Total
29909 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2000-0530 | 2 Caldera, Kde | 2 Openlinux, Kde | 2026-04-16 | N/A |
| The KApplication class in the KDE 1.1.2 configuration file management capability allows local users to overwrite arbitrary files. | ||||
| CVE-2005-2967 | 1 Xine | 1 Xine-lib | 2026-04-16 | N/A |
| Format string vulnerability in input_cdda.c in xine-lib 1-beta through 1-beta 3, 1-rc, 1.0 through 1.0.2, and 1.1.1 allows remote servers to execute arbitrary code via format string specifiers in metadata in CDDB server responses when the victim plays a CD. | ||||
| CVE-2005-2968 | 2 Mozilla, Redhat | 3 Firefox, Mozilla, Enterprise Linux | 2026-04-16 | N/A |
| Firefox 1.0.6 and Mozilla 1.7.10 allows attackers to execute arbitrary commands via shell metacharacters in a URL that is provided to the browser on the command line, which is sent unfiltered to bash. | ||||
| CVE-2002-1858 | 1 Oracle | 1 Application Server | 2026-04-16 | N/A |
| Oracle Oracle9i Application Server 1.0.2.2 and 9.0.2 through 9.0.2.0.1, when running on Windows, allows remote attackers to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF directory with a trailing dot ("WEB-INF."). | ||||
| CVE-2005-3757 | 1 Google | 2 Mini Search Appliance, Search Appliance | 2026-04-16 | N/A |
| The Saxon XSLT parser in Google Mini Search Appliance, and possibly Google Search Appliance, allows remote attackers to obtain sensitive information and execute arbitrary code via dangerous Java class methods in select attribute of xsl:value-of tags in XSLT style sheets, such as (1) system-property, (2) sys:getProperty, and (3) run:exec. | ||||
| CVE-2005-2971 | 1 Kde | 1 Koffice | 2026-04-16 | N/A |
| Heap-based buffer overflow in the KWord RTF importer for KOffice 1.2.0 through 1.4.1 allows remote attackers to execute arbitrary code via a crafted RTF file. | ||||
| CVE-2005-2980 | 1 Phpoutsourcing | 1 Noahs Classifieds | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in phpoutsourcing Noah's classifieds 1.3 allows remote attackers to inject arbitrary web script or HTML via the rollid parameter. | ||||
| CVE-2005-2987 | 1 Digital Scribe | 1 Digital Scribe | 2026-04-16 | N/A |
| SQL injection vulnerability in login.php in Digital Scribe 1.4 allows remote attackers to execute arbitrary SQL commands via the username parameter. | ||||
| CVE-2005-2988 | 1 Hp | 1 Laserjet 2430 | 2026-04-16 | N/A |
| HP LaserJet 2430, and possibly other printers that use Jetdirect controls, stores information about recently printed documents without proper protection, which could allow remote attackers to obtain sensitive information via SNMP. | ||||
| CVE-2005-2990 | 1 Linecontrol | 1 Java Client | 2026-04-16 | N/A |
| AuthInfo.java in LineContol Java Client (jlc) before 0.8.1 stores sensitive information such as user passwords in log files. | ||||
| CVE-2005-3001 | 1 Sun | 1 Solaris | 2026-04-16 | N/A |
| Unspecified vulnerability in the "tl" driver in Solaris 10 allows local users to cause a denial of service (panic) via unknown vectors. | ||||
| CVE-2005-3005 | 1 Helpdesk Software | 1 Hesk | 2026-04-16 | N/A |
| Helpdesk Software Hesk allows remote attackers to bypass authentication for (1) admin.php and (2) admin_main.php by modifying the PHPSESSID session ID parameter or cookie. | ||||
| CVE-2005-3758 | 1 Google | 2 Mini Search Appliance, Search Appliance | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Google Mini Search Appliance, and possibly Google Search Appliance, allows remote attackers to inject arbitrary Javascript, and possibly other web script or HTML, via a proxystylesheet variable that contains a malicious XSLT style sheet. | ||||
| CVE-2001-1382 | 1 Openbsd | 1 Openssh | 2026-04-16 | N/A |
| The "echo simulation" traffic analysis countermeasure in OpenSSH before 2.9.9p2 sends an additional echo packet after the password and carriage return is entered, which could allow remote attackers to determine that the countermeasure is being used. | ||||
| CVE-2005-3013 | 1 Suse | 1 Suse Linux | 2026-04-16 | N/A |
| Buffer overflow in liby2util in Yet another Setup Tool (YaST) for SuSE Linux 9.3 allows local users to execute arbitrary code via a long Loc entry. | ||||
| CVE-2005-3018 | 1 Apple | 1 Safari | 2026-04-16 | N/A |
| Apple Safari allows remote attackers to cause a denial of service (application crash) via a crafted data:// URL. | ||||
| CVE-2005-4338 | 1 Blackboard | 1 Academic Suite | 2026-04-16 | N/A |
| announcement.pl in Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions before 6 allows remote attackers to gain administrator privileges by setting the context parameter to "admin". | ||||
| CVE-2001-1507 | 1 Openbsd | 1 Openssh | 2026-04-16 | N/A |
| OpenSSH before 3.0.1 with Kerberos V enabled does not properly authenticate users, which could allow remote attackers to login unchallenged. | ||||
| CVE-2002-0151 | 1 Microsoft | 3 Windows 2000, Windows Nt, Windows Xp | 2026-04-16 | N/A |
| Buffer overflow in Multiple UNC Provider (MUP) in Microsoft Windows operating systems allows local users to cause a denial of service or possibly gain SYSTEM privileges via a long UNC request. | ||||
| CVE-2005-3025 | 1 Jelsoft | 1 Vbulletin | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in vBulletin 3.0.7 and earlier allow remote attackers to inject arbitrary web script or HTML via the loc parameter to (1) modcp/index.php or (2) admincp/index.php, or the ip parameter to (3) modcp/user.php or (4) admincp/usertitle.php. | ||||