ReportizFlow
Filtered by vendor
Subscriptions
Total
29930 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-0538 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| LaunchServices in Mac OS X 10.3.4 and 10.2.8 automatically registers and executes new applications, which could allow attackers to execute arbitrary code without warning the user. | ||||
| CVE-2003-1510 | 1 Rit Research Labs | 1 Tinyweb | 2026-04-16 | N/A |
| TinyWeb 1.9 allows remote attackers to cause a denial of service (CPU consumption) via a ".%00." in an HTTP GET request to the cgi-bin directory. | ||||
| CVE-2004-0712 | 1 Bea | 1 Weblogic Server | 2026-04-16 | N/A |
| The configuration tools (1) config.sh in Unix or (2) config.cmd in Windows for BEA WebLogic Server 8.1 through SP2 create a log file that contains the administrative username and password in cleartext, which could allow local users to gain privileges. | ||||
| CVE-2004-0717 | 3 Linux, Microsoft, Opera | 3 Linux Kernel, Windows, Opera Browser | 2026-04-16 | N/A |
| Opera 7.51 for Windows and 7.50 for Linux does not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability. | ||||
| CVE-2001-1396 | 2 Linux, Redhat | 2 Linux Kernel, Linux | 2026-04-16 | N/A |
| Unknown vulnerabilities in strnlen_user for Linux kernel before 2.2.19, with unknown impact. | ||||
| CVE-2003-1516 | 1 Sun | 1 Java Plug-in | 2026-04-16 | N/A |
| The org.apache.xalan.processor.XSLProcessorVersion class in Java Plug-in 1.4.2_01 allows signed and unsigned applets to share variables, which violates the Java security model and could allow remote attackers to read or write data belonging to a signed applet. | ||||
| CVE-2004-0032 | 1 Phpgedview | 1 Phpgedview | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in search.php in PHPGEDVIEW 2.61 allows remote attackers to inject arbitrary HTML and web script via the firstname parameter. | ||||
| CVE-2004-0033 | 1 Phpgedview | 1 Phpgedview | 2026-04-16 | N/A |
| admin.php in PHPGEDVIEW 2.61 allows remote attackers to obtain sensitive information via an action parameter with a phpinfo command. | ||||
| CVE-2001-0557 | 1 T. Hauck | 1 Jana Web Server | 2026-04-16 | N/A |
| T. Hauck Jana Webserver 1.46 and earlier allows a remote attacker to view arbitrary files via a '..' (dot dot) attack which is URL encoded (%2e%2e). | ||||
| CVE-2005-0566 | 1 Kmint21 Software | 1 Golden Ftp Server | 2026-04-16 | N/A |
| Buffer overflow in Golden FTP Server Pro (goldenftpd) 2.x allows remote attackers to execute arbitrary code via a long RNTO command. | ||||
| CVE-2001-0561 | 1 Drummond Miles | 1 A1stats | 2026-04-16 | N/A |
| Directory traversal vulnerability in Drummond Miles A1Stats prior to 1.6 allows a remote attacker to read arbitrary files via a '..' (dot dot) attack in (1) a1disp2.cgi, (2) a1disp3.cgi, or (3) a1disp4.cgi. | ||||
| CVE-2004-0980 | 3 Angus Mackay, Debian, Gentoo | 3 Ez-ipupdate, Debian Linux, Linux | 2026-04-16 | N/A |
| Format string vulnerability in ez-ipupdate.c for ez-ipupdate 3.0.10 through 3.0.11b8, when running in daemon mode with certain service types in use, allows remote servers to execute arbitrary code. | ||||
| CVE-2005-1734 | 1 Electricmonk | 1 Proms | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in PROMS before 0.11 allow remote attackers to execute arbitrary SQL commands via unknown vectors. | ||||
| CVE-2004-1177 | 2 Gnu, Redhat | 2 Mailman, Enterprise Linux | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the driver script in mailman before 2.1.5 allows remote attackers to inject arbitrary web script or HTML via a URL, which is not properly escaped in the resulting error page. | ||||
| CVE-2004-1277 | 1 Iglooftp | 1 Iglooftp | 2026-04-16 | N/A |
| The download_selection_recursive() function in ftplist.c for IglooFTP 0.6.1 allows remote malicious FTP servers to overwrite arbitrary files via filenames that contain / (slash) characters. | ||||
| CVE-2004-1359 | 1 Sun | 2 Solaris, Sunos | 2026-04-16 | N/A |
| Multiple buffer overflows in uucp for Sun Solaris 2.6, 7, 8, and 9 allow local users to execute arbitrary code as the uucp user. | ||||
| CVE-2001-0584 | 1 Alt-n | 1 Mdaemon | 2026-04-16 | N/A |
| IMAP server in Alt-N Technologies MDaemon 3.5.6 allows a local user to cause a denial of service (hang) via long (1) SELECT or (2) EXAMINE commands. | ||||
| CVE-2004-1388 | 1 Berlios | 1 Gps Daemon | 2026-04-16 | N/A |
| Format string vulnerability in the gpsd_report function for BerliOS GPD daemon (gpsd, formerly pygps) 1.9.0 through 2.7 allows remote attackers to execute arbitrary code via certain GPS requests containing format string specifiers that are not properly handled in syslog calls. | ||||
| CVE-2001-0585 | 1 Gordano | 1 Ntmail | 2026-04-16 | N/A |
| Gordano NTMail 6.0.3c allows a remote attacker to create a denial of service via a long (>= 255 characters) URL request to port 8000 or port 9000. | ||||
| CVE-2004-1425 | 1 Moodle | 1 Moodle | 2026-04-16 | N/A |
| Directory traversal vulnerability in file.php in Moodle 1.4.2 and earlier allows remote attackers to read arbitrary session files for known session IDs via a .. (dot dot) in the file parameter. | ||||