ReportizFlow
Filtered by vendor
Subscriptions
Total
29925 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-1999-1308 | 1 Hp | 1 Hp-ux | 2026-04-16 | N/A |
| Certain programs in HP-UX 10.20 do not properly handle large user IDs (UID) or group IDs (GID) over 60000, which could allow local users to gain privileges. | ||||
| CVE-1999-0206 | 1 Eric Allman | 1 Sendmail | 2026-04-16 | N/A |
| MIME buffer overflow in Sendmail 8.8.0 and 8.8.1 gives root access. | ||||
| CVE-2006-1645 | 1 Reloadcms | 1 Reloadcms | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Anton Vlasov and Rostislav Gaitkuloff ReloadCMS 1.2.5 and earlier allows remote attackers to inject arbitrary web script or HTML and gain leverage to execute arbitrary PHP code via the User-Agent HTTP header, which is displayed by admin/modules/general/statistic.php in the administration panel. | ||||
| CVE-2005-3244 | 2 Ethereal Group, Redhat | 2 Ethereal, Enterprise Linux | 2026-04-16 | N/A |
| The BER dissector in Ethereal 0.10.3 to 0.10.12 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors. | ||||
| CVE-2006-2292 | 1 Inhouse Associates | 1 Ia-calendar | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in IA-Calendar allow remote attackers to execute arbitrary SQL commands via the (1) type parameter in (a) calendar_new.asp and (b) default.asp, and (2) ID parameter in (c) calendar_detail.asp. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | ||||
| CVE-2005-4510 | 1 Extensis | 1 Netpublish Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in server.np in NetPublish Server 7 allows remote attackers to read arbitrary files via "../" sequences in the template parameter. | ||||
| CVE-2005-4511 | 1 Curtis Hawthorne | 1 Tn3270 Resource Gateway | 2026-04-16 | N/A |
| Format string vulnerability in TN3270 Resource Gateway 1.1.0 allows local users to cause a denial of service and possibly execute arbitrary code via format string specifiers in syslog function calls. | ||||
| CVE-2005-4520 | 1 Mantis | 1 Mantis | 2026-04-16 | N/A |
| Unspecified "port injection" vulnerabilities in filters in Mantis 1.0.0rc3 and earlier have unknown impact and attack vectors. NOTE: due to a lack of relevant details in the vendor changelog, which is the source of this description, it is unclear whether this is a duplicate of another CVE. | ||||
| CVE-2005-4525 | 1 Sygate Technologies | 1 Protection Agent | 2026-04-16 | N/A |
| SmcGui.exe in Sygate Protection Agent 5.0 build 6144 allows local users to obtain management control over the agent by executing the GUI (SmcGui.exe) and then killing the process, which causes the privileged management GUI to launch. | ||||
| CVE-1999-0718 | 1 Ibm | 1 Gina | 2026-04-16 | N/A |
| IBM GINA, when used for OS/2 domain authentication of Windows NT users, allows local users to gain administrator privileges by changing the GroupMapping registry key. | ||||
| CVE-1999-0746 | 2 Slackware, Suse | 2 Slackware Linux, Suse Linux | 2026-04-16 | N/A |
| A default configuration of in.identd in SuSE Linux waits 120 seconds between requests, allowing a remote attacker to conduct a denial of service. | ||||
| CVE-1999-1344 | 1 Auto Ftp | 1 Auto Ftp | 2026-04-16 | N/A |
| Auto_FTP.pl script in Auto_FTP 0.2 stores usernames and passwords in plaintext in the auto_ftp.conf configuration file. | ||||
| CVE-2006-4313 | 1 Cisco | 1 Vpn 3000 Concentrator Series Software | 2026-04-16 | N/A |
| Multiple unspecified vulnerabilities in Cisco VPN 3000 series concentrators before 4.1, 4.1.x up to 4.1(7)L, and 4.7.x up to 4.7(2)F allow attackers to execute the (1) CWD, (2) MKD, (3) CDUP, (4) RNFR, (5) SIZE, and (6) RMD FTP commands to modify files or create and delete directories via unknown vectors. | ||||
| CVE-2006-4319 | 1 Sun | 2 Solaris, Sunos | 2026-04-16 | N/A |
| Buffer overflow in the format command in Solaris 8, 9, and 10 allows local users with access to format (such as the "File System Management" RBAC profile) to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2006-4307. | ||||
| CVE-1999-0550 | 2026-04-16 | N/A | ||
| A router's routing tables can be obtained from arbitrary hosts. | ||||
| CVE-1999-0624 | 2026-04-16 | N/A | ||
| The rstat/rstatd service is running. | ||||
| CVE-2006-4374 | 1 Irfanview | 1 Irfanview | 2026-04-16 | N/A |
| IrfanView 3.98 (with plugins) allows user-assisted attackers to cause a denial of service (application crash) via a crafted ANI image file, possibly due to a buffer overflow. | ||||
| CVE-1999-0692 | 2 Cray, Sgi | 2 Unicos, Irix | 2026-04-16 | N/A |
| The default configuration of the Array Services daemon (arrayd) disables authentication, allowing remote users to gain root privileges. | ||||
| CVE-2006-4376 | 1 Guder Und Koch Netzwerktechnik | 1 Eichhorn Portal | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Guder und Koch Netzwerktechnik Eichhorn Portal allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly including the (1) profil_nr and (2) sprache parameters in the main portion of the portal, the (3) suchstring field in suchForm in the main portion of the portal, the (4) GaleryKey and (5) Breadcrumbs parameters in the gallerie module, and the (6) GGBNSaction parameter in the ggbns module. | ||||
| CVE-2006-4427 | 1 Efiction | 1 Efiction | 2026-04-16 | N/A |
| index.php in eFiction before 2.0.7 allows remote attackers to bypass authentication and gain privileges by setting the (1) adminloggedin, (2) loggedin, and (3) level parameters to "1". | ||||