ReportizFlow
Filtered by vendor
Subscriptions
Total
29918 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-1999-1233 | 1 Microsoft | 1 Internet Information Server | 2026-04-16 | N/A |
| IIS 4.0 does not properly restrict access for the initial session request from a user's IP address if the address does not resolve to a DNS domain, aka the "Domain Resolution" vulnerability. | ||||
| CVE-2005-3332 | 1 Belchior Foundry | 1 Vcard | 2026-04-16 | N/A |
| PHP remote file include vulnerability in admin/define.inc.php in Belchior Foundry vCard 2.9 allows remote attackers to execute arbitrary PHP code via the match parameter. | ||||
| CVE-2006-3379 | 1 Hiki Wiki | 1 Hiki Wiki | 2026-04-16 | N/A |
| Algorithmic complexity vulnerability in Hiki Wiki 0.6.0 through 0.6.5 and 0.8.0 through 0.8.5 allows remote attackers to cause a denial of service (CPU consumption) by performing a diff between large, crafted pages that trigger the worst case. | ||||
| CVE-2006-3380 | 1 Freestyle | 1 Freestyle Wiki | 2026-04-16 | N/A |
| Algorithmic complexity vulnerability in FreeStyle Wiki before 3.6.2 allows remote attackers to cause a denial of service (CPU consumption) by performing a diff between large, crafted pages that trigger the worst case. | ||||
| CVE-2006-3386 | 1 Vincent Leclercq | 1 News | 2026-04-16 | N/A |
| index.php in Vincent Leclercq News 5.2 allows remote attackers to obtain sensitive information, such as the installation path, via a mail[] parameter with invalid values. | ||||
| CVE-2006-3387 | 1 Fusionphp | 1 Fusion News | 2026-04-16 | N/A |
| Directory traversal vulnerability in sources/post.php in Fusion News 1.0, when register_globals is enabled, allows remote attackers to include arbitrary files via a .. (dot dot) sequence in the fil_config parameter, which can be used to execute PHP code that has been injected into a log file. | ||||
| CVE-2005-3370 | 1 Arcavir | 1 Arcavir 2005 | 2026-04-16 | N/A |
| Multiple interpretation error in ArcaVir 2005 package 2005-06-21 allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a dangerous file type by applications on the end system, as demonstrated by a "triple headed" program that contains EXE, EML, and HTML content, aka the "magic byte bug." | ||||
| CVE-2005-3375 | 1 Ikarus | 1 Ikarus Antivirus | 2026-04-16 | N/A |
| Multiple interpretation error in Ikarus demo version allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a dangerous file type by applications on the end system, as demonstrated by a "triple headed" program that contains EXE, EML, and HTML content, aka the "magic byte bug." | ||||
| CVE-2006-2285 | 1 Dokeos | 1 Open Source Learning And Knowledge Management Tool | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in authldap.php in Dokeos 1.6.4 allows remote attackers to execute arbitrary PHP code via a URL in the includePath parameter. | ||||
| CVE-2006-3403 | 2 Redhat, Samba | 2 Enterprise Linux, Samba | 2026-04-16 | N/A |
| The smdb daemon (smbd/service.c) in Samba 3.0.1 through 3.0.22 allows remote attackers to cause a denial of service (memory consumption) via a large number of share connection requests. | ||||
| CVE-1999-1323 | 1 Symantec | 1 Norton Antivirus | 2026-04-16 | N/A |
| Norton AntiVirus for Internet Email Gateways (NAVIEG) 1.0.1.7 and earlier, and Norton AntiVirus for MS Exchange (NAVMSE) 1.5 and earlier, store the administrator password in cleartext in (1) the navieg.ini file for NAVIEG, and (2) the ModifyPassword registry key in NAVMSE. | ||||
| CVE-2006-3409 | 1 Tor | 1 Tor | 2026-04-16 | N/A |
| Integer overflow in Tor before 0.1.1.20 allows remote attackers to execute arbitrary code via crafted large inputs, which result in a buffer overflow when elements are added to smartlists. | ||||
| CVE-2006-3415 | 1 Tor | 1 Tor | 2026-04-16 | N/A |
| Tor before 0.1.1.20 uses improper logic to validate the "OR" destination, which allows remote attackers to perform a man-in-the-middle (MITM) attack via unspecified vectors. | ||||
| CVE-2005-3418 | 1 Phpbb Group | 1 Phpbb | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in phpBB 2.0.17 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) error_msg parameter to usercp_register.php, (2) forward_page parameter to login.php, and (3) list_cat parameter to search.php, which are not initialized as variables. | ||||
| CVE-2005-3422 | 1 10-4 Aps | 1 Asp Fast Forum | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in error.asp in ASP Fast Forum allows remote attackers to inject arbitrary web script or HTML via the error parameter. | ||||
| CVE-1999-1353 | 1 Nosque | 1 Msgcore | 2026-04-16 | N/A |
| Nosque MsgCore 2.14 stores passwords in cleartext: (1) the administrator password in the AdmPasswd registry key, and (2) user passwords in the Userbase.dbf data file, which could allow local users to gain privileges. | ||||
| CVE-2006-3422 | 1 Wonderedit | 1 Wonderedit Pro Cms | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in WonderEdit Pro CMS allows remote attackers to execute arbitrary PHP code via the config[template_path] parameter in user_bottom.php, as used by multiple templates including (1) rwb (template/rwb/user_bottom.php), (2) gwb (template/rwb/user_bottom.php, (3) blues, (4) bluwhi, and (5) grns. | ||||
| CVE-1999-1420 | 1 N-base | 5 Nh2012, Nh2012r, Nh2015 and 2 more | 2026-04-16 | N/A |
| NBase switches NH2012, NH2012R, NH2015, and NH2048 have a back door password that cannot be disabled, which allows remote attackers to modify the switch's configuration. | ||||
| CVE-2006-2391 | 1 Emc | 1 Retrospect Client | 2026-04-16 | N/A |
| Buffer overflow in EMC Retrospect Client 5.1 through 7.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted packet to port 497. | ||||
| CVE-2006-2401 | 1 Outgun | 1 Outgun | 2026-04-16 | N/A |
| The leetnet functions (leetnet/rudp.cpp) in Outgun 1.0.3 bot 2 and earlier allow remote attackers to cause a denial of service (application crash) via packets with incorrect message sizes, which triggers a buffer over-read. | ||||