Total
344935 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-1976 | 1 Linux | 1 Linux Kernel | 2026-04-16 | N/A |
| ifconfig, when used on the Linux kernel 2.2 and later, does not report when the network interface is in promiscuous mode if it was put in promiscuous mode using PACKET_MR_PROMISC, which could allow attackers to sniff the network without detection, as demonstrated using libpcap. | ||||
| CVE-2002-1996 | 1 Postnuke Software Foundation | 1 Postnuke | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in PostNuke 0.71 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) name parameter in modules.php and (2) catid parameter in index.php. | ||||
| CVE-2002-2006 | 1 Apache | 1 Tomcat | 2026-04-16 | N/A |
| The default installation of Apache Tomcat 4.0 through 4.1 and 3.0 through 3.3.1 allows remote attackers to obtain the installation path and other sensitive system information via the (1) SnoopServlet or (2) TroubleShooter example servlets. | ||||
| CVE-2002-2055 | 1 Teekai | 1 Teekai Tracking Online | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in userlog.php in TeeKai Tracking Online 1.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter. | ||||
| CVE-2001-0685 | 1 Thibault Godouet | 1 Fcron | 2026-04-16 | N/A |
| Thibault Godouet FCron prior to 1.1.1 allows a local user to corrupt another user's crontab file via a symlink attack on the fcrontab temporary file. | ||||
| CVE-2002-2056 | 1 Teekai | 1 Teekai Forum | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in TeeKai Forum 1.2 allows remote attackers to inject arbitrary web script or HTML via the valid_username_online cookie. | ||||
| CVE-2001-0687 | 1 Transsoft | 1 Broker Ftp Server | 2026-04-16 | N/A |
| Broker FTP server 5.9.5 for Windows NT and 9x allows a remote attacker to retrieve privileged web server system information by (1) issuing a CD command (CD C:) followed by the LS command, (2) specifying arbitrary paths in the UNC format (\\computername\sharename). | ||||
| CVE-1999-1554 | 1 Sgi | 1 Irix | 2026-04-16 | N/A |
| /usr/sbin/Mail on SGI IRIX 3.3 and 3.3.1 does not properly set the group ID to the group ID of the user who started Mail, which allows local users to read the mail of other users. | ||||
| CVE-1999-1558 | 1 Digital | 2 Digital Openvms, Digital Openvms Axp | 2026-04-16 | N/A |
| Vulnerability in loginout in Digital OpenVMS 7.1 and earlier allows unauthorized access when external authentication is enabled. | ||||
| CVE-1999-1580 | 2 Sendmail, Sun | 2 Sendmail, Sunos | 2026-04-16 | N/A |
| SunOS sendmail 5.59 through 5.65 uses popen to process a forwarding host argument, which allows local users to gain root privileges by modifying the IFS (Internal Field Separator) variable and passing crafted values to the -oR option. | ||||
| CVE-2003-1238 | 1 Nuked-klan | 1 Nuked-klan | 2026-04-16 | N/A |
| Cross-site scripting vulnerability (XSS) in Nuked-Klan 1.3 beta and earlier allows remote attackers to steal authentication information via cookies by injecting arbitrary HTML or script into op of the (1) Team, (2) News, and (3) Liens modules. | ||||
| CVE-2006-1952 | 1 Winagents | 1 Tftp Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in WinAgents TFTP Server for Windows 3.1 and earlier allows remote attackers to read arbitrary files via "..." (triple dot) sequences in a GET request. | ||||
| CVE-2002-0057 | 1 Microsoft | 4 Internet Explorer, Sql Server, Windows Xp and 1 more | 2026-04-16 | N/A |
| XMLHTTP control in Microsoft XML Core Services 2.6 and later does not properly handle IE Security Zone settings, which allows remote attackers to read arbitrary files by specifying a local file as an XML Data Source. | ||||
| CVE-2006-2931 | 1 Hotwebscripts | 1 Cms Mundo | 2026-04-16 | N/A |
| CMS Mundo before 1.0 build 008 does not properly verify uploaded image files, which allows remote attackers to execute arbitrary PHP code by uploading and later directly accessing certain files. | ||||
| CVE-2001-0763 | 3 Debian, Redhat, Suse | 3 Debian Linux, Linux, Suse Linux | 2026-04-16 | N/A |
| Buffer overflow in Linux xinetd 2.1.8.9pre11-1 and earlier may allow remote attackers to execute arbitrary code via a long ident response, which is not properly handled by the svc_logprint function. | ||||
| CVE-2002-0058 | 2 Microsoft, Sun | 4 Virtual Machine, Jdk, Jre and 1 more | 2026-04-16 | N/A |
| Vulnerability in Java Runtime Environment (JRE) allows remote malicious web sites to hijack or sniff a web client's sessions, when an HTTP proxy is being used, via a Java applet that redirects the session to another server, as seen in (1) Netscape 6.0 through 6.1 and 4.79 and earlier, (2) Microsoft VM build 3802 and earlier as used in Internet Explorer 4.x and 5.x, and possibly other implementations that use vulnerable versions of SDK or JDK. | ||||
| CVE-2001-0801 | 1 Sgi | 1 Irix | 2026-04-16 | N/A |
| lpstat in IRIX 6.5.13f and earlier allows local users to gain root privileges by specifying a Trojan Horse nettype shared library. | ||||
| CVE-2006-3111 | 1 Chipmailer | 1 Chipmailer | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in main.php in Chipmailer 1.09 allow remote attackers to execute arbitrary SQL commands via multiple parameters, as demonstrated by (1) anfang, (2) name, (3) mail, (4) anrede, (5) vorname, (6) nachname, (7) gebtag, (8) gebmonat, and (9) gebjahr. | ||||
| CVE-2002-0827 | 1 Caldera | 2 Openunix, Unixware | 2026-04-16 | N/A |
| Vulnerability in pppd on UnixWare 7.1.1 and Open UNIX 8.0.0 allows local users to gain root privileges via (1) ppptalk or (2) ppp, a different vulnerability than CVE-2002-0824. | ||||
| CVE-2004-2033 | 1 Orenosv | 1 Orenosv Http Ftp Server | 2026-04-16 | N/A |
| Orenosv 0.5.9f allows remote attackers to cause a denial of service (crash) via a long HTTP GET request. | ||||