Total
345217 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2001-0376 | 1 Sonicwall | 2 Soho2, Tele2 | 2026-04-16 | N/A |
| SonicWALL Tele2 and SOHO firewalls with 6.0.0.0 firmware using IPSEC with IKE pre-shared keys do not allow for the use of full 128 byte IKE pre-shared keys, which is the intended design of the IKE pre-shared key, and only support 48 byte keys. This allows a remote attacker to brute force attack the pre-shared keys with significantly less resources than if the full 128 byte IKE pre-shared keys were used. | ||||
| CVE-2001-0379 | 1 Hp | 1 Hp-ux | 2026-04-16 | N/A |
| Vulnerability in the newgrp program included with HP9000 servers running HP-UX 11.11 allows a local attacker to obtain higher access rights. | ||||
| CVE-2001-0380 | 1 Crosscom Olicom | 1 Xlt-f | 2026-04-16 | N/A |
| Crosscom/Olicom XLT-F running XL 80 IM Version 5.5 Build Level 2 allows a remote attacker SNMP read and write access via a default, undocumented community string 'ILMI'. | ||||
| CVE-2001-0381 | 2 Pgp, Redhat | 2 Openpgp, Linux | 2026-04-16 | N/A |
| The OpenPGP PGP standard allows an attacker to determine the private signature key via a cryptanalytic attack in which the attacker alters the encrypted private key file and captures a single message signed with the signature key. | ||||
| CVE-2006-1759 | 1 Swsoft | 1 Confixx | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in allgemein_transfer.php in SWSoft Confixx 3.1.2 allows remote attackers to inject arbitrary web script or HTML via the jahr parameter. | ||||
| CVE-2004-0344 | 1 Yabb | 1 Yabb | 2026-04-16 | N/A |
| Directory traversal vulnerability in ModifyMessage.php in YaBB SE 1.5.4 through 1.5.5b allows remote attackers to delete arbitrary files via a .. (dot dot) in the attachOld parameter. | ||||
| CVE-2001-0391 | 1 Imatix | 1 Xitami | 2026-04-16 | N/A |
| Xitami 2.5d4 and earlier allows remote attackers to crash the server via an HTTP request to the /aux directory. | ||||
| CVE-2004-0347 | 1 Netscreen | 1 Netscreen-sa 5000 Series | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in delhomepage.cgi in NetScreen-SA 5000 Series running firmware 3.3 Patch 1 (build 4797) allows remote authenticated users to execute arbitrary script as other users via the row parameter. | ||||
| CVE-2001-0396 | 1 Lightwave | 1 Consoleserver | 2026-04-16 | N/A |
| The pre-login mode in the System Administrator interface of Lightwave ConsoleServer 3200 allows remote attackers to obtain sensitive information such as system status, configuration, and users. | ||||
| CVE-2004-0350 | 1 Spidersales | 1 Spidersales | 2026-04-16 | N/A |
| SpiderSales shopping cart does not enforce a minimum length for the private key, which can make it easier for local users to obtain the private key by factoring. | ||||
| CVE-2001-0421 | 1 Sun | 2 Solaris, Sunos | 2026-04-16 | N/A |
| FTP server in Solaris 8 and earlier allows local and remote attackers to cause a core dump in the root directory, possibly with world-readable permissions, by providing a valid username with an invalid password followed by a CWD ~ command, which could release sensitive information such as shadowed passwords, or fill the disk partition. | ||||
| CVE-2001-0424 | 2 Freebsd, Timecop | 2 Freebsd, Bubblemon | 2026-04-16 | N/A |
| BubbleMon 1.31 does not properly drop group privileges before executing programs, which allows local users to execute arbitrary commands with the kmem group id. | ||||
| CVE-2001-0425 | 1 Adcycle | 1 Adcycle | 2026-04-16 | N/A |
| AdLibrary.pm in AdCycle 0.78b allows remote attackers to gain privileges to AdCycle via a malformed Agent: header in the HTTP request, which is inserted into a resulting SQL query that is used to verify login information. | ||||
| CVE-2001-0429 | 1 Cisco | 1 Catos | 2026-04-16 | N/A |
| Cisco Catalyst 5000 series switches 6.1(2) and earlier will forward an 802.1x frame on a Spanning Tree Protocol (STP) blocked port, which causes a network storm and a denial of service. | ||||
| CVE-2006-1788 | 1 Adobe | 1 Document Server | 2026-04-16 | N/A |
| Adobe Document Server for Reader Extensions 6.0, during log on, provides different error messages depending on whether the user ID is valid or invalid, which allows remote attackers to more easily identify valid user IDs via brute force attacks. | ||||
| CVE-2001-0432 | 1 Trend Micro | 1 Interscan Viruswall | 2026-04-16 | N/A |
| Buffer overflows in various CGI programs in the remote administration service for Trend Micro Interscan VirusWall 3.01 allow remote attackers to execute arbitrary commands. | ||||
| CVE-2004-0358 | 1 Virtuasystems | 1 Virtuanews Pro | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in VirtuaNews Admin Panel Pro 1.0.3 allows remote attackers to execute arbitrary script as other users via (1) the mainnews parameter in admin.php, (2) the expand parameter in admin.php, (3) the id parameter in admin.php, (4) the catid parameter in admin.php, or (5) an unnamed parameter during the newslogo_upload action in admin.php. | ||||
| CVE-2006-1797 | 1 Netbsd | 1 Netbsd | 2026-04-16 | N/A |
| The kernel in NetBSD-current before September 28, 2005 allows local users to cause a denial of service (system crash) by using the SIOCGIFALIAS ioctl to gather information on a non-existent alias of a network interface, which causes a NULL pointer dereference. | ||||
| CVE-2006-1798 | 1 Rateit | 1 Rateit | 2026-04-16 | N/A |
| SQL injection vulnerability in rateit.php in RateIt 2.2 allows remote attackers to execute arbitrary SQL commands via the rateit_id parameter. | ||||
| CVE-2001-0443 | 1 Qpc Software | 2 Qvt Net, Qvt Term Plus | 2026-04-16 | N/A |
| Buffer overflow in QPC QVT/Net Popd 4.20 in QVT/Net 5.0 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via (1) a long username, or (2) a long password. | ||||