Total
344945 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2003-1219 | 1 Oscommerce | 1 Oscommerce | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the tep_href_link function in html_output.php for osCommerce before 2.2-MS3 allows remote attackers to inject arbitrary web script or HTML via the osCsid parameter. | ||||
| CVE-2005-2067 | 1 Asp-nuke | 1 Asp-nuke | 2026-04-16 | N/A |
| SQL injection vulnerability in article.asp in unknown versions of aspnuke allows remote attackers to execute arbitrary SQL commands via the articleid parameter. | ||||
| CVE-2003-1240 | 1 Cutephp | 1 Cutenews | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in CuteNews 0.88 allows remote attackers to execute arbitrary PHP code via a URL in the cutepath parameter in (1) shownews.php, (2) search.php, or (3) comments.php. | ||||
| CVE-2003-1254 | 1 Active Php Bookmarks | 1 Active Php Bookmarks | 2026-04-16 | N/A |
| Active PHP Bookmarks (APB) 1.1.01 allows remote attackers to execute arbitrary PHP code via (1) head.php, (2) apb_common.php, or (3) apb_view_class.php by modifying the APB_SETTINGS parameter to reference a URL on a remote web server that contains the code. | ||||
| CVE-2003-1256 | 1 E-theni | 1 E-theni | 2026-04-16 | N/A |
| aff_liste_langue.php in E-theni allows remote attackers to execute arbitrary PHP code by modifying the rep_include parameter to reference a URL on a remote web server that contains para_langue.php. | ||||
| CVE-2002-2223 | 1 Juniper | 2 Netscreen Remote Security Client, Netscreen Remote Vpn Client | 2026-04-16 | N/A |
| Buffer overflow in NetScreen-Remote 8.0 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted Internet Key Exchange (IKE) response packets, possibly including (1) a large Security Parameter Index (SPI) field, (2) large number of payloads, or (3) a long payload. | ||||
| CVE-2005-2073 | 1 Ibm | 1 Db2 | 2026-04-16 | N/A |
| Unknown vulnerability in IBM DB2 8.1.4 through 8.1.9 and 8.2.0 through 8.2.2 allows local users with SELECT privileges to conduct unauthorized activities and insert, update or delete table contents. | ||||
| CVE-2003-1270 | 1 An | 1 An-http | 2026-04-16 | N/A |
| AN HTTP 1.41e allows remote attackers to cause a denial of service (borken pipe) via an HTTP request to aux.cgi with a long argument, possibly triggering a buffer overflow or MS-DOS device vulnerability. | ||||
| CVE-2003-1276 | 1 Nettelephone | 1 Nettelephone | 2026-04-16 | N/A |
| Netfone.exe of NetTelephone 3.5.6 uses weak encryption for user PIN's and stores user account numbers in plaintext in the HKEY_CURRENT_USER\Software\MediaRing.com\SDK\NetTelephone\settings registry key, which could allow local users to gain unauthorized access to NetTelephone accounts. | ||||
| CVE-2005-2083 | 1 Truenorth Software | 1 Ia Emailserver | 2026-04-16 | N/A |
| Format string vulnerability in IMAP4 in IA eMailServer Corporate Edition 5.2.2 build 1051 allows remote attackers to cause a denial of service (application crash) via a LIST command with format string specifiers as the second argument. | ||||
| CVE-2005-3057 | 1 Fortinet | 2 Fortigate, Fortios | 2026-04-16 | N/A |
| The FTP component in FortiGate 2.8 running FortiOS 2.8MR10 and v3beta, and other versions before 3.0 MR1, allows remote attackers to bypass the Fortinet FTP anti-virus engine by sending a STOR command and uploading a file before the FTP server response has been sent, as demonstrated using LFTP. | ||||
| CVE-2003-1295 | 2 Redhat, Suse | 2 Enterprise Linux, Suse Linux | 2026-04-16 | N/A |
| Unspecified vulnerability in xscreensaver 4.12, and possibly other versions, allows attackers to cause xscreensaver to crash via unspecified vectors "while verifying the user-password." | ||||
| CVE-2005-3062 | 1 Alstrasoft | 1 E-friends | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in index.php in AlstraSoft E-Friends 4.0 allows remote attackers to execute arbitrary PHP code via the mode parameter. | ||||
| CVE-2003-1305 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| Microsoft Internet Explorer allows remote attackers to cause a denial of service (resource consumption) via a Javascript src attribute that recursively loads the current web page. | ||||
| CVE-2002-1165 | 3 Netbsd, Redhat, Sendmail | 4 Netbsd, Enterprise Linux, Linux and 1 more | 2026-04-16 | N/A |
| Sendmail Consortium's Restricted Shell (SMRSH) in Sendmail 8.12.6, 8.11.6-15, and possibly other versions after 8.11 from 5/19/1998, allows attackers to bypass the intended restrictions of smrsh by inserting additional commands after (1) "||" sequences or (2) "/" characters, which are not properly filtered or verified. | ||||
| CVE-2003-1309 | 1 Zonelabs | 1 Zonealarm | 2026-04-16 | N/A |
| The DeviceIoControl function in the TrueVector Device Driver (VSDATANT) in ZoneAlarm before 3.7.211, Pro before 4.0.146.029, and Plus before 4.0.146.029 allows local users to gain privileges via certain signals (aka "Device Driver Attack"). | ||||
| CVE-2003-0226 | 1 Microsoft | 1 Internet Information Services | 2026-04-16 | N/A |
| Microsoft Internet Information Services (IIS) 5.0 and 5.1 allows remote attackers to cause a denial of service via a long WebDAV request with a (1) PROPFIND or (2) SEARCH method, which generates an error condition that is not properly handled. | ||||
| CVE-2004-0911 | 1 Debian | 1 Netkit | 2026-04-16 | N/A |
| telnetd for netkit 0.17 and earlier, and possibly other versions, on Debian GNU/Linux allows remote attackers to cause a denial of service (free of an invalid pointer), a different vulnerability than CVE-2001-0554. | ||||
| CVE-2003-1316 | 1 Endonesia | 1 Endonesia | 2026-04-16 | N/A |
| mod.php in eNdonesia 8.2 allows remote attackers to obtain sensitive information via a ' (quote) value in the lng parameter, which reveals the path in an error message. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2003-1324 | 1 Elmme-mailer | 1 Elm Me\+ | 2026-04-16 | N/A |
| Race condition in the can_open function in Elm ME+ 2.4, when installed setgid mail and the operating system lacks POSIX saved ID support, allows local users to read and modify certain files with the privileges of the mail group. | ||||