Total
29916 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-0754 | 1 Dotproject | 1 Dotproject | 2026-04-16 | N/A |
| dotProject 2.0.1 and earlier allows remote attackers to obtain sensitive information via direct requests with an invalid baseDir to certain PHP scripts in the db directory, which reveal the path in an error message. NOTE: the vendor disputes this issue, saying that it could only occur if the administrator ignores the installation instructions as well as warnings generated by check.php | ||||
| CVE-2002-1987 | 1 Caucho Technology | 1 Resin | 2026-04-16 | N/A |
| Directory traversal vulnerability in view_source.jsp in Resin 2.1.2 allows remote attackers to read arbitrary files via a "\.." (backslash dot dot). | ||||
| CVE-2002-1997 | 1 Zonelabs | 1 Zonealarm | 2026-04-16 | N/A |
| ZoneAlarm Pro 3.0 MailSafe allows remote attackers to bypass filtering and possibly execute arbitrary code via email attachments containing a trailing dot after the file extension. | ||||
| CVE-2002-2004 | 1 Compaq | 1 Tru64 | 2026-04-16 | N/A |
| portmapper in Compaq Tru64 4.0G and 5.0A allows remote attackers to cause a denial of service via a flood of packets. | ||||
| CVE-2006-0760 | 1 Lighttpd | 1 Lighttpd | 2026-04-16 | N/A |
| LightTPD 1.4.8 and earlier, when the web root is on a case-insensitive filesystem, allows remote attackers to bypass URL checks and obtain sensitive information via file extensions with unexpected capitalization, as demonstrated by a request for index.PHP when the configuration invokes the PHP interpreter only for ".php" names. | ||||
| CVE-2002-2012 | 1 Apache | 1 Http Server | 2026-04-16 | N/A |
| Unknown vulnerability in Apache 1.3.19 running on HP Secure OS for Linux 1.0 allows remote attackers to cause "unexpected results" via an HTTP request. | ||||
| CVE-2006-0765 | 1 Mirabilis | 2 Icq, Icq Lite | 2026-04-16 | N/A |
| GUI display truncation vulnerability in ICQ Inc. (formerly Mirabilis) ICQ 2003a, 2003b, Lite 4.0, Lite 4.1, and possibly other Windows versions allows user-assisted remote attackers to hide malicious file extensions, bypass Windows security warnings via a filename that is all uppercase and of a specific length, which truncates the malicious extension from the display and could trick a user into executing arbitrary programs. | ||||
| CVE-2001-1225 | 1 Hughes | 1 Msql | 2026-04-16 | N/A |
| Hughes Technology Mini SQL 2.0.10 through 2.0.12 allows local users to cause a denial of service by creating a very large array in a table, which causes miniSQL to crash when the table is queried. | ||||
| CVE-2002-2023 | 1 Yamaguchi | 1 Shingo Beep2 | 2026-04-16 | N/A |
| The get_parameter_from_freqency_source function in beep2 1.0, 1.1 and 1.2, when installed setuid root, allows local users to read arbitrary files via unknown attack vectors. | ||||
| CVE-2002-2025 | 1 Ibm | 1 Lotus Domino Server | 2026-04-16 | N/A |
| Lotus Domino server 5.0.9a and earlier allows remote attackers to cause a denial of service by exhausting the number of working threads via a large number of HTTP requests for (1) an MS-DOS device name and (2) an MS-DOS device name with a large number of characters appended to the device name. | ||||
| CVE-2001-1237 | 1 Peaceworks Computer Consulting | 1 Phormation | 2026-04-16 | N/A |
| Phormation PHP script 0.9.1 and earlier allows remote attackers to execute arbitrary code by including files from remote web sites, using an HTTP request that modifies the phormationdir variable. | ||||
| CVE-2002-2033 | 1 Faqmanager | 1 Faqmanager.cgi | 2026-04-16 | N/A |
| faqmanager.cgi in FAQManager 2.2.5 and earlier allows remote attackers to read arbitrary files by specifying the filename in the toc parameter with a trailing null character (%00). | ||||
| CVE-2006-0948 | 1 Aol | 1 Aol | 2026-04-16 | N/A |
| AOL 9.0 Security Edition revision 4184.2340, and probably other versions, uses insecure permissions (Everyone/Full Control) for the "America Online 9.0" directory, which allows local users to gain privileges by replacing critical files. | ||||
| CVE-2002-2038 | 1 Bill Abt | 1 Next Generation Posix Threading | 2026-04-16 | N/A |
| Next Generation POSIX Threading (NGPT) 1.9.0 uses a filesystem-based shared memory entry, which allows local users to cause a denial of service or in threaded processes or spoof files via unknown methods. | ||||
| CVE-2002-2046 | 1 Xqus | 1 X-news | 2026-04-16 | N/A |
| x_news.php in X-News (x_news) 1.1 and earlier allows remote attackers to gain administrative privileges by stealing and replaying the md5_password cookie. | ||||
| CVE-2001-1259 | 1 Avaya | 1 Argent Office | 2026-04-16 | N/A |
| Avaya Argent Office allows remote attackers to cause a denial of service by sending UDP packets to port 53 with no payload. | ||||
| CVE-2002-2064 | 1 Phpwebgallery | 1 Phpwebgallery | 2026-04-16 | N/A |
| isadmin.php in PhpWebGallery 1.0 allows remote attackers to gain administrative access via by setting the photo_login cookie to pseudo. | ||||
| CVE-2001-1262 | 1 Avaya | 1 Argent Office | 2026-04-16 | N/A |
| Avaya Argent Office 2.1 compares a user-provided SNMP community string with the correct string only up to the length of the user-provided string, which allows remote attackers to bypass authentication with a 0 length community string. | ||||
| CVE-2002-2073 | 1 Microsoft | 3 Site Server, Site Server Commerce, Windows Nt | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the default ASP pages on Microsoft Site Server 3.0 on Windows NT 4.0 allows remote attackers to inject arbitrary web script or HTML via the (1) ctr parameter in Default.asp and (2) the query string to formslogin.asp. | ||||
| CVE-2002-2080 | 1 Floosietek | 1 Ftgatepro | 2026-04-16 | N/A |
| Floositek FTGate PRO 1.05 allows remote attackers to cause a denial of service (memory and CPU consumption) via a large number of RCPT TO: messages during an SMTP session. | ||||