ReportizFlow
Filtered by vendor
Subscriptions
Total
29930 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-2013 | 2 Mozilla, Netscape | 3 Mozilla, Communicator, Navigator | 2026-04-16 | N/A |
| Mozilla 0.9.6 and earlier and Netscape 6.2 and earlier allows remote attackers to steal cookies from another domain via a link with a hex-encoded null character (%00) followed by the target domain. | ||||
| CVE-2002-2018 | 1 Sas | 2 Base, Integration Technologies | 2026-04-16 | N/A |
| sastcpd in SAS/Base 8.0 might allow local users to gain privileges by setting the netencralg environment variable, which causes a segmentation fault. | ||||
| CVE-2002-2047 | 1 Sketch | 1 Sketch | 2026-04-16 | N/A |
| The file preview functionality in Sketch 0.6.12 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the filename of an encapsulated Postscript (EPS) file. | ||||
| CVE-2002-2123 | 1 Gallery Project | 1 Gallery | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in publish_xp_docs.php for Gallery 1.3.2 allows remote attackers to inject arbitrary PHP code by specifying a URL to an init.php file in the GALLERY_BASEDIR parameter. | ||||
| CVE-2006-2228 | 1 W-agora | 1 W-agora | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in w-Agora (aka Web-Agora) 4.2.0 allows remote attackers to inject arbitrary web script or HTML via a post with a BBCode tag that contains a JavaScript event name followed by whitespace before the '=' (equals) character, which bypasses a restrictive regular expression that attempts to remove onmouseover and other events. | ||||
| CVE-2002-2152 | 1 Software602 | 1 602pro Lan Suite | 2026-04-16 | N/A |
| The Czech edition of Software602's Web Server before 2002.0.02.0916 allows remote attackers to gain administrator privileges via direct HTTP requests to the /admin/ directory, which is not password protected. | ||||
| CVE-2006-2231 | 1 Big Webmaster | 1 Big Webmaster Guestbook Script | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in addguest.cgi in Big Webmaster Guestbook Script 1.02 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) mail, (2) site, (3) city, (4) state, (5) country, and possibly (6) name fields, which are viewed via viewguest.cgi. | ||||
| CVE-2002-2219 | 1 Chetcpasswd | 1 Chetcpasswd | 2026-04-16 | N/A |
| chetcpasswd.cgi in Pedro Lineu Orso chetcpasswd before 2.1 allows remote attackers to read the last line of the shadow file via a long user (userid) field. | ||||
| CVE-2005-0495 | 1 Zeroboard | 1 Zeroboard | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in ZeroBoard allows remote attackers to inject arbitrary web script or HTML via the (1) sn1, (2) year, or (3) page parameter to zboard.php or (4) filename to view_image.php. | ||||
| CVE-2005-0497 | 1 Adp | 1 Elite System Max 9000 | 2026-04-16 | N/A |
| ADP Elite System Max 9000 allows remote authenticated users to gain privileges by uploading a .profile that sets the ADPROOT environment variable to the root directory. | ||||
| CVE-2003-0031 | 1 Mcrypt | 1 Libmcrypt | 2026-04-16 | N/A |
| Multiple buffer overflows in libmcrypt before 2.5.5 allow attackers to cause a denial of service (crash). | ||||
| CVE-2005-0498 | 1 Gigafast Ethernet | 1 Gigafast Router | 2026-04-16 | N/A |
| Gigafast router (aka CompUSA router) allows remote attackers to gain sensitive information and bypass the login page via a direct request to backup.cfg, which reveals the administrator password in plaintext. | ||||
| CVE-2006-2232 | 1 Scriptsez | 1 Cute Guestbook | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Scriptsez Cute Guestbook 20060211 allows remote attackers to inject arbitrary web script or HTML via the Comments field when signing the guestbook. | ||||
| CVE-2003-0127 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Linux | 2026-04-16 | N/A |
| The kernel module loader in Linux kernel 2.2.x before 2.2.25, and 2.4.x before 2.4.21, allows local users to gain root privileges by using ptrace to attach to a child process that is spawned by the kernel. | ||||
| CVE-2005-0499 | 1 Gigafast Ethernet | 1 Gigafast Router | 2026-04-16 | N/A |
| Gigafast router (aka CompUSA router) with the DNS proxy option enabled allows remote attackers to cause a denial of service via malformed DNS queries. | ||||
| CVE-2006-2237 | 1 Awstats | 1 Awstats | 2026-04-16 | N/A |
| The web interface for AWStats 6.4 and 6.5, when statistics updates are enabled, allows remote attackers to execute arbitrary code via shell metacharacters in the migrate parameter. | ||||
| CVE-2005-0501 | 1 Digipen Institute Of Technology | 1 Bontago | 2026-04-16 | N/A |
| Buffer overflow in Bontago 1.1 and earlier allows remote attackers to execute arbitrary code via a long nickname. | ||||
| CVE-2004-0007 | 3 Redhat, Rob Flynn, Ultramagnetic | 4 Enterprise Linux, Linux, Gaim and 1 more | 2026-04-16 | N/A |
| Buffer overflow in the Extract Info Field Function for (1) MSN and (2) YMSG protocol handlers in Gaim 0.74 and earlier, and Ultramagnetic before 0.81, allows remote attackers to cause a denial of service and possibly execute arbitrary code. | ||||
| CVE-2004-0034 | 1 Phorum | 1 Phorum | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Phorum 3.4.5 and earlier allow remote attackers to inject arbitrary HTML or web script via (1) the phorum_check_xss function in common.php, (2) the EditError variable in profile.php, and (3) the Error variable in login.php. | ||||
| CVE-2001-0357 | 1 Matt Wright | 1 Formmail | 2026-04-16 | N/A |
| FormMail.pl in FormMail 1.6 and earlier allows a remote attacker to send anonymous email (spam) by modifying the recipient and message parameters. | ||||