Total
29908 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-1169 | 1 Mafia | 1 Mafia Blog | 2026-04-16 | N/A |
| Mafia Blog .4 BETA does not properly protect the admin directory, which allows remote attackers to execute arbitrary PHP code by using writeinfo.php to inject the code into info.php. | ||||
| CVE-2002-2218 | 1 Sips | 1 Sips | 2026-04-16 | N/A |
| CRLF injection vulnerability in the setUserValue function in sipssys/code/site.inc.php in Haakon Nilsen simple, integrated publishing system (SIPS) before 20020209 has unknown impact, possibly gaining privileges or modifying critical configuration, via a CRLF sequence in a key value. | ||||
| CVE-2003-0316 | 1 Fourelle Venturi Wireless | 1 Venturi Client | 2026-04-16 | N/A |
| Venturi Client before 2.2, as used in certain Fourelle and Venturi Wireless products, can be used as an open proxy for various protocols, including an open relay for SMTP, which allows it to be abused by spammers. | ||||
| CVE-2003-0532 | 1 Microsoft | 2 Ie, Internet Explorer | 2026-04-16 | N/A |
| Internet Explorer 5.01 SP3 through 6.0 SP1 does not properly determine object types that are returned by web servers, which could allow remote attackers to execute arbitrary code via an object tag with a data parameter to a malicious file hosted on a server that returns an unsafe Content-Type, aka the "Object Type" vulnerability. | ||||
| CVE-2003-0494 | 1 Snitz Communications | 1 Snitz Forums 2000 | 2026-04-16 | N/A |
| password.asp in Snitz Forums 3.4.03 and earlier allows remote attackers to reset passwords and gain privileges as other users by via a direct request to password.asp with a modified member id. | ||||
| CVE-2005-2862 | 1 Road Runner | 1 Adsl Road Runner Modem | 2026-04-16 | N/A |
| ADSL Road Runner modem in the Annex A family has a service running on port 224, which allows remote attackers to login to the modem with a blank password and gain unauthorized access. | ||||
| CVE-2004-2114 | 1 Internetnow | 1 Proxynow | 2026-04-16 | N/A |
| Stack-based and heap-based buffer overflows in ProxyNow! 2.75 and earlier allow remote attackers to execute arbitrary code via a GET request with a long ftp:// URL. | ||||
| CVE-2003-0943 | 1 Sap | 1 Sap Db | 2026-04-16 | N/A |
| web-tools in SAP DB before 7.4.03.30 installs several services that are enabled by default, which could allow remote attackers to obtain potentially sensitive information or redirect attacks against internal databases via (1) waecho, (2) Web SQL Interface (websql), or (3) Web Database Manager (webdbm). | ||||
| CVE-2003-0966 | 2 Elm Development Group, Redhat | 2 Elm, Enterprise Linux | 2026-04-16 | N/A |
| Buffer overflow in the frm command in elm 2.5.6 and earlier, and possibly later versions, allows remote attackers to execute arbitrary code via a long Subject line. | ||||
| CVE-2003-1110 | 1 Columbia University | 1 Sipc | 2026-04-16 | N/A |
| The Session Initiation Protocol (SIP) implementation in Columbia SIP User Agent (sipc) 1.74 and other versions before sipc 2.0 build 2003-02-21 allows remote attackers to cause a denial of service or execute arbitrary code via crafted INVITE messages, as demonstrated by the OUSPG PROTOS c07-sip test suite. | ||||
| CVE-2003-1139 | 1 Musicqueue | 1 Musicqueue | 2026-04-16 | N/A |
| Musicqueue 1.2.0 allows local users to overwrite arbitrary files by triggering a segmentation fault and using a symlink attack on the resulting musicqueue.crash file. | ||||
| CVE-2001-0688 | 1 Transsoft | 1 Broker Ftp Server | 2026-04-16 | N/A |
| Broker FTP Server 5.9.5.0 allows a remote attacker to cause a denial of service by repeatedly issuing an invalid CD or CWD ("CD . .") command. | ||||
| CVE-2004-1223 | 1 F-secure | 1 Policy Manager | 2026-04-16 | N/A |
| The Management Agent in F-Secure Policy Manager 5.11.2810 allows remote attackers to gain sensitive information, such as the absolute path for the web server, via an HTTP request to fsmsh.dll without any parameters. | ||||
| CVE-2002-2243 | 1 Akfingerd | 1 Akfingerd | 2026-04-16 | N/A |
| Akfingerd 0.5 and possibly earlier versions only allows one connection at a time and does not time out connections, which allows remote attackers to cause a denial of service (refused connections) by opening a connection and not closing it. | ||||
| CVE-2004-0158 | 1 Lgames | 1 Lbreakout2 | 2026-04-16 | N/A |
| Buffer overflow in lbreakout2 allows local users to gain 'games' group privileges via a large HOME environment variable to (1) editor.c, (2) theme.c, (3) manager.c, (4) config.c, (5) game.c, (6) levels.c, or (7) main.c. | ||||
| CVE-2004-0167 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| DiskArbitration in Mac OS X 10.2.8 and 10.3.2 does not properly initialize writeable removable media. | ||||
| CVE-2004-0419 | 4 Gentoo, Redhat, X.org and 1 more | 4 Linux, Enterprise Linux, X11r6 and 1 more | 2026-04-16 | N/A |
| XDM in XFree86 opens a chooserFd TCP socket even when DisplayManager.requestPort is 0, which could allow remote attackers to connect to the port, in violation of the intended restrictions. | ||||
| CVE-2004-0572 | 1 Microsoft | 1 Grpconv | 2026-04-16 | N/A |
| Buffer overflow in the Windows Program Group Converter (grpconv.exe) may allow remote attackers to execute arbitrary code via a shell: URL with a long filename and a .grp extension, which is not properly handled when the shell capability launches grpconv.exe. | ||||
| CVE-2004-1814 | 1 Vocaltec | 1 Vgw4 8 Telephony Gateway | 2026-04-16 | N/A |
| Directory traversal vulnerability in VocalTec VGW4/8 Gateway 8.0 allows remote attackers to read protected files via .. (dot dot) sequences in an HTTP request, as demonstrated using home.asp. | ||||
| CVE-2004-1120 | 1 Prozilla | 1 Prozilla Download Accelerator | 2026-04-16 | N/A |
| Multiple buffer overflows in (1) http.c, (2) http-retr.c, (3) main.c and other code that handles network protocols in ProZilla 1.3.6-r2 and earlier allow remote servers to execute arbitrary code via a long Location header. | ||||