWebKit (WebCore and WebKit), as used in multiple products such as Safari 1.2 and OmniGroup OmniWeb 5.1, allows remote attackers to read arbitrary files via the XMLHttpRequest Javascript component, as demonstrated using automatically mounted disk images and file:// URLs. | ||||
| CVE-2004-2117 | 1 Tinyserver | 1 Tinyserver | 2026-04-16 | N/A |
| Tiny Server 1.1 allows remote attackers to cause a denial of service (crash) via malformed HTTP requests such as (1) a GET request without the HTTP version (HTTP/1.1), or (2) a request without GET or the HTTP version. | ||||
| CVE-2005-4197 | 1 Nortel | 1 Ssl Vpn | 2026-04-16 | N/A |
| tunnelform.yaws in Nortel SSL VPN 4.2.1.6 allows remote attackers to execute arbitrary commands via a link in the a parameter, which is executed with extra privileges in a cryptographically signed Java Applet. | ||||
| CVE-2002-0565 | 1 Oracle | 3 Application Server, Application Server Web Cache, Oracle9i | 2026-04-16 | N/A |
| Oracle 9iAS 1.0.2.x compiles JSP files in the _pages directory with world-readable permissions under the web root, which allows remote attackers to obtain sensitive information derived from the JSP code, including usernames and passwords, via a direct HTTP request to _pages. | ||||
| CVE-2002-1496 | 1 Nulllogic | 1 Null Httpd | 2026-04-16 | N/A |
| Heap-based buffer overflow in Null HTTP Server 0.5.0 and earlier allows remote attackers to execute arbitrary code via a negative value in the Content-Length HTTP header. | ||||
| CVE-2002-0577 | 1 Hp | 1 Hp-ux | 2026-04-16 | N/A |
| Vulnerability in passwd for HP-UX 11.00 and 11.11 allows local users to corrupt the password file and cause a denial of service. | ||||
| CVE-2004-1542 | 1 Raven Software | 1 Soldier Of Fortune | 2026-04-16 | N/A |
| Buffer overflow in Soldier of Fortune II 1.03 Gold and earlier allows remote attackers to cause a denial of service (server or client crash) via a long (1) query or (2) reply. | ||||
| CVE-2005-0980 | 1 Alstrasoft | 1 Epay | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in index.php in AlstraSoft EPay Pro 2.0 allows remote attackers to execute arbitrary PHP code by modifying the view parameter to reference a URL on a remote web server that contains the code. | ||||
| CVE-2004-1547 | 1 Onnuri Infotek | 1 Activepost Standard | 2026-04-16 | N/A |
| The file server in ActivePost Standard 3.1 and earlier allows remote authenticated users to cause a denial of service (application crash) via a long filename, possibly triggering a buffer overflow. | ||||
| CVE-2002-1546 | 1 Brs | 1 Webweaver | 2026-04-16 | N/A |
| BRS WebWeaver Web Server 1.01 allows remote attackers to bypass password protections for files and directories via an HTTP request containing a "/./" sequence. | ||||
| CVE-2002-0626 | 1 Polycom | 8 Viewstation 128, Viewstation 512, Viewstation Dcp and 5 more | 2026-04-16 | N/A |
| Polycom ViewStation before 7.2.4 has a default null password for the administrator account, which allows arbitrary users to conduct unauthorized activities. | ||||
| CVE-2002-0651 | 2 Isc, Redhat | 3 Bind, Enterprise Linux, Linux | 2026-04-16 | N/A |
| Buffer overflow in the DNS resolver code used in libc, glibc, and libbind, as derived from ISC BIND, allows remote malicious DNS servers to cause a denial of service and possibly execute arbitrary code via the stub resolvers. | ||||
| CVE-2002-1601 | 1 Adobe | 1 Photodeluxe | 2026-04-16 | N/A |
| The Connectables feature in Adobe PhotoDeluxe 3.1 prepends the Adobe directory to the CLASSPATH environment variable, which allows applets to run with higher privileges and remote attackers to gain privileges via an HTML e-mail message or a web page. | ||||
| CVE-2004-1572 | 1 Aj-fork | 1 Aj-fork | 2026-04-16 | N/A |
| AJ-Fork 167 does not restrict access to directories such as (1) data, (2) inc, (3) plugins, (4) skins, or (5) tools, which allows remote attackers to list files in those directories via a direct HTTP request. | ||||