ReportizFlow
Filtered by vendor
Subscriptions
Total
29916 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-1632 | 1 Tavis Rudd | 1 Cheetah | 2026-04-16 | N/A |
| Cheetah 0.9.15 and 0.9.16 searches the /tmp directory for modules before using the paths in the PYTHONPATH variable, which allows local users to execute arbitrary code via a malicious module in /tmp/. | ||||
| CVE-2003-0357 | 2 Ethereal Group, Redhat | 3 Ethereal, Enterprise Linux, Linux | 2026-04-16 | N/A |
| Multiple integer overflow vulnerabilities in Ethereal 0.9.11 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) Mount and (2) PPP dissectors. | ||||
| CVE-2003-0378 | 1 Apple | 1 Mac Os X | 2026-04-16 | N/A |
| The Kerberos login authentication feature in Mac OS X, when used with an LDAPv3 server and LDAP bind authentication, may send cleartext passwords to the LDAP server when the AuthenticationAuthority attribute is not set. | ||||
| CVE-2003-0389 | 1 Rsa | 1 Ace Agent | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the secure redirect function of RSA ACE/Agent 5.0 for Windows, and 5.x for Web, allows remote attackers to insert arbitrary web script and possibly cause users to enter a passphrase via a GET request containing the script. | ||||
| CVE-2005-2859 | 1 Savant | 1 Savant Webserver | 2026-04-16 | N/A |
| Savant Web Server stores user credentials in plaintext in the Savant\Users registry key, which allows local users to gain privileges. | ||||
| CVE-2003-0391 | 1 Amax Information Technologies | 1 Magic Winmail Server | 2026-04-16 | N/A |
| Format string vulnerability in Magic WinMail Server 2.3, and possibly other 2.x versions, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in the PASS command. | ||||
| CVE-2003-0400 | 1 Vignette | 3 Content Suite, Storyserver, Vignette | 2026-04-16 | N/A |
| Vignette StoryServer and Vignette V/5 does not properly calculate the size of text variables, which causes Vignette to return unauthorized portions of memory, as demonstrated using the "-->" string in a CookieName argument to the login template, referred to as a "memory leak" in some reports. | ||||
| CVE-2003-0434 | 4 Adobe, Mandrakesoft, Redhat and 1 more | 7 Acrobat, Mandrake Linux, Mandrake Linux Corporate Server and 4 more | 2026-04-16 | N/A |
| Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to execute arbitrary commands via shell metacharacters in an embedded hyperlink. | ||||
| CVE-2004-0604 | 2 Gentoo, Gift-fasttrack | 2 Linux, Gift-fasttrack | 2026-04-16 | N/A |
| The HTTP client and server in giFT-FastTrack 0.8.6 and earlier allows remote attackers to cause a denial of service (crash), possibly via an empty search query, which triggers a NULL dereference. | ||||
| CVE-2004-0609 | 1 Rssh | 1 Rssh | 2026-04-16 | N/A |
| rssh 2.0 through 2.1.x expands command line arguments before entering a chroot jail, which allows remote authenticated users to determine the existence of files in a directory outside the jail. | ||||
| CVE-2004-0627 | 1 Mysql | 1 Mysql | 2026-04-16 | N/A |
| The check_scramble_323 function in MySQL 4.1.x before 4.1.3, and 5.0, allows remote attackers to bypass authentication via a zero-length scrambled string. | ||||
| CVE-2003-0462 | 3 Linux, Mandrakesoft, Redhat | 6 Linux Kernel, Mandrake Linux, Mandrake Linux Corporate Server and 3 more | 2026-04-16 | N/A |
| A race condition in the way env_start and env_end pointers are initialized in the execve system call and used in fs/proc/base.c on Linux 2.4 allows local users to cause a denial of service (crash). | ||||
| CVE-2002-0705 | 1 Surfcontrol | 2 Superscout Web Filter, Web Filter | 2026-04-16 | N/A |
| The Web Reports Server for SurfControl SuperScout WebFilter stores the "scwebusers" username and password file in a web-accessible directory, which allows remote attackers to obtain valid usernames and crack the passwords. | ||||
| CVE-2005-4781 | 1 Sergids | 1 Top Music Module | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in SergiDs Top Music module 3.0 PR3 and earlier for PHP-Nuke allow remote attackers to execute arbitrary SQL commands via the (1) idartist, (2) idsong, and (3) idalbum parameters to modules.php. | ||||
| CVE-2006-2799 | 1 Toenda Software Development | 1 Toendacms | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in content_footer.php in toendaCMS 0.7.0 allows remote attackers to inject arbitrary web scripts or HTML via the print_url variable. NOTE: the provenance of this information is unknown; the details are obtained solely from third party sources. | ||||
| CVE-2002-0727 | 1 Microsoft | 2 Office Web Components, Project | 2026-04-16 | N/A |
| The Host function in Microsoft Office Web Components (OWC) 2000 and 2002 is exposed in components that are marked as safe for scripting, which allows remote attackers to execute arbitrary commands via the setTimeout method. | ||||
| CVE-2003-1016 | 3 Clearswift, F-secure, Paul L Daniels | 3 Mailsweeper, Internet Gatekeeper, Ripmime | 2026-04-16 | N/A |
| Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use malformed quoting in MIME headers, parameters, and values, including (1) fields that should not be quoted, (2) duplicate quotes, or (3) missing leading or trailing quote characters, which may be interpreted differently by mail clients. | ||||
| CVE-2003-1077 | 1 Sun | 1 Solaris | 2026-04-16 | N/A |
| Unknown vulnerability in UFS for Solaris 9 for SPARC, with logging enabled, allows local users to cause a denial of service (UFS file system hang). | ||||
| CVE-2002-1158 | 2 Canna, Redhat | 3 Canna, Enterprise Linux, Linux | 2026-04-16 | N/A |
| Buffer overflow in the irw_through function for Canna 3.5b2 and earlier allows local users to execute arbitrary code as the bin user. | ||||
| CVE-2006-3475 | 1 Free Qboard | 1 Free Qboard | 2026-04-16 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in free QBoard 1.1 allow remote attackers to execute arbitrary PHP code via a URL in the qb_path parameter to (1) index.php, (2) about.php, (3) contact.php, (4) delete.php, (5) faq.php, (6) features.php or (7) history.php, a different set of vectors than CVE-2006-2998. | ||||