ReportizFlow
Filtered by vendor
Subscriptions
Total
29909 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-1517 | 1 Sgi | 2 Freeware, Irix | 2026-04-16 | N/A |
| fsr_efs in IRIX 6.5 allows local users to conduct unauthorized file activities via a symlink attack, possibly via the .fsrlast file. | ||||
| CVE-2002-1518 | 1 Sgi | 1 Irix | 2026-04-16 | N/A |
| mv in IRIX 6.5 creates a directory with world-writable permissions while moving a directory, which could allow local users to modify files and directories. | ||||
| CVE-2000-1152 | 1 Be | 1 Beos | 2026-04-16 | N/A |
| Browser IRC client in BeOS r5 pro and earlier allows remote attackers to conduct a denial of service via a message that contains a long URL. | ||||
| CVE-2002-1522 | 1 Cooolsoft | 1 Powerftp | 2026-04-16 | N/A |
| Buffer overflow in PowerFTP FTP server 2.24, and possibly other versions, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long USER argument. | ||||
| CVE-2002-1525 | 2 Astaware, Sun | 2 Searchdisc, Sunone Starter Kit | 2026-04-16 | N/A |
| Directory traversal vulnerability in ASTAware SearchDisk engine for Sun ONE Starter Kit 2.0 allows remote attackers to read arbitrary files via a .. (dot dot) attack on port (1) 6015 or (2) 6016, or (3) an absolute pathname to port 6017. | ||||
| CVE-2002-1527 | 1 Emumail | 1 Emu Webmail | 2026-04-16 | N/A |
| emumail.cgi in EMU Webmail 5.0 allows remote attackers to determine the full pathname for emumail.cgi via a malformed string containing script, which generates a regular expression matching error that includes the pathname in the resulting error message. | ||||
| CVE-2002-1530 | 1 Surfcontrol | 1 Superscout Email Filter | 2026-04-16 | N/A |
| The administrative web interface (STEMWADM) for SurfControl SuperScout Email Filter allows users to obtain usernames and plaintext passwords via a request to the userlist.asp program, which includes the passwords in a user editing form. | ||||
| CVE-2002-1540 | 1 Symantec | 1 Norton Antivirus | 2026-04-16 | N/A |
| The client for Symantec Norton AntiVirus Corporate Edition 7.5.x before 7.5.1 Build 62 and 7.6.x before 7.6.1 Build 35a runs winhlp32 with raised privileges, which allows local users to gain privileges by using certain features of winhlp32. | ||||
| CVE-2002-1561 | 1 Microsoft | 4 Windows 2000, Windows 2000 Terminal Services, Windows Nt and 1 more | 2026-04-16 | N/A |
| The RPC component in Windows 2000, Windows NT 4.0, and Windows XP allows remote attackers to cause a denial of service (disabled RPC service) via a malformed packet to the RPC Endpoint Mapper at TCP port 135, which triggers a null pointer dereference. | ||||
| CVE-2002-1583 | 1 Ibm | 1 Db2 Universal Database | 2026-04-16 | N/A |
| Buffer overflow in sqllib/security/db2ckpw for IBM DB2 Universal Database 6.0 and 7.0 allows local users to execute arbitrary code via a long username that is read from a file descriptor argument. | ||||
| CVE-2002-2224 | 1 Network Associates | 1 Pgp Freeware | 2026-04-16 | N/A |
| Buffer overflow in PGPFreeware 7.03 running on Windows NT 4.0 SP6 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted Internet Key Exchange (IKE) response packets, possibly including (1) a large Security Parameter Index (SPI) field, (2) large number of payloads, or (3) a long payload. | ||||
| CVE-2006-3135 | 1 Hotwebscripts | 1 Cms Mundo | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in CMS Mundo 1.0 build 008, and possibly other versions, allow remote attackers to execute arbitrary SQL commands via the (1) news_id parameter in the (a) news module, (2) searchstring parameter in (b) the search module, (3) id parameter in (c) the webshop module, (4) username parameter in (d) index.php, and (5) Name, (6) Address, (7) Zip, (8) City, (9) Country, and (10) Email fields during (e) a user profile update. | ||||
| CVE-2006-3141 | 1 Dpivision | 1 Tradingeye Shop | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in details.cfm in Tradingeye Shop R4 and earlier allows remote attackers to inject arbitrary web script or HTML via the image parameter. | ||||
| CVE-2006-3142 | 1 Vbzoom | 1 Vbzoom | 2026-04-16 | N/A |
| SQL injection vulnerability in forum.php in VBZooM 1.11 allows remote attackers to execute arbitrary SQL commands via the MainID parameter. | ||||
| CVE-2003-0924 | 2 Netpbm, Redhat | 3 Netpbm, Enterprise Linux, Linux | 2026-04-16 | N/A |
| netpbm 9.25 and earlier does not properly create temporary files, which allows local users to overwrite arbitrary files. | ||||
| CVE-1999-1564 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| FreeBSD 3.2 and possibly other versions allows a local user to cause a denial of service (panic) with a large number accesses of an NFS v3 mounted directory from a large number of processes. | ||||
| CVE-2003-0175 | 1 Sgi | 1 Irix | 2026-04-16 | N/A |
| SGI IRIX before 6.5.21 allows local users to cause a denial of service (kernel panic) via a certain call to the PIOCSWATCH ioctl. | ||||
| CVE-2003-0371 | 1 Prishtina Soft | 1 Prishtina Ftp | 2026-04-16 | N/A |
| Buffer overflow in Prishtina FTP client 1.x allows remote FTP servers to cause a denial of service (crash) and possibly execute arbitrary code via a long FTP banner. | ||||
| CVE-2006-3187 | 1 Sharky E-shop | 1 Sharky E-shop | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Sharky e-shop 3.05 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) maingroup and (2) secondgroup parameters to (a) search_prod_list.asp, and the (3) maingroup parameter to (b) meny2.asp. NOTE: it is possible that this is resultant from SQL injection or a forced SQL error. | ||||
| CVE-2006-3323 | 1 Mastersfusion | 1 Mf Piadas | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in admin/admin.php in MF Piadas 1.0 allows remote attackers to execute arbitrary PHP code via the page parameter. NOTE: the same vector can be used for cross-site scripting, but CVE analysis suggests that this is resultant from file inclusion of HTML or script. | ||||