ReportizFlow
Filtered by vendor
Subscriptions
Total
29906 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-0617 | 1 Arbitroweb | 1 Arbitroweb | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in ArbitroWeb 0.6 allows remote attackers to inject arbitrary script or HTML via the rawURL parameter. | ||||
| CVE-2005-0634 | 1 Kmint21 Software | 1 Golden Ftp Server | 2026-04-16 | N/A |
| Buffer overflow in Golden FTP Server 1.92 allows remote attackers to execute arbitrary code via a long USER command. | ||||
| CVE-2001-1420 | 1 Aol | 1 Instant Messenger | 2026-04-16 | N/A |
| AOL Instant Messenger (AIM) 4.7 allows remote attackers to cause a denial of service (application crash) via a long filename, possibly caused by a buffer overflow. | ||||
| CVE-2006-3461 | 2 Libtiff, Redhat | 2 Libtiff, Enterprise Linux | 2026-04-16 | N/A |
| Heap-based buffer overflow in the PixarLog decoder in the TIFF library (libtiff) before 3.8.2 might allow context-dependent attackers to execute arbitrary code via unknown vectors. | ||||
| CVE-2001-1430 | 1 Cayman | 1 3220-h Dsl Router | 2026-04-16 | N/A |
| Cayman 3220-H DSL Router 1.0 ship without a password set, which allows remote attackers to gain unauthorized access. | ||||
| CVE-2005-1142 | 1 Gocr | 1 Optical Character Recognition Utility | 2026-04-16 | N/A |
| Heap-based buffer overflow in the readpgm function in pnm.c for GOCR 0.40, when it is not using netpbm, allows remote attackers to execute arbitrary code via a P3 format PNM file with more data than implied by its width and height values. | ||||
| CVE-2001-1433 | 1 Cherokee | 1 Cherokee Httpd | 2026-04-16 | N/A |
| Cherokee web server before 0.2.7 does not properly drop root privileges after binding to port 80, which could allow remote attackers to gain privileges via other vulnerabilities. | ||||
| CVE-2006-3856 | 1 Ibm | 1 Informix Dynamic Server | 2026-04-16 | N/A |
| IBM Informix Dynamic Server (IDS) before 9.40.xC7 and 10.00 before 10.00.xC3 allows local users to cause a denial of service (crash) via unspecified vectors. | ||||
| CVE-2006-3869 | 1 Microsoft | 1 Ie | 2026-04-16 | N/A |
| Heap-based buffer overflow in URLMON.DLL in Microsoft Internet Explorer 6 SP1 on Windows 2000 and XP SP1, with versions the MS06-042 patch before 20060824, allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long URL on a website that uses HTTP 1.1 compression. | ||||
| CVE-2006-3979 | 1 Macromedia | 1 Coldfusion | 2026-04-16 | N/A |
| The AdminAPI of ColdFusion MX 7 allows attackers to bypass authentication by using "programmatic access" to the adminAPI instead of the ColdFusion Administrator. | ||||
| CVE-1999-0577 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| A Windows NT system's file audit policy does not log an event success or failure for non-critical files or directories. | ||||
| CVE-2001-1502 | 1 Mountain Network Systems | 1 Webcart | 2026-04-16 | N/A |
| webcart.cgi in Mountain Network Systems WebCart 8.4 allows remote attackers to execute arbitrary commands via shell metacharacters in the NEXTPAGE parameter. | ||||
| CVE-2004-0640 | 2 Netkit, Ssltelnetd | 2 Linux Netkit, Secure Telnet | 2026-04-16 | N/A |
| Format string vulnerability in the SSL_set_verify function in telnetd.c for SSLtelnet daemon (SSLtelnetd) 0.13 allows remote attackers to execute arbitrary code. | ||||
| CVE-2004-0641 | 1 Thomson | 1 Speedtouch | 2026-04-16 | N/A |
| Thomson SpeedTouch 510 ADSL Router with firmware GV8BAA3.270, and possibly earlier versions, generates predictable TCP Initial Sequence Numbers (ISNs), which allows remote attackers to spoof or hijack TCP connections. | ||||
| CVE-2001-1526 | 1 Easyscripts | 1 Easynews | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the comments action in index.php in easyNews 1.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the zeit parameter. | ||||
| CVE-2006-4267 | 1 Devellion | 1 Cubecart | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in CubeCart 3.0.11 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) oid parameter in modules/gateway/Protx/confirmed.php and the (2) x_invoice_num parameter in modules/gateway/Authorize/confirmed.php. | ||||
| CVE-2001-1538 | 1 Speedxess | 1 Ha-120 Dsl Router | 2026-04-16 | N/A |
| SpeedXess HA-120 DSL router has a default administrative password of "speedxess", which allows remote attackers to gain access. | ||||
| CVE-2000-0642 | 1 Itafrica | 1 Webactive | 2026-04-16 | N/A |
| The default configuration of WebActive HTTP Server 1.00 stores the web access log active.log in the document root, which allows remote attackers to view the logs by directly requesting the page. | ||||
| CVE-2006-4324 | 1 Cityforfree | 1 Indexcity | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in add_url2.php in CityForFree indexcity 1.0 allows remote attackers to inject arbitrary web script or HTML via the url parameter. | ||||
| CVE-2006-4365 | 1 Vistabb | 1 Vistabb | 2026-04-16 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in VistaBB 2.0.33 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter in (1) includes/functions_mod_user.php or (2) includes/functions_portal.php. | ||||