Search Results (351250 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-2857 1 Softstack 1 Free Smtp Server 2026-04-16 N/A
Free SMTP Server 2.2 allows remote attackers to use the server as an open mail relay (spam proxy).
CVE-2006-0174 1 Hummingbird 2 Collaboration, Enterprise Collaboration 2026-04-16 N/A
Hummingbird Collaboration (aka Hummingbird Enterprise Collaboration) 5.21 and earlier allows remote attackers to obtain sensitive information (intranet IP addresses and enumerations of valid parameter values) via a direct request to hc, which reveals the information in an error message or a cookie.
CVE-2006-2313 2 Postgresql, Redhat 2 Postgresql, Enterprise Linux 2026-04-16 N/A
PostgreSQL 8.1.x before 8.1.4, 8.0.x before 8.0.8, 7.4.x before 7.4.13, 7.3.x before 7.3.15, and earlier versions allows context-dependent attackers to bypass SQL injection protection methods in applications via invalid encodings of multibyte characters, aka one variant of "Encoding-Based SQL Injection."
CVE-2006-2479 1 Bitrix 1 Bitrix Site Manager 2026-04-16 N/A
The Update functionality in Bitrix Site Manager 4.1.x does not verify the authenticity of downloaded updates, which allows remote attackers to obtain sensitive information and ultimately execute arbitrary PHP code via DNS cache poisoning that redirects the user to a malicious site.
CVE-2006-4904 1 Qualiteam 1 X-cart 2026-04-16 N/A
Dynamic variable evaluation vulnerability in cmpi.php in Qualiteam X-Cart 4.1.3 and earlier allows remote attackers to overwrite arbitrary program variables and execute arbitrary PHP code, as demonstrated by PHP remote file inclusion via the xcart_dir parameter.
CVE-2006-4907 1 Ohio State University 1 Osu Httpd 2026-04-16 N/A
OSU 3.11alpha and 3.10a allows remote attackers to obtain sensitive information via a URL to a non-existent file, which displays the web root path in the resulting error message.
CVE-2006-4908 1 Ohio State University 1 Osu Httpd 2026-04-16 N/A
OSU 3.11alpha and 3.10a allows remote attackers to obtain sensitive information via a URL containing an * (asterisk) wildcard, which displays all matching file and directory information.
CVE-2003-0364 1 Redhat 2 Enterprise Linux, Linux 2026-04-16 N/A
The TCP/IP fragment reassembly handling in the Linux kernel 2.4 allows remote attackers to cause a denial of service (CPU consumption) via certain packets that cause a large number of hash table collisions.
CVE-2005-1550 1 Colored Scripts 1 Easy Message Board 2026-04-16 N/A
easymsgb.pl in Easy Message Board allows remote attackers to execute arbitrary commands via shell metacharacters in the print parameter.
CVE-1999-0067 2 Apache, Ncsa 2 Http Server, Ncsa Httpd 2026-04-16 N/A
phf CGI program allows remote command execution through shell metacharacters.
CVE-1999-0797 1 Sun 1 Sunos 2026-04-16 N/A
NIS finger allows an attacker to conduct a denial of service via a large number of finger requests, resulting in a large number of NIS queries.
CVE-2002-0317 1 Gator 1 Gator 2026-04-16 N/A
Gator ActiveX component (IEGator.dll) 3.0.6.1 allows remote web sites to install arbitrary software by specifying a Trojan Gator installation file (setup.ex_) in the src parameter.
CVE-2002-0334 1 Xtell 1 Xtell 2026-04-16 N/A
xtell (xtelld) 1.91.1 and earlier, and 2.x before 2.7, allows local users to modify files via a symlink attack on the .xtell-log file.
CVE-1999-1574 1 Ibm 1 Aix 2026-04-16 N/A
Buffer overflow in the lex routines of nslookup for AIX 4.3 may allow attackers to cause a core dump and possibly execute arbitrary code via "long input strings."
CVE-2002-0336 1 Galacticomm Technologies 2 Worldgroup, Worldgroup Lite Personal Server 2026-04-16 N/A
Buffer overflow in Galacticomm Worldgroup FTP server 3.20 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a LIST command containing a large number of / (slash), * (wildcard), and .. characters.
CVE-2000-1222 1 Ibm 1 Aix 2026-04-16 N/A
AIX sysback before 4.2.1.13 uses a relative path to find and execute the hostname program, which allows local users to gain privileges by modifying the path to point to a malicious hostname program.
CVE-2001-0409 1 Vim Development Group 1 Vim 2026-04-16 N/A
vim (aka gvim) allows local users to modify files being edited by other users via a symlink attack on the backup and swap files, when the victim is editing the file in a world writable directory.
CVE-2004-2703 1 Clearswift 4 Mailsweeper Business Suite I, Mailsweeper Business Suite Ii, Mailsweeper For Smtp and 1 more 2026-04-16 N/A
Clearswift MIMEsweeper 5.0.5, when it has been upgraded from MAILsweeper for SMTP version 4.3 or MAILsweeper Business Suite I or II, allows remote attackers to bypass scanning by including encrypted data in a mail message, which causes the message to be marked as "Clean" instead of "Encrypted".
CVE-2004-2716 1 Php Heaven 1 Phpmychat 2026-04-16 N/A
Multiple SQL injection vulnerabilities in usersL.php3 in PHPMyChat 0.14.5 allow remote attackers to execute arbitrary SQL commands via the (1) sortBy, (2) sortOrder, (3) startReg, (4) U, (5) LastCheck , and (6) R parameters.
CVE-2004-2717 1 Php Heaven 1 Phpmychat 2026-04-16 N/A
Multiple directory traversal vulnerabilities in admin.php3 in PHPMyChat 0.14.5 allow remote attackers with administrative privileges to read arbitrary files via a .. (dot dot) in the (1) sheet and (2) What parameters.