ReportizFlow
Filtered by vendor
Subscriptions
Total
29925 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2000-0329 | 1 Microsoft | 4 Ie, Internet Explorer, Outlook and 1 more | 2026-04-16 | N/A |
| A Microsoft ActiveX control allows a remote attacker to execute a malicious cabinet file via an attachment and an embedded script in an HTML mail, aka the "Active Setup Control" vulnerability. | ||||
| CVE-1999-1039 | 1 Sgi | 1 Irix | 2026-04-16 | N/A |
| Vulnerability in (1) diskalign and (2) diskperf in IRIX 6.4 patches 2291 and 2848 allow a local user to create root-owned files leading to a root compromise. | ||||
| CVE-2005-1629 | 1 Photopost | 1 Photopost Php Pro | 2026-04-16 | N/A |
| SQL injection vulnerability in member.php for Photopost PHP Pro allows remote attackers to execute arbitrary SQL commands via the verifykey parameter. | ||||
| CVE-2000-0334 | 1 Allaire | 1 Spectra | 2026-04-16 | N/A |
| The Allaire Spectra container editor preview tool does not properly enforce object security, which allows an attacker to conduct unauthorized activities via an object-method that is added to the container object with a publishing rule. | ||||
| CVE-2000-0355 | 3 Bent Bagger, Redhat, Suse | 3 Pbpg, Linux, Suse Linux | 2026-04-16 | N/A |
| pg and pb in SuSE pbpg 1.x package allows an attacker to read arbitrary files. | ||||
| CVE-2000-0381 | 1 Gossamer Threads | 1 Dbman | 2026-04-16 | N/A |
| The Gossamer Threads DBMan db.cgi CGI script allows remote attackers to view environmental variables and setup information by referencing a non-existing database in the db parameter. | ||||
| CVE-2000-0414 | 1 Hp | 2 Hp-ux, Vvos | 2026-04-16 | N/A |
| Vulnerability in shutdown command for HP-UX 11.X and 10.X allows allows local users to gain privileges via malformed input variables. | ||||
| CVE-2004-0944 | 1 Mitel | 1 Mitel 3300 Integrated Communication Platform | 2026-04-16 | N/A |
| The web management interface for Mitel 3300 Integrated Communications Platform (ICP) before 4.2.2.11 generates easily predictable web session IDs, which allows remote attackers to hijack other sessions via the parentsessionid cookie. | ||||
| CVE-2006-0626 | 1 Spip | 1 Spip | 2026-04-16 | N/A |
| SQL injection vulnerability in spip_acces_doc.php3 in SPIP 1.8.2g and earlier allows remote attackers to execute arbitrary SQL commands via the file parameter. | ||||
| CVE-2006-1802 | 1 Tinywebgallery | 1 Tinywebgallery | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in TinyWebGallery 1.3 and 1.4 allows remote attackers to inject arbitrary web script or HTML via the twg_album parameter. | ||||
| CVE-2000-0427 | 1 Aladdin Knowledge Systems | 1 Etoken | 2026-04-16 | N/A |
| The Aladdin Knowledge Systems eToken device allows attackers with physical access to the device to obtain sensitive information without knowing the PIN of the owner by resetting the PIN in the EEPROM. | ||||
| CVE-2000-0433 | 1 Suse | 1 Suse Linux | 2026-04-16 | N/A |
| The SuSE aaa_base package installs some system accounts with home directories set to /tmp, which allows local users to gain privileges to those accounts by creating standard user startup scripts such as profiles. | ||||
| CVE-2006-0699 | 1 David Barrett | 1 Qwikiwiki | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in search.php in QWikiWiki 1.5, and possibly 1.5.1 and other versions, allows remote attackers to inject arbitrary web script or HTML via the query parameter. | ||||
| CVE-2006-0703 | 1 Imagevue | 1 Imagevue | 2026-04-16 | N/A |
| Unspecified vulnerability in index.php in imageVue 16.1 has unknown impact, probably a cross-site scripting (XSS) vulnerability involving the query string that is not quoted when inserted into style and body tags, as demonstrated using a bgcol parameter. | ||||
| CVE-2006-0731 | 1 Sap | 1 Business Connector | 2026-04-16 | N/A |
| WmRoot/adapter-index.dsp in SAP Business Connector Core Fix 7 and earlier allows remote attackers to conduct spoofing (phishing) attacks via an absolute URL in the url parameter, which loads the URL inside a frame. | ||||
| CVE-2000-0486 | 1 Cisco | 2 Ios, Tacacs\+ | 2026-04-16 | N/A |
| Buffer overflow in Cisco TACACS+ tac_plus server allows remote attackers to cause a denial of service via a malformed packet with a long length field. | ||||
| CVE-2006-2514 | 1 Coppermine | 1 Coppermine Photo Gallery | 2026-04-16 | N/A |
| Coppermine galleries before 1.4.6, when running on Apache with mod_mime installed, allows remote attackers to upload arbitrary files via a filename with multiple file extensions. | ||||
| CVE-2000-0521 | 1 Michael Lamont | 1 Savant Webserver | 2026-04-16 | N/A |
| Savant web server allows remote attackers to read source code of CGI scripts via a GET request that does not include the HTTP version number. | ||||
| CVE-2006-0769 | 1 Sun | 1 Solaris | 2026-04-16 | N/A |
| Unspecified vulnerability in in.rexecd in Solaris 10 allows local users to gain privileges on Kerberos systems via unknown attack vectors. | ||||
| CVE-2005-1183 | 1 Mvnforum | 1 Mvnforum | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in mvnForum 1.0 RC4 allows remote attackers to inject arbitrary web script or HTML via the Search parameter. | ||||