Total
29916 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-2166 | 1 Canon | 2 Imagerunner 5000i, Imagerunner C3200 | 2026-04-16 | N/A |
| The print-from-email feature in the Canon ImageRUNNER (iR) 5000i and C3200 digital printer, when not using IP address range filtering, allows remote attackers to print arbitrary text without authentication via a text/plain email to TCP port 25. | ||||
| CVE-2001-0123 | 1 Extropia | 1 Bbs Forum.cgi | 2026-04-16 | N/A |
| Directory traversal vulnerability in eXtropia bbs_forum.cgi 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) attack on the file parameter. | ||||
| CVE-2004-2173 | 1 Early Impact | 1 Productcart | 2026-04-16 | N/A |
| SQL injection vulnerability in advSearch_h.asp in EarlyImpact ProductCart allows remote attackers to execute arbitrary SQL commands via the priceUntil parameter. | ||||
| CVE-2005-0775 | 1 Photopost | 1 Photopost Php Pro | 2026-04-16 | N/A |
| The reportpost action in misc.php for PhotoPost PHP 5.0 RC3 does not limit the logging data that is sent to the administrator, which allows remote attackers to send large amounts of email to the administrator. | ||||
| CVE-2004-2175 | 1 All Enthusiast Inc | 1 Reviewpost Php Pro | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in ReviewPost PHP Pro allow remote attackers to execute arbitrary SQL commands via the (1) product parameter to showproduct.php or (2) cat parameter to showcat.php. | ||||
| CVE-2004-2191 | 1 Turbotraffictrader | 1 Turbotraffictrader Php | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in ttt-webmaster.php in Turbo Traffic Trader PHP 1.0 allows remote attackers to inject arbitrary web script or HTML via the (1) msg[0] or (2) siteurl parameters. | ||||
| CVE-2004-2200 | 1 Duware | 1 Duforum | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in DUware DUforum 3.0 through 3.1 allows remote attackers to inject arbitrary web script or HTML via via the message text. | ||||
| CVE-2004-2217 | 1 Ychat | 1 Ychat | 2026-04-16 | N/A |
| Multiple unknown vulnerabilities in yhttpd in yChat before 0.7 allow remote attackers to cause a denial of service (segmentation fault) via unknown vectors. | ||||
| CVE-2004-2221 | 1 Mercantec | 1 Softcart | 2026-04-16 | N/A |
| Buffer overflow in SoftCart.exe in Mercantec SoftCart 4.00b allows remote attackers to execute arbitrary code via a long parameter in an HTTP GET request. | ||||
| CVE-2002-0575 | 1 Openbsd | 1 Openssh | 2026-04-16 | N/A |
| Buffer overflow in OpenSSH before 2.9.9, and 3.x before 3.2.1, with Kerberos/AFS support and KerberosTgtPassing or AFSTokenPassing enabled, allows remote and local authenticated users to gain privileges. | ||||
| CVE-2004-2224 | 1 Appfoundry | 1 Message Foundry | 2026-04-16 | N/A |
| Appfoundry Message Foundry 2.75 .0003 allows remote attackers to cause a denial of service (crash) via an HTTP GET request that contains MS-DOS device names such as com1. | ||||
| CVE-2002-0692 | 1 Microsoft | 3 Frontpage Server Extensions, Windows 2000, Windows Xp | 2026-04-16 | N/A |
| Buffer overflow in SmartHTML Interpreter (shtml.dll) in Microsoft FrontPage Server Extensions (FPSE) 2000 and 2002 allows remote attackers to cause a denial of service (CPU consumption) or run arbitrary code, respectively, via a certain type of web file request. | ||||
| CVE-2005-1004 | 1 Profitcode | 1 Payprocart | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in usrdetails.php in ProfitCode PayProCart 3.0 allows remote attackers to inject arbitrary web script or HTML via the sgnuptype parameter. | ||||
| CVE-2002-0072 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2026-04-16 | N/A |
| The w3svc.dll ISAPI filter in Front Page Server Extensions and ASP.NET for Internet Information Server (IIS) 4.0, 5.0, and 5.1 does not properly handle the error condition when a long URL is provided, which allows remote attackers to cause a denial of service (crash) when the URL parser accesses a null pointer. | ||||
| CVE-2002-0464 | 1 Hosting Controller | 1 Hosting Controller | 2026-04-16 | N/A |
| Directory traversal vulnerability in Hosting Controller 1.4.1 and earlier allows remote attackers to read and modify arbitrary files and directories via a .. (dot dot) in arguments to (1) file_editor.asp, (2) folderactions.asp, or (3) editoractions.asp. | ||||
| CVE-1999-1028 | 1 Symantec | 1 Pcanywhere | 2026-04-16 | N/A |
| Symantec pcAnywhere 8.0 allows remote attackers to cause a denial of service (CPU utilization) via a large amount of data to port 5631. | ||||
| CVE-1999-1452 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| GINA in Windows NT 4.0 allows attackers with physical access to display a portion of the clipboard of the user who has locked the workstation by pasting (CTRL-V) the contents into the username prompt. | ||||
| CVE-2005-0700 | 1 Aztek Forum | 1 Aztek Forum | 2026-04-16 | N/A |
| The export_index action in myadmin.php for Aztek Forum 4.0 allows remote attackers to obtain database files, possibly by setting the ATK_ADMIN cookie. | ||||
| CVE-2005-3390 | 2 Php, Redhat | 4 Php, Enterprise Linux, Rhel Stronghold and 1 more | 2026-04-16 | N/A |
| The RFC1867 file upload feature in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5, when register_globals is enabled, allows remote attackers to modify the GLOBALS array and bypass security protections of PHP applications via a multipart/form-data POST request with a "GLOBALS" fileupload field. | ||||
| CVE-2002-0894 | 1 New Atlanta Communications | 1 Servletexec Isapi | 2026-04-16 | N/A |
| NewAtlanta ServletExec ISAPI 4.1 allows remote attackers to cause a denial of service (crash) via (1) a request for a long .jsp file, or (2) a long URL sent directly to com.newatlanta.servletexec.JSP10Servlet. | ||||