ReportizFlow
Filtered by vendor
Subscriptions
Total
29925 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-1999-0860 | 1 Sun | 2 Solaris, Sunos | 2026-04-16 | N/A |
| Solaris chkperm allows local users to read files owned by bin via the VMSYS environmental variable and a symlink attack. | ||||
| CVE-2002-0329 | 1 Snitz Communications | 1 Snitz Forums 2000 | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in Snitz Forums 2000 3.3.03 and earlier allows remote attackers to execute arbitrary script as other Forums 2000 users via Javascript in an IMG tag. | ||||
| CVE-2002-0338 | 1 Ritlabs | 1 The Bat | 2026-04-16 | N/A |
| The Bat! 1.53d and 1.54beta, and possibly other versions, allows remote attackers to cause a denial of service (crash) via an attachment whose name includes an MS-DOS device name. | ||||
| CVE-2002-0347 | 1 Sun | 3 Cobalt Raq 2, Cobalt Raq 3i, Cobalt Raq 4 | 2026-04-16 | N/A |
| Directory traversal vulnerability in Cobalt RAQ 4 allows remote attackers to read password-protected files, and possibly files outside the web root, via a .. (dot dot) in an HTTP request. | ||||
| CVE-2005-0648 | 1 Pixel-apes Group | 1 Safehtml | 2026-04-16 | N/A |
| Multiple vulnerabilities in Pixel-Apes SafeHTML before 1.3.0 allow remote attackers to bypass cross-site scripting (XSS) protection via (1) "decimal HTML entities" or (2) "the \x00 symbol." | ||||
| CVE-2000-0447 | 1 Network Associates | 1 Webshield | 2026-04-16 | N/A |
| Buffer overflow in WebShield SMTP 4.5.44 allows remote attackers to execute arbitrary commands via a long configuration parameter to the WebShield remote management service. | ||||
| CVE-2002-0358 | 1 Sgi | 1 Mediamail | 2026-04-16 | N/A |
| MediaMail and MediaMail Pro in SGI IRIX 6.5.16 and earlier allows local users to force the program to dump core via certain arguments, which could allow the users to read sensitive data or gain privileges. | ||||
| CVE-2002-0386 | 1 Oracle | 1 Application Server | 2026-04-16 | N/A |
| The administration module for Oracle Web Cache in Oracle9iAS (9i Application Suite) 9.0.2 allows remote attackers to cause a denial of service (crash) via (1) an HTTP GET request containing a ".." (dot dot) sequence, or (2) a malformed HTTP GET request with a chunked Transfer-Encoding with missing data. | ||||
| CVE-2002-0377 | 1 Rob Flynn | 1 Gaim | 2026-04-16 | N/A |
| Gaim 0.57 stores sensitive information in world-readable and group-writable files in the /tmp directory, which allows local users to access MSN web email accounts of other users who run Gaim by reading authentication information from the files. | ||||
| CVE-2005-0715 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| AFP Server in Mac OS X before 10.3.8 uses insecure permissions for "Drop Boxes," which allows local users to read the contents of a Drop Box. | ||||
| CVE-2006-4634 | 1 Vbzoom | 1 Vbzoom | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in VBZooM allows remote attackers to inject arbitrary web script or HTML via the UserID parameter, a different vector than CVE-2006-1133 and CVE-2005-2441. | ||||
| CVE-2005-0737 | 1 Yahoo | 1 Messenger | 2026-04-16 | N/A |
| Buffer overflow in Yahoo! Messenger allows remote attackers to execute arbitrary code via the offline mode. | ||||
| CVE-2006-4657 | 1 Panda | 1 Panda Platinum Internet Security | 2026-04-16 | N/A |
| Panda Platinum Internet Security 2006 10.02.01 and 2007 11.00.00 stores service executables under the product's installation directory with weak permissions, which allows local users to obtain LocalSystem privileges by modifying (1) WebProxy.exe or (2) PAVSRV51.EXE. | ||||
| CVE-2002-0396 | 1 Red-m | 1 1050ap Lan Acess Point | 2026-04-16 | N/A |
| The web management server for Red-M 1050 (Bluetooth Access Point) does not use session-based credentials to authenticate users, which allows attackers to connect to the server from the same IP address as a user who has already established a session. | ||||
| CVE-2005-0831 | 1 Php-post | 1 Php-post Web Forum | 2026-04-16 | N/A |
| PHP-Post allows remote attackers to spoof the names of other users by registering with a username containing hex-encoded characters. | ||||
| CVE-2002-0402 | 2 Ethereal Group, Redhat | 4 Ethereal, Enterprise Linux, Linux and 1 more | 2026-04-16 | N/A |
| Buffer overflow in X11 dissector in Ethereal 0.9.3 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code while Ethereal is parsing keysyms. | ||||
| CVE-2006-4665 | 1 Mkportal | 1 Mkportal | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in MKPortal M1.1 Rc1 allows remote attackers to inject arbitrary web script or HTML via the ind parameter, possibly related to the PHP_SELF variable. NOTE: Some details are obtained from third party information. | ||||
| CVE-2004-1102 | 1 Tips | 1 Mailpost | 2026-04-16 | N/A |
| MailPost 5.1.1sv, and possibly earlier versions, displays a different error message depending on whether the requested file exists or not, which allows remote attackers to gain sensitive information. | ||||
| CVE-2002-0405 | 1 Transsoft | 1 Broker Ftp Server | 2026-04-16 | N/A |
| Buffer overflow in Transsoft Broker FTP Server 5.0 evaluation allows remote attackers to cause a denial of service and possibly execute arbitrary code via a CWD command with a large number of . (dot) characters. | ||||
| CVE-2002-0406 | 1 Menasoft | 1 Sphereserver | 2026-04-16 | N/A |
| Menasoft SPHERE server 0.99x and 0.5x allows remote attackers to cause a denial of service by establishing a large number of connections to the server without providing login credentials, which prevents other users from being able to log in. | ||||