ReportizFlow
Filtered by vendor
Subscriptions
Total
29923 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2003-0757 | 1 Checkpoint | 1 Firewall-1 | 2026-04-16 | N/A |
| Check Point FireWall-1 4.0 and 4.1 before SP5 allows remote attackers to obtain the IP addresses of internal interfaces via certain SecuRemote requests to TCP ports 256 or 264, which leaks the IP addresses in a reply packet. | ||||
| CVE-2003-0760 | 1 Optisoft | 1 Blubster | 2026-04-16 | N/A |
| Blubster 2.5 allows remote attackers to cause a denial of service (crash) via a flood of connections to UDP port 701. | ||||
| CVE-2004-0037 | 1 Opentext | 1 Opentext Firstclass Desktop Client | 2026-04-16 | N/A |
| FirstClass Desktop Client 7.1 allows remote attackers to execute arbitrary commands via hyperlinks in FirstClass RTF messages. | ||||
| CVE-2006-2206 | 1 Ultravnc | 1 Ultravnc | 2026-04-16 | N/A |
| The MS-Logon authentication scheme in UltraVNC (aka Ultr@VNC) 1.0.1 uses weak encryption (XOR) for challenge/response, which allows remote attackers to gain privileges by sniffing and decrypting passwords. | ||||
| CVE-2006-2318 | 1 Ideal Science | 1 Idealbb | 2026-04-16 | N/A |
| Incomplete blacklist vulnerability in Ideal Science Ideal BB 1.5.4a and earlier allows remote attackers to upload and execute an ASP script via a ".asa" file, which bypasses the check for the ".asp" extension but is executable on the server. | ||||
| CVE-2006-2328 | 1 Angelinecms | 1 Angelinecms | 2026-04-16 | N/A |
| SQL injection vulnerability in lib/adodb/server.php in AngelineCMS 0.6.5 and earlier might allow remote attackers to execute arbitrary SQL commands via the query string. | ||||
| CVE-2004-1202 | 1 Phpcms | 1 Phpcms | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in parser.php in phpCMS 1.2.1 and earlier, with non-stealth and debug modes enabled, allows remote attackers to inject arbitrary web script or HTML via the file parameter. | ||||
| CVE-2004-2229 | 1 Oracle | 1 Database Server Lite | 2026-04-16 | N/A |
| Multiple unknown vulnerabilities in Oracle 9i Lite Mobile Server 5.0.0.0.0 through 5.0.2.9.0 allow remote authenticated users to gain privileges. | ||||
| CVE-2006-2358 | 1 Web-labs | 1 Web-labs Cms | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in various scripts in Web-Labs CMS allow remote attackers to inject arbitrary web script or HTML via (1) the search parameter and (2) unspecified fields related to e-mail alerts. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2006-2361 | 2 Mxbb, Php Arena | 2 Mxbb Portal, Pafiledb | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in pafiledb_constants.php in Download Manager (mxBB pafiledb) integration, as used with phpBB, allows remote attackers to execute arbitrary PHP code via a URL in the module_root_path parameter. | ||||
| CVE-2004-0993 | 1 Hp | 1 Sockd | 2026-04-16 | N/A |
| Buffer overflow in hpsockd before 0.6 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code. | ||||
| CVE-2004-1000 | 1 Debian | 1 Lintian | 2026-04-16 | N/A |
| lintian 1.23 and earlier removes the working directory even if it was not created by lintian, which may allow local users to delete arbitrary files or directories via a symlink attack. | ||||
| CVE-2004-1012 | 6 Carnegie Mellon University, Conectiva, Openpkg and 3 more | 6 Cyrus Imap Server, Linux, Openpkg and 3 more | 2026-04-16 | N/A |
| The argument parser of the PARTIAL command in Cyrus IMAP Server 2.2.6 and earlier allows remote authenticated users to execute arbitrary code via a certain command ("body[p") that is treated as a different command ("body.peek") and causes an index increment error that leads to an out-of-bounds memory corruption. | ||||
| CVE-2004-1027 | 4 Arjsoftware, Debian, Gentoo and 1 more | 4 Unarj, Debian Linux, Linux and 1 more | 2026-04-16 | N/A |
| Directory traversal vulnerability in the -x (extract) command line option in unarj allows remote attackers to overwrite arbitrary files via an arj archive with filenames that contain .. (dot dot) sequences. | ||||
| CVE-2004-1056 | 3 Linux, Redhat, Ubuntu | 3 Linux Kernel, Enterprise Linux, Ubuntu Linux | 2026-04-16 | N/A |
| Direct Rendering Manager (DRM) driver in Linux kernel 2.6 does not properly check the DMA lock, which could allow remote attackers or local users to cause a denial of service (X Server crash) and possibly modify the video output. | ||||
| CVE-2004-2116 | 1 Tinyserver | 1 Tinyserver | 2026-04-16 | N/A |
| Directory traversal vulnerability in Tiny Server 1.1 allows remote attackers to read or download arbitrary files via a .. (dot dot) in the URL. | ||||
| CVE-2004-2176 | 1 Microsoft | 1 Windows Xp | 2026-04-16 | N/A |
| The Internet Connection Firewall (ICF) in Microsoft Windows XP SP2 is configured by default to trust sessmgr.exe, which allows local users to use sessmgr.exe to create a local listening port that bypasses the ICF access controls. | ||||
| CVE-2004-2178 | 1 Devoybb | 1 Devoybb Web Forum | 2026-04-16 | N/A |
| SQL injection vulnerability in DevoyBB Web Forum 1.0.0 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | ||||
| CVE-2004-2225 | 1 Mozilla | 1 Firefox | 2026-04-16 | N/A |
| Mozilla Firefox before 0.10.1 allows remote attackers to delete arbitrary files in the download directory via a crafted data: URI that is not properly handled when the user clicks the Save button. | ||||
| CVE-2004-2242 | 1 Phorum | 1 Phorum | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in search.php in Phorum, possibly 5.0.7 beta and earlier, allows remote attackers to inject arbitrary HTML or web script via the subject parameter. | ||||