Total
345445 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-2100 | 1 Geovision | 1 Geohttpserver | 2026-04-16 | N/A |
| GeoHttpServer, when configured to authenticate users, allows remote attackers to bypass authentication and access unauthorized files via a URL that contains %0a%0a (encoded newlines). | ||||
| CVE-2004-2108 | 1 Quadcomm | 1 Q-shop | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in QuadComm Q-Shop allow remote attackers to execute arbitrary SQL commands via certain parameters to (1) search.asp, (2) browse.asp, (3) details.asp, (4) showcat.asp, (5) users.asp, (6) addtomylist.asp, (7) modline.asp, (8) cart.asp, or (9) newuser.asp. | ||||
| CVE-2005-3680 | 1 Xoops | 1 Xoops | 2026-04-16 | N/A |
| Directory traversal vulnerability in editor_registry.php in XOOPS 2.2.3 allows remote attackers to read or include arbitrary local files via a .. (dot dot) in the xoopsConfig[language] parameter. | ||||
| CVE-2004-2113 | 1 Herberlin | 1 Bremsserver | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in BremsServer 1.2.4 allows remote attackers to inject arbitrary web script or HTML via the URL. | ||||
| CVE-2005-3682 | 1 Wizz Forum | 1 Wizz Forum | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Wizz Forum 1.20 allow remote attackers to execute arbitrary SQL commands via (1) the AuthID parameter in ForumAuthDetails.php, and the TopicID parameter in (2) ForumTopicDetails.php and (3) ForumReply.php. | ||||
| CVE-2004-2116 | 1 Tinyserver | 1 Tinyserver | 2026-04-16 | N/A |
| Directory traversal vulnerability in Tiny Server 1.1 allows remote attackers to read or download arbitrary files via a .. (dot dot) in the URL. | ||||
| CVE-2005-3684 | 1 Freeftpd | 1 Freeftpd | 2026-04-16 | N/A |
| Multiple buffer overflows in freeFTPd 1.0.8, without logging enabled, allow remote authenticated attackers to cause a denial of service (application crash), and possibly execute arbitrary code, via long (1) MKD and (2) DELE commands. | ||||
| CVE-2004-2137 | 1 Microsoft | 1 Outlook Express | 2026-04-16 | N/A |
| Outlook Express 6.0, when sending multipart e-mail messages using the "Break apart messages larger than" setting, leaks the BCC recipients of the message to the addresses listed in the To and CC fields, which may allow remote attackers to obtain sensitive information. | ||||
| CVE-2004-2138 | 1 Allwebscripts | 1 Mysqlguest | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in AWSguest.php in AllWebScripts MySQLGuest allows remote attackers to inject arbitrary HTML and PHP code via the (1) Name, (2) Email, (3) Homepage or (4) Comments field. | ||||
| CVE-2004-2161 | 1 Tutos | 1 Tutos | 2026-04-16 | N/A |
| SQL injection vulnerability in file_overview.php in TUTOS 1.1 allows remote attackers to execute arbitrary SQL commands via the link_id parameter. | ||||
| CVE-2003-1029 | 1 Lbl | 1 Tcpdump | 2026-04-16 | N/A |
| The L2TP protocol parser in tcpdump 3.8.1 and earlier allows remote attackers to cause a denial of service (infinite loop and memory consumption) via a packet with invalid data to UDP port 1701, which causes l2tp_avp_print to use a bad length value when calling print_octets. | ||||
| CVE-2005-3690 | 1 Mailenable | 2 Mailenable Enterprise, Mailenable Professional | 2026-04-16 | N/A |
| Stack-based buffer overflow in the IMAP service (meimaps.exe) of MailEnable Professional 1.6 and earlier and Enterprise 1.1 and earlier allows remote attackers to execute arbitrary code via a long mailbox name in the (1) select, (2) create, (3) delete, (4) rename, (5) subscribe, or (6) unsubscribe commands. | ||||
| CVE-2003-1030 | 1 Dameware Development | 1 Mini Remote Control Server | 2026-04-16 | N/A |
| Buffer overflow in DameWare Mini Remote Control before 3.73 allows remote attackers to execute arbitrary code via a long pre-authentication request to TCP port 6129. | ||||
| CVE-2003-1035 | 1 Sap | 2 Sap R 3, Sapgui | 2026-04-16 | N/A |
| The default installation of SAP R/3 46C/D allows remote attackers to bypass account locking by using the RFC API instead of the SAPGUI to conduct a brute force password guessing attack, which does not lock out the account like the SAPGUI does. | ||||
| CVE-2004-2220 | 1 F-secure | 1 F-secure Anti-virus | 2026-04-16 | N/A |
| F-Secure Anti-Virus for Microsoft Exchange 6.30 and 6.31 does not properly detect certain password-protected files in a ZIP file, which allows remote attackers to bypass anti-virus protection. | ||||
| CVE-2005-3691 | 1 Mailenable | 2 Mailenable Enterprise, Mailenable Professional | 2026-04-16 | N/A |
| Directory traversal vulnerability in the IMAP service (meimaps.exe) of MailEnable Professional 1.6 and earlier and Enterprise 1.1 and earlier allows remote attackers to create or rename arbitrary mail directories via the mailbox name argument of the (1) create or (2) rename commands. | ||||
| CVE-2003-1036 | 1 Sap | 1 Internet Transaction Server | 2026-04-16 | N/A |
| Multiple buffer overflows in the AGate component for SAP Internet Transaction Server (ITS) allow remote attackers to execute arbitrary code via long (1) ~command, (2) ~runtimemode, or (3) ~session parameters, or (4) a long HTTP Content-Type header. | ||||
| CVE-2005-3696 | 1 Arki-db | 1 Arki-db | 2026-04-16 | N/A |
| SQL injection vulnerability in Arki-DB 1.0 and 2.0 allows remote attackers to execute arbitrary SQL commands via the catid parameter in a view action (view.php) to index.php. | ||||
| CVE-2005-3707 | 1 Apple | 1 Quicktime | 2026-04-16 | N/A |
| Buffer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via crafted TGA image files. | ||||
| CVE-2005-3709 | 1 Apple | 1 Quicktime | 2026-04-16 | N/A |
| Integer underflow in Apple Quicktime before 7.0.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the Color Map Entry Size in a TGA image file. | ||||