Total
29897 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-1999-1161 | 1 Hp | 1 Hp-ux | 2026-04-16 | N/A |
| Vulnerability in ppl in HP-UX 10.x and earlier allows local users to gain root privileges by forcing ppl to core dump. | ||||
| CVE-2005-4025 | 1 Help Desk Reloaded | 1 Free Help Desk | 2026-04-16 | N/A |
| Help Desk Reloaded Free Help Desk does not remove or protect install.php once installation is complete, which allows remote attackers to gain privileges via a direct request to install.php, then navigating to accountsetup.php and creating a new user. | ||||
| CVE-2002-1255 | 1 Microsoft | 1 Outlook | 2026-04-16 | N/A |
| Microsoft Outlook 2002 allows remote attackers to cause a denial of service (repeated failure) via an email message with a certain invalid header field that is accessed using POP3, IMAP, or WebDAV, aka "E-mail Header Processing Flaw Could Cause Outlook 2002 to Fail." | ||||
| CVE-1999-1162 | 1 Sco | 2 Open Desktop, Unix | 2026-04-16 | N/A |
| Vulnerability in passwd in SCO UNIX 4.0 and earlier allows attackers to cause a denial of service by preventing users from being able to log into the system. | ||||
| CVE-1999-1166 | 1 Linux | 1 Linux Kernel | 2026-04-16 | N/A |
| Linux 2.0.37 does not properly encode the Custom segment limit, which allows local users to gain root privileges by accessing and modifying kernel memory. | ||||
| CVE-1999-1167 | 1 Third Voice | 1 Third Voice Web | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in Third Voice Web annotation utility allows remote users to read sensitive data and generate fake web pages for other Third Voice users by injecting malicious Javascript into an annotation. | ||||
| CVE-2002-1258 | 1 Microsoft | 8 Windows 2000, Windows 2000 Terminal Services, Windows 95 and 5 more | 2026-04-16 | N/A |
| Two vulnerabilities in Microsoft Virtual Machine (VM) up to and including build 5.0.3805, as used in Internet Explorer and other applications, allow remote attackers to read files via a Java applet with a spoofed location in the CODEBASE parameter in the APPLET tag, possibly due to a parsing error. | ||||
| CVE-1999-1168 | 1 Iss | 1 Internet Security Scanner | 2026-04-16 | N/A |
| install.iss installation script for Internet Security Scanner (ISS) for Linux, version 5.3, allows local users to change the permissions of arbitrary files via a symlink attack on a temporary file. | ||||
| CVE-1999-1169 | 1 Flavio Veloso | 1 Nobo | 2026-04-16 | N/A |
| nobo 1.2 allows remote attackers to cause a denial of service (crash) via a series of large UDP packets. | ||||
| CVE-2005-4078 | 1 Ideal Science | 1 Ideal Bb.net | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Ideal BB.NET 1.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) forumID, (2) boardID, and (3) topicRepeater1-p parameters in topics.aspx, (4) boardID parameter in categoryindex.aspx, (5) postID parameter in posts.aspx, (6) catID parameter in forums.aspx, and (7) memberID parameter in member.aspx. | ||||
| CVE-1999-1173 | 1 Corel | 1 Wordperfect | 2026-04-16 | N/A |
| Corel Word Perfect 8 for Linux creates a temporary working directory with world-writable permissions, which allows local users to (1) modify Word Perfect behavior by modifying files in the working directory, or (2) modify files of other users via a symlink attack. | ||||
| CVE-1999-1174 | 1 Iomega | 1 Zip 100 Mb Drive | 2026-04-16 | N/A |
| ZIP drive for Iomega ZIP-100 disks allows attackers with physical access to the drive to bypass password protection by inserting a known disk with a known password, waiting for the ZIP drive to power down, manually replacing the known disk with the target disk, and using the known password to access the target disk. | ||||
| CVE-2005-4088 | 1 W2b | 1 Phpforumpro | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php in phpForumPro 2.2 allows remote attackers to execute arbitrary SQL commands via the (1) parent and (2) day parameters. | ||||
| CVE-1999-1175 | 1 Cisco | 1 Ios | 2026-04-16 | N/A |
| Web Cache Control Protocol (WCCP) in Cisco Cache Engine for Cisco IOS 11.2 and earlier does not use authentication, which allows remote attackers to redirect HTTP traffic to arbitrary hosts via WCCP packets to UDP port 2048. | ||||
| CVE-2002-1262 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| Internet Explorer 5.5 and 6.0 does not perform complete security checks on external caching, which allows remote attackers to read arbitrary files. | ||||
| CVE-2005-4130 | 1 Realnetworks | 1 Realplayer | 2026-04-16 | N/A |
| ** UNVERIFIABLE, PRERELEASE ** NOTE: this issue describes a problem that can not be independently verified as of 20051208. Unspecified vulnerability in unspecified versions of Real Networks RealPlayer allows remote attackers to execute arbitrary code. NOTE: it is not known whether this issue should be MERGED with CVE-2005-4126. The information regarding this issue is extremely vague and does not provide any verifiable information. It has been posted by a reliable reporter with a prerelease disclosure policy. This item has only been assigned a CVE identifier for tracking purposes, and to serve as a concrete example for discussion of the newly emerging UNVERIFIABLE and PRERELEASE content decisions in CVE, which must be discussed by the Editorial Board. Without additional details or independent verification by reliable sources, it is possible that this item might be RECAST or REJECTED. | ||||
| CVE-2005-4132 | 1 Contenido | 1 Contendio | 2026-04-16 | N/A |
| Unspecified "security leak" vulnerability in Contenido before 4.6.4, when register_globals is on and allow_url_fopen is true, has unspecified impact and attack vectors. NOTE: it is likely that this is a PHP remote file include vulnerability. | ||||
| CVE-2005-4133 | 1 Sun | 1 Solaris | 2026-04-16 | N/A |
| Sun Update Connection in Sun Solaris 10, when configured to use a web proxy, allows local users to obtain the proxy authentication password via (1) an unspecified vector and (2) proxy log files. | ||||
| CVE-2005-4142 | 1 Lyris Technologies Inc | 1 Listmanager | 2026-04-16 | N/A |
| The web interface for subscribing new users in Lyris ListManager 5.0 through 8.8b, in combination with a line wrap feature, allows remote attackers to execute arbitrary list administration commands via LFCR (%0A%0D) sequences in the pw parameter. NOTE: it is not clear whether this is a variant of a CRLF injection vulnerability. | ||||
| CVE-2002-1264 | 1 Oracle | 1 Oracle9i | 2026-04-16 | N/A |
| Buffer overflow in Oracle iSQL*Plus web application of the Oracle 9 database server allows remote attackers to execute arbitrary code via a long USERID parameter in the isqlplus URL. | ||||