ReportizFlow
Filtered by vendor
Subscriptions
Total
29923 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-2388 | 1 Microsoft | 7 Windows 2000, Windows 2003 Server, Windows 95 and 4 more | 2026-04-16 | N/A |
| Buffer overflow in a certain USB driver, as used on Microsoft Windows, allows attackers to execute arbitrary code. | ||||
| CVE-2005-2396 | 1 Mediawiki | 1 Mediawiki | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in MediaWiki 1.4.6 and earlier allows remote attackers to inject arbitrary web script or HTML via a parameter to the page move template. | ||||
| CVE-2005-2419 | 1 Eci Telecom | 1 B-focus Router | 2026-04-16 | N/A |
| B-FOCuS Router 312+ allows remote attackers to bypass authentication and gain unauthorized access via a direct request to firmwarecfg. | ||||
| CVE-2005-1658 | 1 Myserver | 1 Myserver | 2026-04-16 | N/A |
| Directory traversal vulnerability in filemanager.cpp in MyServer 0.8 allows remote attackers to list the parent directory of the web root via a URL with a "..." (triple dot). | ||||
| CVE-2006-0335 | 1 Kerio | 1 Winroute Firewall | 2026-04-16 | N/A |
| Multiple unspecified vulnerabilities in Kerio WinRoute Firewall before 6.1.4 Patch 1 allow remote attackers to cause a denial of service via multiple unspecified vectors involving (1) long strings received from Active Directory and (2) the filtering of HTML. | ||||
| CVE-2006-0345 | 1 Saral Kaushik | 1 Saralblog | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in SaralBlog 1.0 allow remote attackers to execute arbitrary SQL commands via the search parameter to search.php. NOTE: the id/viewprofile.php issue is already covered by CVE-2005-4058. | ||||
| CVE-2004-1087 | 1 Apple | 4 Darwin Streaming Server, Mac Os X, Mac Os X Server and 1 more | 2026-04-16 | N/A |
| Terminal for Apple Mac OS X 10.3.6 may indicate that "Secure Keyboard Entry" is enabled even when it is not, which could result in a false sense of security for the user. | ||||
| CVE-2005-4603 | 1 Mybulletinboard | 1 Mybulletinboard | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in printthread.php in MyBB 1.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via a thread message, which is not properly sanitized in the print view of the thread. | ||||
| CVE-2006-1080 | 1 Game-panel | 1 Game-panel | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in login.php in Game-Panel 2.6.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the message parameter, possibly requiring a URL encoded value. | ||||
| CVE-2006-1112 | 1 Aztek Forum | 1 Aztek Forum | 2026-04-16 | N/A |
| Aztek Forum 4.0 allows remote attackers to obtain sensitive information via a long login value in a register form, which displays the installation path in a MySQL error message. | ||||
| CVE-2005-4643 | 1 Antharia | 1 Oncontent Cms | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php in Antharia OnContent // CMS allows remote attackers to execute arbitrary SQL commands via the pid parameter. NOTE: it is not clear, but this might be an application service provider, in which case it might be excluded from CVE. | ||||
| CVE-2006-1123 | 1 D2ksoft | 1 D2kblog | 2026-04-16 | N/A |
| SQL injection vulnerability in D2KBlog 1.0.3 and earlier allows remote attackers to execute arbitrary SQL commands via the memName parameter in a cookie. | ||||
| CVE-2006-1128 | 1 Gallery Project | 1 Gallery | 2026-04-16 | N/A |
| Directory traversal vulnerability in the session handling class (GallerySession.class) in Gallery 2 up to 2.0.2 allows remote attackers to access and delete files by specifying the session in a cookie, which is used in constructing file paths before the session value is sanitized. | ||||
| CVE-2006-1140 | 1 Redblog | 1 Redblog | 2026-04-16 | N/A |
| SQL injection vulnerability in rss.php in RedBLoG 0.5 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter. | ||||
| CVE-2006-1142 | 1 Solido Systems | 1 Ravenous Web Server | 2026-04-16 | N/A |
| Unspecified vulnerability in Ravenous Web Server before 0.7.1 allows remote attackers to access arbitrary rvplg files, with unknown impact. | ||||
| CVE-2006-1166 | 1 Monotone | 1 Monotone | 2026-04-16 | N/A |
| Monotone 0.25 and earlier, when a user creates a file in a directory called "mt", and when checking out that file on a case-insensitive file system such as Windows or Mac OS X, places the file into the "MT" bookkeeping directory, which could allow context-dependent attackers to execute arbitrary Lua programs as the user running monotone. | ||||
| CVE-2006-1182 | 1 Adobe | 2 Document Server, Graphics Server | 2026-04-16 | N/A |
| Adobe Graphics Server 2.0 and 2.1 (formerly AlterCast) and Adobe Document Server (ADS) 5.0 and 6.0 allows local users to read files with certain extensions or overwrite arbitrary files and execute code via a crafted SOAP request to the AlterCast web service in which the request uses the (1) saveContent or (2) saveOptimized ADS commands, or the (3) loadContent command. | ||||
| CVE-2004-1107 | 1 Gentoo | 1 Linux | 2026-04-16 | N/A |
| dispatch-conf in Portage 2.0.51-r2 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files. | ||||
| CVE-2006-1203 | 1 Txtforum | 1 Txtforum | 2026-04-16 | N/A |
| PHP remote file include vulnerability in common.php in txtForum 1.0.4-dev and earlier allows remote attackers to include and execute arbitrary PHP code via a URL in the skin parameter to login.php, and possibly other parameters to other PHP scripts, related to include statements in common.php. | ||||
| CVE-2004-1962 | 1 Protector System | 1 Protector System | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php in Protector System 1.15b1 allows remote attackers to bypass SQL injection filters by using "/**/" sequences in the targeted fields. | ||||