ReportizFlow
Filtered by vendor
Subscriptions
Total
29923 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-3404 | 1 Adaptive Technology Resource Centre | 1 Atutor | 2026-04-16 | N/A |
| Multiple PHP file inclusion vulnerabilities in ATutor 1.4.1 through 1.5.1-pl1 allow remote attackers to include arbitrary files via the section parameter followed by a null byte (%00) in (1) body_header.inc.php and (2) print.php. | ||||
| CVE-2005-3416 | 1 Phpbb Group | 1 Phpbb | 2026-04-16 | N/A |
| phpBB 2.0.17 and earlier, when register_globals is enabled and the session_start function has not been called to handle a session, allows remote attackers to bypass security checks by setting the $_SESSION and $HTTP_SESSION_VARS variables to strings instead of arrays, which causes an array_merge function call to fail. | ||||
| CVE-2006-3196 | 1 Singapore | 1 Singapore | 2026-04-16 | N/A |
| index.php in singapore 0.10.0 and earlier allows remote attackers to obtain the installation path via an invalid template parameter, which reveals the path in an error message. | ||||
| CVE-1999-0983 | 1 Internic | 1 Whois Lookup | 2026-04-16 | N/A |
| Whois Internic Lookup program whois.cgi allows remote attackers to execute commands via shell metacharacters in the domain entry. | ||||
| CVE-2002-1225 | 1 Kth | 1 Heimdal | 2026-04-16 | N/A |
| Multiple buffer overflows in Heimdal before 0.5, possibly in both the (1) kadmind and (2) kdc servers, may allow remote attackers to gain root access. | ||||
| CVE-2005-3423 | 1 Subdreamer | 1 Subdreamer | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Subdreamer 2.2.1 allow remote attackers to execute arbitrary SQL commands via (1) the loginusername parameter or (2) cookies to (a) subdreamer.php, (b) ipb2.php, (c) phpbb2.php, (d) vbulletin2.php, and (e) vbulletin3.php. | ||||
| CVE-2006-3214 | 1 Hitachi | 2 Groupmax Address Server, Groupmax Mail Server | 2026-04-16 | N/A |
| Unspecified vulnerability in Hitachi Groupmax Address Server 7 and earlier, and Groupmax Mail Server 7 and earlier allows remote attackers to cause a denial of service (product "stop") via unspecified vectors involving "unexpected requests". | ||||
| CVE-2002-1251 | 1 Log2mail | 1 Log2mail | 2026-04-16 | N/A |
| Buffer overflow in log2mail before 0.2.5.1 allows remote attackers to execute arbitrary code via a long log message. | ||||
| CVE-2006-3215 | 1 Clearswift | 2 Mailsweeper For Exchange, Mailsweeper For Smtp | 2026-04-16 | N/A |
| Clearswift MAILsweeper for SMTP before 4.3.20 and MAILsweeper for Exchange before 4.3.20 allows remote attackers to bypass the "text analysis", possibly bypassing SPAM and other filters, by sending an e-mail specifying a non-existent or unrecognized character set. | ||||
| CVE-2002-1255 | 1 Microsoft | 1 Outlook | 2026-04-16 | N/A |
| Microsoft Outlook 2002 allows remote attackers to cause a denial of service (repeated failure) via an email message with a certain invalid header field that is accessed using POP3, IMAP, or WebDAV, aka "E-mail Header Processing Flaw Could Cause Outlook 2002 to Fail." | ||||
| CVE-2005-3477 | 1 Invision Power Services | 1 Invision Gallery | 2026-04-16 | N/A |
| Multiple interpretation error in the image upload handling code in Invision Gallery 2.0.3 allows remote attackers to conduct cross-site scripting (XSS) attacks via HTML or script in an image whose type does not match its extension, which is rendered by Internet Explorer due to CVE-2005-3312. NOTE: it could be argued that this vulnerability is due to a design flaw in Internet Explorer and the proper fix should be in that browser; if so, then this should not be treated as a vulnerability in Invision Gallery. | ||||
| CVE-2005-3494 | 1 Ar-blog | 1 Ar-blog | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Ar-blog 5.2 and earlier allows remote attackers to inject arbitrary web script or HTML via a blog comment. | ||||
| CVE-2006-3224 | 1 Apple | 1 Safari | 2026-04-16 | N/A |
| Apple Safari 2.0.3 (417.9.3) on Mac OS X 10.4.6 allows remote attackers to cause a denial of service (CPU consumption) via Javascript with an infinite for loop. NOTE: it could be argued that this is not a vulnerability, unless it interferes with the operation of the system outside of the scope of Safari itself. | ||||
| CVE-2005-3521 | 1 E107 | 1 E107 | 2026-04-16 | N/A |
| SQL injection vulnerability in resetcore.php in e107 0.617 through 0.6173 allows remote attackers to execute arbitrary SQL commands, bypass authentication, and inject HTML or script via the (1) a_name parameter or (2) user field of the login page. | ||||
| CVE-2005-3558 | 1 Oste | 1 Oste | 2026-04-16 | N/A |
| PHP file inclusion vulnerability in index.php in OSTE 1.0 allows remote attackers to execute arbitrary code via the (1) page and (2) site parameters. | ||||
| CVE-2002-1322 | 1 Rational Software | 1 Clearcase | 2026-04-16 | N/A |
| Rational ClearCase 4.1, 2002.05, and possibly other versions allows remote attackers to cause a denial of service (crash) via certain packets to port 371, e.g. via nmap. | ||||
| CVE-2005-3583 | 1 Sun | 2 Jre, Sdk | 2026-04-16 | N/A |
| (1) Java Runtime Environment (JRE) and (2) Software Development Kit (SDK) 1.4.2_08, 1.4.2_09, and 1.5.0_05 and possibly other versions allow remote attackers to cause a denial of service (JVM unresponsive) via a crafted serialized object, such as a font object as demonstrated on JBoss. | ||||
| CVE-2006-3243 | 1 Mybulletinboard | 1 Mybulletinboard | 2026-04-16 | N/A |
| SQL injection vulnerability in usercp.php in MyBB (MyBulletinBoard) 1.0 through 1.1.3 allows remote attackers to execute arbitrary SQL commands via the showcodebuttons parameter. | ||||
| CVE-2005-3589 | 1 Filezilla | 1 Filezilla Server Terminal | 2026-04-16 | N/A |
| Buffer overflow in FileZilla Server Terminal 0.9.4d may allow remote attackers to cause a denial of service (terminal crash) via a long USER ftp command. | ||||
| CVE-2006-3363 | 1 Xoops | 1 Xoops Glossaire Module | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in index.php in the Glossaire module 1.7 for Xoops allows remote attackers to execute arbitrary PHP code via a URL in the pa parameter. | ||||