Total
29908 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-1278 | 2 Abc2ps, John Chambers | 2 Abc2ps, Jcabc2ps | 2026-04-16 | N/A |
| Buffer overflow in the switch_voice function in parse.c for jcabc2ps 20040902 allows remote attackers to execute arbitrary code via a crafted ABC file. | ||||
| CVE-2001-0838 | 1 Network Solutions | 1 Rwhoisd | 2026-04-16 | N/A |
| Format string vulnerability in Network Solutions Rwhoisd 1.5.x allows remote attackers to execute arbitrary code via format string specifiers in the -soa command. | ||||
| CVE-2001-0842 | 1 Leoboard | 1 Lb5000 | 2026-04-16 | N/A |
| Directory traversal vulnerability in Search.cgi in Leoboard LB5000 LB5000II 1029 and earlier allows remote attackers to overwrite files and gain privileges via .. (dot dot) sequences in the amembernamecookie cookie. | ||||
| CVE-2001-0845 | 1 Dec | 4 Dec Openvms, Dec Openvms Alpha, Sevms and 1 more | 2026-04-16 | N/A |
| Vulnerability in DECwindows Motif Server on OpenVMS VAX or Alpha 6.2 through 7.3, and SEVMS VAX or Alpha 6.2, allows local users to gain access to unauthorized resources. | ||||
| CVE-2004-1828 | 1 Belchior Foundry | 1 Vcard | 2026-04-16 | N/A |
| Vcard 2.9 and possibly other versions does not require authorization to run uninstall.php, which could allow remote attackers to uninstall Vcard and delete database tables via a direct request to uninstall.php. | ||||
| CVE-2005-1951 | 1 Oscommerce | 1 Oscommerce | 2026-04-16 | N/A |
| Multiple HTTP Response Splitting vulnerabilities in osCommerce 2.2 Milestone 2 and earlier allow remote attackers to spoof web content and poison web caches via hex-encoded CRLF ("%0d%0a") sequences in the (1) products_id or (2) pid parameter to index.php or (3) goto parameter to banner.php. | ||||
| CVE-2001-0853 | 1 Entrust | 1 Getaccess | 2026-04-16 | N/A |
| Directory traversal vulnerability in Entrust GetAccess allows remote attackers to read arbitrary files via a .. (dot dot) in the locale parameter to (1) helpwin.gas.bat or (2) AboutBox.gas.bat. | ||||
| CVE-2005-2453 | 1 Networkactiv | 1 Networkactiv Web Server | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in NetworkActiv Web Server 1.0, 2.0.0.6, 3.0.1.1, and 3.5.13, and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via the query string. | ||||
| CVE-2002-1670 | 1 Microsoft | 2 Internet Explorer, Windows Xp | 2026-04-16 | N/A |
| Microsoft Windows XP Professional upgrade edition overwrites previously installed patches for Internet Explorer 6.0, leaving Internet Explorer unpatched. | ||||
| CVE-2004-1849 | 1 Cpanel | 1 Cpanel | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in cPanel 9.1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) email parameter to dodelautores.html or (2) handle parameter to addhandle.html. | ||||
| CVE-2002-1678 | 1 Jelsoft | 1 Vbulletin | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in memberlist.php in Jelsoft vBulletin 2.0 rc 2 through 2.2.4 allows remote attackers to steal authentication credentials by injecting script into $letterbits. | ||||
| CVE-2002-1704 | 1 Zeroboard | 1 Zeroboard | 2026-04-16 | N/A |
| Zeroboard 4.1, when the "allow_url_fopen" and "register_globals" variables are enabled, allows remote attackers to execute arbitrary PHP code by modifying the _zb_path parameter to reference a URL on a remote web server that contains the code. | ||||
| CVE-2005-1294 | 1 Nokia | 1 Affix | 2026-04-16 | N/A |
| The affix_sock_register in the Affix Bluetooth Protocol Stack for Linux might allow local users to gain privileges via a socket call with a negative protocol value, which is used as an array index. | ||||
| CVE-2002-1766 | 1 Netscape | 1 Communicator | 2026-04-16 | N/A |
| Buffer overflow in Composer in Netscape 4.77 allows local users to overwrite process memory and execute arbitrary code via a font tag with a long face attribute. | ||||
| CVE-2004-1864 | 1 Xmb Forum | 1 Xmb | 2026-04-16 | N/A |
| SQL injection vulnerability in Extreme Messageboard (XMB) 1.9 beta allows remote attackers to execute arbitrary SQL commands via the restrict parameter to (1) member.php, (2) misc.php, or (3) today.php. | ||||
| CVE-2004-1881 | 1 Cactusoft | 1 Cactushop | 2026-04-16 | N/A |
| SQL injection vulnerability in (1) mailorder.asp or (2) payonline.asp in CactuShop 5.x allows remote attackers to execute arbitrary SQL commands via the strItems parameter. | ||||
| CVE-2002-1849 | 1 Parachat | 1 Parachat Server | 2026-04-16 | N/A |
| ParaChat Server 4.0 does not log users off if the browser's back button is used, which allows remote attackers to cause a denial of service by repeatedly logging into a chat room, hitting the back button, then logging into the same chat room as a different user, which fills the chat room with invalid users. | ||||
| CVE-2002-1879 | 1 Lokwa | 1 Lokwabb | 2026-04-16 | N/A |
| SQL injection vulnerability in LokwaBB 1.2.2 allows remote attackers to execute arbitrary SQL commands via the (1) member parameter to member.php or (2) loser parameter to misc.php. | ||||
| CVE-2002-1884 | 1 Py-membres | 1 Py-membres | 2026-04-16 | N/A |
| index.php in Py-Membres 3.1 allows remote attackers to log in as an administrator by setting the pymembs parameter to "admin". | ||||
| CVE-2004-1921 | 1 X-micro | 1 Wlan 11b Broadband Router Firmware | 2026-04-16 | N/A |
| X-Micro WLAN 11b Broadband Router 1.6.0.1 has a hardcoded "1502" username and password, which could allow remote attackers to gain access. | ||||