ReportizFlow
Filtered by vendor
Subscriptions
Total
29907 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-0876 | 1 Evolvable Corporation | 1 Shambala Server | 2026-04-16 | N/A |
| Web server for Shambala 4.5 allows remote attackers to cause a denial of service (crash) via a malformed HTTP request. | ||||
| CVE-2001-1215 | 1 Michael Baumer | 1 Pfinger | 2026-04-16 | N/A |
| Format string vulnerability in PFinger 0.7.5 through 0.7.7 allows remote attackers to execute arbitrary code via format string specifiers in a .plan file. | ||||
| CVE-2002-0942 | 1 Lumigent | 1 Log Explorer | 2026-04-16 | N/A |
| Buffer overflows in Lugiment Log Explorer before 3.02 allow attackers with database permissions to execute arbitrary code via long arguments to the extended stored procedures (1) xp_logattach_StartProf, (2) xp_logattach_setport, or (3) xp_logattach. | ||||
| CVE-2004-0584 | 1 Horde | 1 Imp | 2026-04-16 | N/A |
| Unknown vulnerability in Horde IMP 3.2.3 and earlier, before a "security fix," does not properly validate input, which allows remote attackers to execute arbitrary script as other users via script or HTML in an e-mail message, possibly triggering a cross-site scripting (XSS) vulnerability. | ||||
| CVE-2001-1217 | 1 Oracle | 1 Application Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in PL/SQL Apache module in Oracle Oracle 9i Application Server allows remote attackers to access sensitive information via a double encoded URL with .. (dot dot) sequences. | ||||
| CVE-2006-0331 | 1 Thiago Melo De Paula | 1 Change Passwd | 2026-04-16 | N/A |
| Buffer overflow in Change passwd 3.1 (chpasswd) SquirrelMail plugin allows local users to execute arbitrary code via long command line arguments. | ||||
| CVE-2003-0754 | 1 Newsphp | 1 Newsphp | 2026-04-16 | N/A |
| nphpd.php in newsPHP 216 and earlier allows remote attackers to bypass authentication via an HTTP request with a modified nphp_users array, which is used for authentication. | ||||
| CVE-2002-1683 | 1 Working Resources Inc. | 1 Badblue | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in BadBlue Personal Edition 1.7.3 allows remote attackers to execute arbitrary script as other users by injecting script into the cleanSearchString() function. | ||||
| CVE-2003-1521 | 1 Sun | 1 Java Plug-in | 2026-04-16 | N/A |
| Sun Java Plug-In 1.4 through 1.4.2_02 allows remote attackers to repeatedly access the floppy drive via the createXmlDocument method in the org.apache.crimson.tree.XmlDocument class, which violates the Java security model. | ||||
| CVE-2006-0350 | 1 Epic Designs | 1 Eggblog | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in eggblog 2.0 allow remote attackers to inject arbitrary web script or HTML via the message field to topic.php. | ||||
| CVE-2002-1538 | 1 Acuma | 1 Acusend | 2026-04-16 | N/A |
| Acuma Acusend 4, and possibly earlier versions, allows remote authenticated users to read the reports of other users by inferring the full URL, whose name is easily predictable. | ||||
| CVE-2004-0588 | 1 Usermin | 1 Usermin | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the web mail module for Usermin 1.070 allows remote attackers to insert arbitrary HTML and script via e-mail messages. | ||||
| CVE-2002-1940 | 1 Jacob Navia | 1 Lcc-win32 | 2026-04-16 | N/A |
| LCC-Win32 3.2 compiler, when running on Windows 95, 98, or ME, writes portions of previously used memory after the import table, which could allow attackers to gain sensitive information. NOTE: it has been reported that this problem is due to the OS and not the application. | ||||
| CVE-2006-0372 | 1 Insane Visions | 1 Blogphp | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in config.php in Insane Visions BlogPHP, possibly 1.0, allow remote attackers to execute arbitrary SQL commands via the (1) blogphp_username or (2) blogphp_password parameter in a cookie. | ||||
| CVE-2004-1641 | 1 South River Technologies | 1 Titan Ftp Server | 2026-04-16 | N/A |
| Heap-based buffer overflow in Titan FTP 3.21 and earlier allows remote attackers to cause a denial of service (crash) via a long FTP command such as (1) CWD, (2) STAT, or (3) LIST. | ||||
| CVE-2002-2180 | 1 Openbsd | 1 Openbsd | 2026-04-16 | N/A |
| The setitimer(2) system call in OpenBSD 2.0 through 3.1 does not properly check certain arguments, which allows local users to write to kernel memory and possibly gain root privileges, possibly via an integer signedness error. | ||||
| CVE-2004-2127 | 1 Leif M. Wright | 1 Web Blog | 2026-04-16 | N/A |
| Directory traversal vulnerability in Web Blog 1.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the file variable. | ||||
| CVE-2001-1227 | 2 Redhat, Zope | 3 Linux, Powertools, Zope | 2026-04-16 | N/A |
| Zope before 2.2.4 allows partially trusted users to bypass security controls for certain methods by accessing the methods through the fmt attribute of dtml-var tags. | ||||
| CVE-2005-2021 | 1 Cpanel | 1 Cpanel | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in cPanel 9.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the user parameter in the login page. | ||||
| CVE-2006-0373 | 1 Douran | 1 Followweb | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in register.aspx in Douran FollowWeb allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||