Total
345568 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2001-1045 | 1 Basilix | 1 Basilix Webmail | 2026-04-16 | N/A |
| Directory traversal vulnerability in basilix.php3 in Basilix Webmail 1.0.3beta and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the request_id[DUMMY] parameter. | ||||
| CVE-2005-4440 | 1 Vlan Protocol | 1 Vlan Protocol | 2026-04-16 | N/A |
| The 802.1q VLAN protocol allows remote attackers to bypass network segmentation and spoof VLAN traffic via a message with two 802.1q tags, which causes the second tag to be redirected from a downstream switch after the first tag has been stripped, as demonstrated by Yersinia, aka "double-tagging VLAN jumping attack." | ||||
| CVE-2005-4438 | 1 Dec2rar.dll | 1 Dec2rar.dll | 2026-04-16 | N/A |
| Heap-based buffer overflow in Dec2Rar.dll 3.2.14.3, as distributed in the Symantec Antivirus Library and used by various Symantec products, allows remote attackers to execute arbitrary code via RAR archives with sub-block headers that contain incorrect values in the length field. | ||||
| CVE-2005-1367 | 1 Pico Server | 1 Pico Server | 2026-04-16 | N/A |
| Pico Server (pServ) 3.2 and earlier allows local users to read arbitrary files as the pServ user via a symlink to a file outside of the web document root. | ||||
| CVE-1999-0437 | 1 Ramp Networks | 1 Webramp | 2026-04-16 | N/A |
| Remote attackers can perform a denial of service in WebRamp systems by sending a malicious string to the HTTP port. | ||||
| CVE-1999-0429 | 1 Ibm | 1 Lotus Notes | 2026-04-16 | N/A |
| The Lotus Notes 4.5 client may send a copy of encrypted mail in the clear across the network if the user does not set the "Encrypt Saved Mail" preference. | ||||
| CVE-1999-0411 | 1 Sco | 1 Openserver | 2026-04-16 | N/A |
| Several startup scripts in SCO OpenServer Enterprise System v 5.0.4p, including S84rpcinit, S95nis, S85tcp, and S89nfs, are vulnerable to a symlink attack, allowing a local user to gain root access. | ||||
| CVE-2005-4436 | 1 Extended Interior Gateway Routing Protocol | 1 Extended Interior Gateway Routing Protocol | 2026-04-16 | N/A |
| Extended Interior Gateway Routing Protocol (EIGRP) 1.2, as implemented in Cisco IOS after 12.3(2), 12.3(3)B, and 12.3(2)T and other products, allows remote attackers to cause a denial of service by sending a "spoofed neighbor announcement" with (1) mismatched k values or (2) "goodbye message" Type-Length-Value (TLV). | ||||
| CVE-2005-1354 | 1 Forum.pl | 1 Forum.pl | 2026-04-16 | N/A |
| The forum.pl script allows remote attackers to execute arbitrary commands via shell metacharacters in the argument. | ||||
| CVE-1999-0409 | 1 Suse | 1 Suse Linux | 2026-04-16 | N/A |
| Buffer overflow in gnuplot in Linux version 3.5 allows local users to obtain root access. | ||||
| CVE-2005-1352 | 1 Leif M. Wright | 1 Ad.cgi | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the ad.cgi script allows remote attackers to inject arbitrary web script or HTML via the argument. | ||||
| CVE-1999-0403 | 1 Cyrix | 1 Linux | 2026-04-16 | N/A |
| A bug in Cyrix CPUs on Linux allows local users to perform a denial of service. | ||||
| CVE-2005-4433 | 1 Esselbach Internet Solutions | 1 Esselbach Storyteller Cms | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in search.php in Esselbach Storyteller CMS 1.8 allows remote attackers to inject arbitrary web script or HTML via the query parameter, which is used by the Search field. | ||||
| CVE-2006-0722 | 1 Reamday Enterprises | 1 Magic Downloads | 2026-04-16 | N/A |
| settings.php in Reamday Enterprises Magic Downloads 1.1.3, when register_globals is enabled, allows remote attackers to modify program behavior, potentially bypassing authentication controls, via modified (1) action, (2) passwd, (3) admin_password, (4) new_passwd, and (5) confirm_passwd variables, which are not initialized. | ||||
| CVE-2005-4429 | 1 Cs-cart | 1 Cs-cart | 2026-04-16 | N/A |
| SQL injection vulnerability in CS-Cart 1.3.0 allows remote attackers to execute arbitrary SQL commands via the (1) sort_by and (2) sort_order parameters to index.php. | ||||
| CVE-2005-1324 | 1 Matthieu Aubry | 1 Phpmyvisites | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index.php for phpMyVisites allow remote attackers to inject arbitrary web script or HTML via the (1) part, (2) per, or (3) site parameters. | ||||
| CVE-1999-0399 | 1 Khaled Mardam-bey | 1 Mirc | 2026-04-16 | N/A |
| The DCC server command in the Mirc 5.5 client doesn't filter characters from file names properly, allowing remote attackers to place a malicious file in a different location, possibly allowing the attacker to execute commands. | ||||
| CVE-2005-1310 | 1 Eaden Mckee | 1 Bblog | 2026-04-16 | N/A |
| SQL injection vulnerability in bBlog 0.7.4 allows remote attackers to execute arbitrary SQL commands via the postid parameter. | ||||
| CVE-1999-0395 | 1 Backweb Technologies | 1 Backweb Polite Agent Protocol | 2026-04-16 | N/A |
| A race condition in the BackWeb Polite Agent Protocol allows an attacker to spoof a BackWeb server. | ||||
| CVE-2005-4418 | 1 Vserver | 1 Util-vserver | 2026-04-16 | N/A |
| util-vserver before 0.30.208-1 with kernel-patch-vserver before 1.9.5.5 and 2.x before 2.3 for Debian GNU/Linux sets a default policy that trusts unknown capabilities, which could allow local users to conduct unauthorized activities. | ||||