ReportizFlow
Filtered by vendor
Subscriptions
Total
29925 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-3789 | 1 Ufo2000 | 1 Ufo2000 | 2026-04-16 | N/A |
| Multiple array index errors in the (1) recv_rules, (2) recv_select_unit, (3) recv_options, and (4) recv_unit_data functions in multiplay.cpp in UFO2000 svn 1057 allow remote attackers to execute arbitrary code and cause a denial of service (opponent crash) via certain packet data that specifies an out-of-bounds index. | ||||
| CVE-2001-1071 | 1 Cisco | 2 Catos, Ios | 2026-04-16 | N/A |
| Cisco IOS 12.2 and earlier running Cisco Discovery Protocol (CDP) allows remote attackers to cause a denial of service (memory consumption) via a flood of CDP neighbor announcements. | ||||
| CVE-2006-3793 | 1 Sitedepth | 1 Sitedepth Cms | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in constants.php in SiteDepth CMS 3.01 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the SD_DIR parameter. | ||||
| CVE-2001-1096 | 1 Ibm | 1 Aix | 2026-04-16 | N/A |
| Buffer overflows in muxatmd in AIX 4 allows an attacker to cause a core dump and possibly execute code. | ||||
| CVE-2001-1138 | 1 Randy Parker | 1 Power Up Html | 2026-04-16 | N/A |
| Directory traversal vulnerability in r.pl (aka r.cgi) of Randy Parker Power Up HTML 0.8033beta allows remote attackers to read arbitrary files and possibly execute arbitrary code via a .. (dot dot) in the FILE parameter. | ||||
| CVE-2001-1151 | 1 Trend Micro | 2 Officescan, Virus Buster | 2026-04-16 | N/A |
| Trend Micro OfficeScan Corporate Edition (aka Virus Buster) 3.53 allows remote attackers to access sensitive information from the hotdownload directory without authentication, such as the ofcscan.ini configuration file, which contains a weakly encrypted password. | ||||
| CVE-2006-3799 | 1 Deluxebb | 1 Deluxebb | 2026-04-16 | N/A |
| DeluxeBB 1.07 and earlier allows remote attackers to bypass SQL injection protection mechanisms via the login variable and certain other variables, by using lowercase "union select" or possibly other statements that do not match the uppercase "UNION SELECT." | ||||
| CVE-2005-4422 | 1 Toenda Software Development | 1 Toendacms | 2026-04-16 | N/A |
| Unrestricted file upload vulnerability in toendaCMS before 0.6.2 Stable allows remote authenticated administrators to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in data/images/albums. | ||||
| CVE-2001-1189 | 1 Ibm | 1 Websphere Application Server | 2026-04-16 | N/A |
| IBM Websphere Application Server 3.5.3 and earlier stores a password in cleartext in the sas.server.props file, which allows local users to obtain the passwords via a JSP script. | ||||
| CVE-2006-4912 | 1 Php Docwriter | 1 Php Docwriter | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in PHP DocWriter 0.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the script parameter. | ||||
| CVE-2005-3272 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2026-04-16 | N/A |
| Linux kernel before 2.6.12 allows remote attackers to poison the bridge forwarding table using frames that have already been dropped by filtering, which can cause the bridge to forward spoofed packets. | ||||
| CVE-2001-1224 | 1 Les Vanbrunt | 1 Adrotate Pro | 2026-04-16 | N/A |
| get_input in adrotate.pm for Les VanBrunt AdRotate Pro 2.0 allows remote attackers to modify the database and possibly execute arbitrary commands via a SQL code injection attack. | ||||
| CVE-2001-1245 | 1 Opera Software | 1 Opera Web Browser | 2026-04-16 | N/A |
| Opera 5.0 for Linux does not properly handle malformed HTTP headers, which allows remote attackers to cause a denial of service, possibly with a header whose value is the same as a MIME header name. | ||||
| CVE-2006-0303 | 1 Joomla | 1 Joomla | 2026-04-16 | N/A |
| Multiple unspecified vulnerabilities in the (1) publishing component, (2) Contact Component, (3) TinyMCE Compressor, and (4) other components in Joomla! 1.0.5 and earlier have unknown impact and attack vectors. | ||||
| CVE-2001-1254 | 1 Com2001 | 1 Alexis Server | 2026-04-16 | N/A |
| Web Access component for COM2001 Alexis 2.0 and 2.1 in InternetPBX sends username and voice mail passwords in the clear via a Java applet that sends the information to port 8888 of the server, which could allow remote attackers to steal the passwords via sniffing. | ||||
| CVE-2001-1324 | 1 Paul Jarc | 1 Idtools | 2026-04-16 | N/A |
| cvmlogin and statfile in Paul Jarc idtools before 2001.06.27 do not properly check the return value of a call to the pathexec_env function, which could cause the setstate utility to setuid to the UID environment variable and allow local users to gain privileges. | ||||
| CVE-2006-3807 | 2 Mozilla, Redhat | 4 Firefox, Seamonkey, Thunderbird and 1 more | 2026-04-16 | N/A |
| Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to execute arbitrary code via script that changes the standard Object() constructor to return a reference to a privileged object and calling "named JavaScript functions" that use the constructor. | ||||
| CVE-2001-1361 | 1 Twig Development Team | 1 Twig | 2026-04-16 | N/A |
| Vulnerability in The Web Information Gateway (TWIG) 2.7.1, possibly related to incorrect security rights and/or the generation of mailto links. | ||||
| CVE-2005-4462 | 1 Tolva | 1 Tolva | 2026-04-16 | N/A |
| PHP remote file include vulnerability in usermods.php in Tolva PHP website system 0.1.0 allows remote attackers to execute arbitrary code via a URL in the ROOT parameter. | ||||
| CVE-2001-1410 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| Internet Explorer 6 and earlier allows remote attackers to create chromeless windows using the Javascript window.createPopup method, which could allow attackers to simulate a victim's display and conduct unauthorized activities or steal sensitive data via social engineering. | ||||