Total
345220 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2001-0086 | 1 Cgi Script Center | 1 Subscribe Me Lite | 2026-04-16 | N/A |
| CGI Script Center Subscribe Me LITE 2.0 and earlier allows remote attackers to delete arbitrary mailing list users without authentication by directly calling subscribe.pl with the target address as a parameter. | ||||
| CVE-2001-0088 | 1 Jason Hines | 1 Phpweblog | 2026-04-16 | N/A |
| common.inc.php in phpWebLog 0.4.2 does not properly initialize the $CONF array, which inadvertently sets the password to a single character, allowing remote attackers to easily guess the SiteKey and gain administrative privileges to phpWebLog. | ||||
| CVE-2001-0089 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| Internet Explorer 5.0 through 5.5 allows remote attackers to read arbitrary files from the client via the INPUT TYPE element in an HTML form, aka the "File Upload via Form" vulnerability. | ||||
| CVE-2004-0272 | 1 Maxwebportal | 1 Maxwebportal | 2026-04-16 | N/A |
| SQL injection vulnerability in MaxWebPortal allows remote attackers to inject arbitrary SQL code and gain sensitive information via the SendTo parameter in Personal Messages. | ||||
| CVE-1999-1158 | 1 Sun | 1 Sunos | 2026-04-16 | N/A |
| Buffer overflow in (1) pluggable authentication module (PAM) on Solaris 2.5.1 and 2.5 and (2) unix_scheme in Solaris 2.4 and 2.3 allows local users to gain root privileges via programs that use these modules such as passwd, yppasswd, and nispasswd. | ||||
| CVE-2003-0076 | 2 Dcgui, Qt-dcgui | 2 Dcgui, Qt-dcgui | 2026-04-16 | N/A |
| Unknown vulnerability in the directory parser for Direct Connect 4 Linux (dcgui) before 0.2.2 allows remote attackers to read files outside the sharelist. | ||||
| CVE-2001-0090 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| The Print Templates feature in Internet Explorer 5.5 executes arbitrary custom print templates without prompting the user, which could allow an attacker to execute arbitrary ActiveX controls, aka the "Browser Print Template" vulnerability. | ||||
| CVE-2001-0091 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| The ActiveX control for invoking a scriptlet in Internet Explorer 5.0 through 5.5 renders arbitrary file types instead of HTML, which allows an attacker to read arbitrary files, aka a variant of the "Scriptlet Rendering" vulnerability. | ||||
| CVE-2000-1036 | 1 Extent Technologies | 1 Rbs Isp | 2026-04-16 | N/A |
| Directory traversal vulnerability in Extent RBS ISP web server allows remote attackers to read sensitive information via a .. (dot dot) attack on the Image parameter. | ||||
| CVE-2006-1236 | 1 Crossfire | 1 Crossfire | 2026-04-16 | 7.3 High |
| Buffer overflow in the SetUp function in socket/request.c in CrossFire 1.9.0 allows remote attackers to execute arbitrary code via a long setup sound command, a different vulnerability than CVE-2006-1010. | ||||
| CVE-2001-0092 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| A function in Internet Explorer 5.0 through 5.5 does not properly verify the domain of a frame within a browser window, which allows a remote attacker to read client files, aka a new variant of the "Frame Domain Verification" vulnerability. | ||||
| CVE-2002-0907 | 1 Nullsoft | 1 Shoutcast Server | 2026-04-16 | N/A |
| Buffer overflow in SHOUTcast 1.8.9 and other versions before 1.8.12 allows a remote authenticated DJ to execute arbitrary code on the server via a long value in a header whose name begins with "icy-". | ||||
| CVE-2001-0095 | 1 Sun | 1 Sunos | 2026-04-16 | N/A |
| catman in Solaris 2.7 and 2.8 allows local users to overwrite arbitrary files via a symlink attack on the sman_PID temporary file. | ||||
| CVE-2001-0068 | 1 Apple | 1 Mac Os Runtime For Java | 2026-04-16 | N/A |
| Mac OS Runtime for Java (MRJ) 2.2.3 allows remote attackers to use malicious applets to read files outside of the CODEBASE context via the ARCHIVE applet parameter. | ||||
| CVE-2002-2001 | 2 Jmcce, Mandrakesoft | 2 Jmcce, Mandrake Linux | 2026-04-16 | N/A |
| jmcce 1.3.8 in Mandrake 8.1 creates log files in /tmp with predictable names, which allows local users to overwrite arbitrary files via a symlink attack. | ||||
| CVE-1999-1138 | 1 Sco | 4 Open Desktop, Open Desktop Lite, Openserver and 1 more | 2026-04-16 | N/A |
| SCO UNIX System V/386 Release 3.2, and other SCO products, installs the home directories (1) /tmp for the dos user, and (2) /usr/tmp for the asg user, which allows other users to gain access to those accounts since /tmp and /usr/tmp are world-writable. | ||||
| CVE-2002-2051 | 1 Modlogan | 1 Modlogan | 2026-04-16 | N/A |
| The processor_web plugin for ModLogAn 0.5.0 through 0.7.11, when used with the splitby option, allows local users to overwrite arbitrary files via a symlink attack on files specified as hostnames in a log file. | ||||
| CVE-2002-2057 | 1 Teekai | 1 Teekai Forum | 2026-04-16 | N/A |
| TeeKai Forum 1.2 uses weak encryption of web usage statistics in data/member_log.txt, which is stored under the web document root with insufficient access control, which allows remote attackers to identify IP's visiting the site by dividing each octet by the MD5 hash of '20'. | ||||
| CVE-2004-0155 | 2 Kame, Redhat | 2 Racoon, Enterprise Linux | 2026-04-16 | N/A |
| The KAME IKE Daemon Racoon, when authenticating a peer during Phase 1, validates the X.509 certificate but does not verify the RSA signature authentication, which allows remote attackers to establish unauthorized IP connections or conduct man-in-the-middle attacks using a valid, trusted X.509 certificate. | ||||
| CVE-1999-1157 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| Tcpip.sys in Windows NT 4.0 before SP4 allows remote attackers to cause a denial of service via an ICMP Subnet Mask Address Request packet, when certain multiple IP addresses are bound to the same network interface. | ||||