Total
29925 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-1123 | 1 D2ksoft | 1 D2kblog | 2026-04-16 | N/A |
| SQL injection vulnerability in D2KBlog 1.0.3 and earlier allows remote attackers to execute arbitrary SQL commands via the memName parameter in a cookie. | ||||
| CVE-2001-0533 | 1 Ibm | 1 Aix | 2026-04-16 | N/A |
| Buffer overflow in libi18n library in IBM AIX 5.1 and 4.3.x allows local users to gain root privileges via a long LANG environmental variable. | ||||
| CVE-2003-1045 | 1 Mozilla | 1 Bugzilla | 2026-04-16 | N/A |
| votes.cgi in Bugzilla 2.16.3 and earlier, and 2.17.1 through 2.17.4, allows remote attackers to read a user's voting page when that user has voted on a restricted bug, which allows remote attackers to read potentially sensitive voting information by modifying the who parameter. | ||||
| CVE-2006-3017 | 2 Php, Redhat | 3 Php, Enterprise Linux, Rhel Stronghold | 2026-04-16 | N/A |
| zend_hash_del_key_or_index in zend_hash.c in PHP before 4.4.3 and 5.x before 5.1.3 can cause zend_hash_del to delete the wrong element, which prevents a variable from being unset even when the PHP unset function is called, which might cause the variable's value to be used in security-relevant operations. | ||||
| CVE-2006-5000 | 2 Ipswitch, Progress | 2 Ws Ftp Server, Ws Ftp Server | 2026-04-16 | N/A |
| Multiple buffer overflows in WS_FTP Server 5.05 before Hotfix 1, and possibly other versions down to 5.0, have unknown impact and remote authenticated attack vectors via the (1) XCRC, (2) XMD5, and (3) XSHA1 commands. NOTE: in the early publication of this identifier on 20060926, the description was used for the wrong issue. | ||||
| CVE-2001-0565 | 1 Sun | 2 Solaris, Sunos | 2026-04-16 | N/A |
| Buffer overflow in mailx in Solaris 8 and earlier allows a local attacker to gain additional privileges via a long '-F' command line option. | ||||
| CVE-2002-0190 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| Microsoft Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to execute arbitrary code under fewer security restrictions via a malformed web page that requires NetBIOS connectivity, aka "Zone Spoofing through Malformed Web Page" vulnerability. | ||||
| CVE-2001-0643 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| Internet Explorer 5.5 does not display the Class ID (CLSID) when it is at the end of the file name, which could allow attackers to trick the user into executing dangerous programs by making it appear that the document is of a safe file type. | ||||
| CVE-2001-0648 | 1 Phprojekt | 1 Phprojekt | 2026-04-16 | N/A |
| Directory traversal vulnerability in PHProjekt 2.1 and earlier allows a remote attacker to conduct unauthorized activities via a dot dot (..) attack on the file module. | ||||
| CVE-2001-0712 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| The rendering engine in Internet Explorer determines the MIME type independently of the type that is specified by the server, which allows remote servers to automatically execute script which is placed in a file whose MIME type does not normally support scripting, such as text (.txt), JPEG (.jpg), etc. | ||||
| CVE-2002-0214 | 1 Intel | 1 Intel Pro Wireless 2011b Lan Usb Device Driver | 2026-04-16 | N/A |
| Compaq Intel PRO/Wireless 2011B LAN USB Device Driver 1.5.16.0 through 1.5.18.0 stores the 128-bit WEP (Wired Equivalent Privacy) key in plaintext in a registry key with weak permissions, which allows local users to decrypt network traffic by reading the WEP key from the registry key. | ||||
| CVE-2002-0223 | 2 Infopop, Wired Community Software | 2 Ultimate Bulletin Board, Wwwthreads | 2026-04-16 | N/A |
| Infopop UBB.Threads 5.4 and Wired Community Software WWWThreads 5.0 through 5.0.9 allows remote attackers to upload arbitrary files by using a filename that contains an accepted extension, but ends in a different extension. | ||||
| CVE-2004-2643 | 1 Microsoft | 1 Cabarc | 2026-04-16 | N/A |
| Directory traversal vulnerability in Microsoft cabarc allows remote attackers to overwrite files via "../" sequences in file names in a CAB archive. | ||||
| CVE-2006-1457 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| Safari on Apple Mac OS X 10.4.6, when "Open `safe' files after downloading" is enabled, will automatically expand archives, which could allow remote attackers to overwrite arbitrary files via an archive that contains a symlink. | ||||
| CVE-2001-0849 | 1 Duncan Hall | 1 Viralator | 2026-04-16 | N/A |
| viralator CGI script in Viralator 0.9pre1 and earlier allows remote attackers to execute arbitrary code via a URL for a file being downloaded, which is insecurely passed to a call to wget. | ||||
| CVE-2006-2638 | 1 Qjstudios | 1 Qjforum | 2026-04-16 | N/A |
| SQL injection vulnerability in member.asp in qjForum allows remote attackers to execute arbitrary SQL commands via the uName parameter. | ||||
| CVE-2006-2705 | 1 Secure Elements | 1 C5 Enterprise Vulnerability Management | 2026-04-16 | N/A |
| Secure Elements Class 5 AVR server (aka C5 EVM) before 2.8.1 allows remote attackers to cause an unspecified denial of service via a large number of forged client registration messages. | ||||
| CVE-2006-4287 | 2 Nes Game, Nes System | 2 Nes Game, Nes System | 2026-04-16 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in NES Game and NES System c108122 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) phphtmllib parameter to (a) phphtmllib/includes.php; tag_utils/ scripts including (b) divtag_utils.php, (c) form_utils.php, (d) html_utils.php, and (e) localinc.php; and widgets/ scripts including (f) FooterNav.php, (g) HTMLPageClass.php, (h) InfoTable.php, (i) localinc.php, (j) NavTable.php, and (k) TextNav.php. | ||||
| CVE-1999-0233 | 1 Microsoft | 1 Internet Information Services | 2026-04-16 | N/A |
| IIS 1.0 allows users to execute arbitrary commands using .bat or .cmd files. | ||||
| CVE-2002-0256 | 1 Arescom | 1 Netdsl | 2026-04-16 | N/A |
| The telnet port in Arescom NetDSL 1000 router allows remote attackers to cause a denial of service via a series of connections with long strings, which causes a large number of login failures and causes the telnet service to stop. | ||||