Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-1909 1 Software602 1 602lan Suite 2026-04-16 N/A
The web server control panel in 602LAN SUITE 2004 allows remote attackers to make it more difficult for the administrator to read portions of log files via a "</pre><!-" sequence in an HTTP GET request in the logon, possibly due to a cross-site scripting (XSS) vulnerability.
CVE-2001-1354 1 Netwin 2 Dmail, Surgeftp 2026-04-16 N/A
NetWin Authentication module (NWAuth) 2.0 and 3.0b, as implemented in SurgeFTP, DMail, and possibly other packages, uses weak password hashing, which could allow local users to decrypt passwords or use a different password that has the same hash value as the correct password.
CVE-2006-1702 1 Spip 1 Spip 2026-04-16 N/A
PHP remote file inclusion vulnerability in spip_login.php3 in SPIP 1.8.3 allows remote attackers to execute arbitrary PHP code via a URL in the url parameter.
CVE-2005-1922 1 Clam Anti-virus 1 Clamav 2026-04-16 N/A
The MS-Expand file handling in Clam AntiVirus (ClamAV) before 0.86 allows remote attackers to cause a denial of service (file descriptor and memory consumption) via a crafted file that causes repeated errors in the cli_msexpand function.
CVE-2006-2107 1 Bl4 1 Smtp Server 2026-04-16 N/A
Buffer overflow in BL4 SMTP Server 0.1.4 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long argument to the (1) EHLO, (2) MAIL FROM, and (3) RCPT TO commands.
CVE-2006-3612 1 Phorum 1 Phorum 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Phorum 5.1.14 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2001-1365 1 Osi Codes Inc. 1 Intragnat 2026-04-16 N/A
Vulnerability in IntraGnat before 1.4.
CVE-2005-1923 1 Clam Anti-virus 1 Clamav 2026-04-16 N/A
The ENSURE_BITS macro in mszipd.c for Clam AntiVirus (ClamAV) 0.83, and other versions vefore 0.86, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a cabinet (CAB) file with the cffile_FolderOffset field set to 0xff, which causes a zero-length read.
CVE-2006-1703 1 Hubert Plisson 1 Sire 2026-04-16 N/A
PHP remote file inclusion vulnerability in lire.php in Sire 2.0 nws allows remote attackers to execute arbitrary PHP code via a URL in the rub parameter.
CVE-2006-1704 1 Hubert Plisson 1 Sire 2026-04-16 N/A
Sire 2.0 nws allows remote attackers to upload arbitrary image files without authentication via a direct request to upload.php.
CVE-1999-0342 1 Pam 1 Pam 2026-04-16 N/A
Linux PAM modules allow local users to gain root access using temporary files.
CVE-1999-0343 1 Palace 1 Palace Client 2026-04-16 N/A
A malicious Palace server can force a client to execute arbitrary programs.
CVE-2005-1931 1 Goodtech Systems 1 Goodtech Smtp Server 2026-04-16 N/A
GoodTech SMTP Server 5.14 allows remote attackers to cause a denial of service (application crash) via a RCPT TO command with an invalid argument, as demonstrated using an "A" character.
CVE-2006-1708 1 Clansys 1 Clansys 2026-04-16 N/A
SQL injection vulnerability in member.php in Clansys 1.1 allows remote attackers to execute arbitrary SQL commands via the showid parameter in the member page to index.php.
CVE-2006-3301 1 Phpqladmin 1 Phpqladmin 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in phpQLAdmin 2.2.7 and earlier allow remote attackers to inject arbitrary web script or HTML via the domain parameter in (1) user_add.php or (2) unit_add.php.
CVE-2001-1368 1 Iplanet 1 Iplanet Web Server 2026-04-16 N/A
Vulnerability in iPlanet Web Server 4 included in Virtualvault Operating System (VVOS) 4.0 running HP-UX 11.04 could allow attackers to corrupt data.
CVE-1999-0345 4 Freebsd, Ibm, Sco and 1 more 7 Freebsd, Aix, Sng and 4 more 2026-04-16 N/A
Jolt ICMP attack causes a denial of service in Windows 95 and Windows NT systems.
CVE-2001-1369 1 Leon J Breedt 1 Pam-pgsql 2026-04-16 N/A
Leon J Breedt pam-pgsql before 0.5.2 allows remote attackers to execute arbitrary SQL code and bypass authentication or modify user account records by injecting SQL statements into user or password fields.
CVE-2006-2123 1 Network Administration Visualized 1 Network Administration Visualized 2026-04-16 N/A
Multiple SQL injection vulnerabilities in the report interface in Network Administration Visualized (NAV) before 3.0.1 allow remote attackers to execute arbitrary SQL commands via unknown vectors.
CVE-1999-0346 1 Php 1 Php Fi 2026-04-16 N/A
CGI PHP mlog script allows an attacker to read any file on the target server.