Total
29891 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2001-0842 | 1 Leoboard | 1 Lb5000 | 2026-04-16 | N/A |
| Directory traversal vulnerability in Search.cgi in Leoboard LB5000 LB5000II 1029 and earlier allows remote attackers to overwrite files and gain privileges via .. (dot dot) sequences in the amembernamecookie cookie. | ||||
| CVE-2001-0844 | 1 Seth Leonard | 2 Book Of Guests, Post It | 2026-04-16 | N/A |
| Vulnerability in (1) Book of guests and (2) Post it! allows remote attackers to execute arbitrary code via shell metacharacters in the email parameter. | ||||
| CVE-2003-0479 | 1 Affordable Web Space Design | 1 Affordable Web Space Design Webbbs | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the guestbook for WebBBS allows remote attackers to insert arbitrary web script via the (1) Name, (2) Email, or (3) Message fields. | ||||
| CVE-2003-0482 | 1 Gero Kohnert | 1 Tutos | 2026-04-16 | N/A |
| TUTOS 1.1 allows remote attackers to execute arbitrary code by uploading the code using file_new.php, then directly accessing the uploaded code via a request to the repository containing the code. | ||||
| CVE-2001-0846 | 1 Lotus | 1 Domino | 2026-04-16 | N/A |
| Lotus Domino 5.x allows remote attackers to read files or execute arbitrary code by requesting the ReplicaID of the Web Administrator template file (webadmin.ntf). | ||||
| CVE-2001-0847 | 1 Lotus | 1 Domino Web Server | 2026-04-16 | N/A |
| Lotus Domino Web Server 5.x allows remote attackers to gain sensitive information by accessing the default navigator $defaultNav via (1) URL encoding the request, or (2) directly requesting the ReplicaID. | ||||
| CVE-2006-2632 | 1 Andrew Godwin | 1 Bytehoard | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Andrew Godwin ByteHoard 2.1 and earlier allows remote authenticated users to inject arbitrary web script or HTML via file descriptions. | ||||
| CVE-2006-3589 | 1 Vmware | 5 Esx, Infrastructure, Player and 2 more | 2026-04-16 | N/A |
| vmware-config.pl in VMware for Linux, ESX Server 2.x, and Infrastructure 3 does not check the return code from a Perl chmod function call, which might cause an SSL key file to be created with an unsafe umask that allows local users to read or modify the SSL key. | ||||
| CVE-2006-3590 | 1 Microsoft | 1 Powerpoint | 2026-04-16 | N/A |
| mso.dll, as used by Microsoft PowerPoint 2000 through 2003, allows user-assisted attackers to execute arbitrary commands via a malformed shape container in a PPT file that leads to memory corruption, as exploited by Trojan.PPDropper.B, a different issue than CVE-2006-1540 and CVE-2006-3493. | ||||
| CVE-2006-2634 | 1 Neocrome | 1 Seditio | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Neocrome Land Down Under (LDU) in Neocrome Seditio 102 allows remote attackers to inject arbitrary web script or HTML via an HTTP Referer field. | ||||
| CVE-2006-3592 | 1 Cisco | 1 Unified Callmanager | 2026-04-16 | N/A |
| Unspecified vulnerability in the command line interface (CLI) in Cisco Unified CallManager (CUCM) 5.0(1) through 5.0(3a) allows local users to execute arbitrary commands with elevated privileges via unspecified vectors, involving "certain CLI commands," aka bug CSCse11005. | ||||
| CVE-2006-2637 | 1 Tuttophp | 3 Morris Guestbook, Pretty Guestbook, Smile Guestbook | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in view.php in TuttoPhp (1) Morris Guestbook 1, (2) Pretty Guestbook 1, and (3) Smile Guestbook 1 allows remote attackers to inject arbitrary web script or HTML via a javascript URI in the SRC attribute of an IMG element in the pagina parameter. | ||||
| CVE-2006-3594 | 1 Cisco | 1 Unified Callmanager | 2026-04-16 | N/A |
| Buffer overflow in Cisco Unified CallManager (CUCM) 5.0(1) through 5.0(3a) allows remote attackers to execute arbitrary code via a long hostname in a SIP request, aka bug CSCsd96542. | ||||
| CVE-2004-0457 | 2 Oracle, Redhat | 2 Mysql, Enterprise Linux | 2026-04-16 | N/A |
| The mysqlhotcopy script in mysql 4.0.20 and earlier, when using the scp method from the mysql-server package, allows local users to overwrite arbitrary files via a symlink attack on temporary files. | ||||
| CVE-2003-0501 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Linux | 2026-04-16 | N/A |
| The /proc filesystem in Linux allows local users to obtain sensitive information by opening various entries in /proc/self before executing a setuid program, which causes the program to fail to change the ownership and permissions of those entries. | ||||
| CVE-2006-3596 | 1 Cisco | 1 Ips Sensor Software | 2026-04-16 | N/A |
| The device driver for Intel-based gigabit network adapters in Cisco Intrusion Prevention System (IPS) 5.1(1) through 5.1(p1), as installed on various Cisco Intrusion Prevention System 42xx appliances, allows remote attackers to cause a denial of service (kernel panic and possibly network outage) via a crafted IP packet. | ||||
| CVE-2001-0853 | 1 Entrust | 1 Getaccess | 2026-04-16 | N/A |
| Directory traversal vulnerability in Entrust GetAccess allows remote attackers to read arbitrary files via a .. (dot dot) in the locale parameter to (1) helpwin.gas.bat or (2) AboutBox.gas.bat. | ||||
| CVE-2006-3610 | 1 Orbitcoders | 1 Orbitmatrix | 2026-04-16 | N/A |
| index.php in Orbitcoders OrbitMATRIX 1.0 allows remote attackers to obtain sensitive information (partial database schema) via a modified page_name parameter, which reflects portions of an SQL query in the result. NOTE: it is not clear whether the information is target-specific. If not, then this issue is not an exposure. | ||||
| CVE-2006-3625 | 1 Flv | 1 Flv Player | 2026-04-16 | N/A |
| FLV Players 8 allows remote attackers to obtain sensitive information via (1) a direct request to paginate.php or (2) an invalid p parameter to player.php, which reveal the path in an error message. | ||||
| CVE-2006-3636 | 2 Gnu, Redhat | 2 Mailman, Enterprise Linux | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Mailman before 2.1.9rc1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||