Total
29918 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-1282 | 1 Mybulletinboard | 1 Mybulletinboard | 2026-04-16 | N/A |
| CRLF injection vulnerability in inc/function.php in MyBulletinBoard (MyBB) 1.04 allows remote attackers to conduct cross-site scripting (XSS), poison caches, or hijack pages via CRLF (%0A%0D) sequences in the Referrer HTTP header field, possibly when redirecting to other web pages. | ||||
| CVE-2006-1284 | 1 Symantec | 2 Ghost Solutions Suite, Norton Ghost | 2026-04-16 | N/A |
| The installation of SQLAnywhere in Symantec Ghost 8.0 and 8.2, as used in Symantec Ghost Solutions Suite (SGSS) 1.0, includes a default administrator login account and password, which allows local users to gain privileges or modify tasks. | ||||
| CVE-1999-1120 | 1 Sgi | 1 Irix | 2026-04-16 | N/A |
| netprint in SGI IRIX 6.4 and earlier trusts the PATH environmental variable for finding and executing the disable program, which allows local users to gain privileges. | ||||
| CVE-2004-0055 | 2 Lbl, Redhat | 3 Tcpdump, Enterprise Linux, Linux | 2026-04-16 | N/A |
| The print_attr_string function in print-radius.c for tcpdump 3.8.1 and earlier allows remote attackers to cause a denial of service (segmentation fault) via a RADIUS attribute with a large length value. | ||||
| CVE-2004-0056 | 1 Nortel | 3 802.11 Wireless Ip Gateway, Business Communications Manager, Succession Communication Server 1000 | 2026-04-16 | N/A |
| Multiple vulnerabilities in the H.323 protocol implementation for Nortel Networks Business Communications Manager (BCM), Succession 1000 IP Trunk and IP Peer Networking, and 802.11 Wireless IP Gateway allow remote attackers to cause a denial of service and possibly execute arbitrary code, as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 protocol. | ||||
| CVE-2004-0059 | 1 Lionmax Software | 1 Www File Share Pro | 2026-04-16 | N/A |
| Directory traversal vulnerability in upload capability of WWW File Share Pro 2.42 and earlier allows remote attackers to overwrite arbitrary files via .. (dot dot) sequences in the filename parameter of a Content-Disposition: header. | ||||
| CVE-2004-0060 | 1 Lionmax Software | 1 Www File Share Pro | 2026-04-16 | N/A |
| WWW File Share Pro 2.42 and earlier allows remote attackers to cause a denial of service (crash) via a large POST request. | ||||
| CVE-2004-0061 | 1 Lionmax Software | 1 Www File Share Pro | 2026-04-16 | N/A |
| WWW File Share Pro 2.42 and earlier allows remote attackers to bypass directory access restrictions via (1) a URL with a trailing . (dot), or (2) a URI with a leading slash or backslash character. | ||||
| CVE-2004-0063 | 1 Ncipher | 1 Payshield Spp Library | 2026-04-16 | N/A |
| The SPP_VerifyPVV function in nCipher payShield SPP library 1.3.12, 1.5.18 and 1.6.18 returns a Status_OK value even if the HSM returns a different status code, which could cause applications to make incorrect security-critical decisions, e.g. by accepting an invalid PIN number. | ||||
| CVE-2004-0066 | 1 Phpgedview | 1 Phpgedview | 2026-04-16 | N/A |
| phpGedView before 2.65 allows remote attackers to obtain the absolute path of the web server via malformed parameters to (1) indilist.php, (2) famlist.php, (3) placelist.php, (4) imageview.php, (5) timeline.php, (6) clippings.php, (7) login.php, and (8) gdbi.php. | ||||
| CVE-2004-0069 | 1 Hd Soft | 1 Windows Ftp Server | 2026-04-16 | N/A |
| Format string vulnerability in HD Soft Windows FTP Server 1.6 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the username, which is processed by the wscanf function. | ||||
| CVE-2004-0070 | 1 Visualshapers | 1 Ezcontents | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in module.php for ezContents allows remote attackers to execute arbitrary PHP code by modifying the link parameter to reference a URL on a remote web server that contains the code. | ||||
| CVE-2006-4304 | 3 Freebsd, Netbsd, Openbsd | 3 Freebsd, Netbsd, Openbsd | 2026-04-16 | N/A |
| Buffer overflow in the sppp driver in FreeBSD 4.11 through 6.1, NetBSD 2.0 through 4.0 beta before 20060823, and OpenBSD 3.8 and 3.9 before 20060902 allows remote attackers to cause a denial of service (panic), obtain sensitive information, and possibly execute arbitrary code via crafted Link Control Protocol (LCP) packets with an option length that exceeds the overall length, which triggers the overflow in (1) pppoe and (2) ippp. NOTE: this issue was originally incorrectly reported for the ppp driver. | ||||
| CVE-2004-0072 | 1 Accipiter | 1 Accipiter Direct Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in Accipiter Direct Server 6.0 allows remote attackers to read arbitrary files via encoded \.. (backslash .., "%5c%2e%2e") sequences in an HTTP request. | ||||
| CVE-2004-0073 | 1 Stoitsov | 1 Easydynamicpages | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in (1) config.php and (2) config_page.php for EasyDynamicPages 2.0 allows remote attackers to execute arbitrary PHP code by modifying the edp_relative_path parameter to reference a URL on a remote web server that contains a malicious serverdata.php script. | ||||
| CVE-2004-0074 | 1 Michael Bischoff | 1 Xsok | 2026-04-16 | N/A |
| Multiple buffer overflows in xsok 1.02 allows local users to gain privileges via (1) a long LANG environment variable, or (2) a long -xsokdir command line argument, a different vulnerability than CVE-2003-0949. | ||||
| CVE-2004-0078 | 2 Mutt, Redhat | 3 Mutt, Enterprise Linux, Linux | 2026-04-16 | N/A |
| Buffer overflow in the index menu code (menu_pad_string of menu.c) for Mutt 1.4.1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain mail messages. | ||||
| CVE-2004-0083 | 3 Openbsd, Redhat, Xfree86 Project | 4 Openbsd, Enterprise Linux, Linux and 1 more | 2026-04-16 | N/A |
| Buffer overflow in ReadFontAlias from dirfile.c of XFree86 4.1.0 through 4.3.0 allows local users and remote attackers to execute arbitrary code via a font alias file (font.alias) with a long token, a different vulnerability than CVE-2004-0084 and CVE-2004-0106. | ||||
| CVE-2004-0091 | 1 Jelsoft | 1 Vbulletin | 2026-04-16 | N/A |
| NOTE: this issue has been disputed by the vendor. Cross-site scripting (XSS) vulnerability in register.php for unknown versions of vBulletin allows remote attackers to inject arbitrary HTML or web script via the reg_site (or possibly regsite) parameter. NOTE: the vendor has disputed this issue, saying "There is no hidden field called 'reg_site', nor any $reg_site variable anywhere in the vBulletin 2 or vBulletin 3 source code or templates, nor has it ever existed. We can only assume that this vulnerability was found in a site running code modified from that supplied by Jelsoft. | ||||
| CVE-2004-0092 | 1 Apple | 1 Mac Os X | 2026-04-16 | N/A |
| Unknown vulnerability in Safari web browser in Mac OS X 10.2.8 and 10.3.2, with unknown impact. | ||||