Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-2402 1 Surecom 1 Ep-4501 2026-04-16 N/A
SURECOM broadband router EP-4501 uses a default SNMP read community string of "public" and a default SNMP read/write community string of "secret," which allows remote attackers to read and modify router configuration information.
CVE-2005-4604 1 Jean-jacques Sarton 1 Mtink 2026-04-16 N/A
Buffer overflow in MTink in the printer-filters-utils package allows local users to execute arbitrary code via a long HOME environment variable.
CVE-2006-2313 2 Postgresql, Redhat 2 Postgresql, Enterprise Linux 2026-04-16 N/A
PostgreSQL 8.1.x before 8.1.4, 8.0.x before 8.0.8, 7.4.x before 7.4.13, 7.3.x before 7.3.15, and earlier versions allows context-dependent attackers to bypass SQL injection protection methods in applications via invalid encodings of multibyte characters, aka one variant of "Encoding-Based SQL Injection."
CVE-2002-2408 1 Gordano 1 Ntmail 2026-04-16 N/A
Gordano Messaging Server (GMS) Mail 8 (a.k.a. NTMail) only filters email messages for the first recipient, which allows remote attackers to bypass JUCE filters by sending a message to more than one user on the GMS server.
CVE-2006-2553 1 Jemscripts 1 Downloadcontrol 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Jemscripts DownloadControl 1.0 allows remote attackers to inject arbitrary HTML or web script via the dcid parameter to dc.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. This issue appears to be independent from a different issue that involves the same vector.
CVE-2002-2414 2 Opera Software, Squid 2 Opera, Squid 2026-04-16 N/A
Opera 6.0.3, when using Squid 2.4 for HTTPS proxying, does not properly handle when accepting a non-global certificate authority (CA) certificate from a site and establishing a subsequent HTTPS connection, which allows remote attackers to cause a denial of service (crash).
CVE-2006-2555 1 Genecys 1 Genecys 2026-04-16 N/A
The parse_command function in Genecys 0.2 and earlier allows remote attackers to cause a denial of service (crash) via a command with a missing ":" (colon) separator, which triggers a null dereference.
CVE-2006-2558 1 Iplogger 1 Iplogger 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in IpLogger 1.7 and earlier allows remote attackers to inject arbitrary HTML or web script via the User-Agent (useragent) header in an HTTP request, which is not filtered when the log files are viewed.
CVE-2004-0986 4 Debian, Linux, Redhat and 1 more 4 Debian Linux, Linux Kernel, Fedora Core and 1 more 2026-04-16 N/A
Iptables before 1.2.11, under certain conditions, does not properly load the required modules at system startup, which causes the firewall rules to fail to load and protect the system from remote attackers.
CVE-2006-2561 1 Edimax 1 Br 6104k 2026-04-16 N/A
Edimax BR-6104K router allows remote attackers to bypass access restrictions and conduct unauthorized operations via a UPnP request with a modified InternalClient parameter (possibly within NewInternalClient), which is not validated, as demonstrated by using AddPortMapping to forward arbitrary traffic.
CVE-2006-2564 1 Alstrasoft 1 E-friends 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in index.php in AlstraSoft E-Friends allow remote attackers to inject arbitrary web script or HTML by (1) posting a blog, (2) posting a listing, (3) posting an event, (4) adding comments, or (5) sending a message.
CVE-1999-0028 1 Sgi 1 Irix 2026-04-16 N/A
root privileges via buffer overflow in login/scheme command on SGI IRIX systems.
CVE-1999-0035 2 Gnu, Sgi 2 Inet, Irix 2026-04-16 5.4 Medium
Race condition in signal handling routine in ftpd, allowing read/write arbitrary files.
CVE-2004-1000 1 Debian 1 Lintian 2026-04-16 N/A
lintian 1.23 and earlier removes the working directory even if it was not created by lintian, which may allow local users to delete arbitrary files or directories via a symlink attack.
CVE-1999-0039 1 Sgi 1 Irix 2026-04-16 7.3 High
webdist CGI program (webdist.cgi) in SGI IRIX allows remote attackers to execute arbitrary commands via shell metacharacters in the distloc parameter.
CVE-2003-0028 11 Cray, Freebsd, Gnu and 8 more 15 Unicos, Freebsd, Glibc and 12 more 2026-04-16 N/A
Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a different vulnerability than CVE-2002-0391.
CVE-2003-0034 1 Jean-jacques Sarton 1 Mtink 2026-04-16 N/A
Buffer overflow in the mtink status monitor, as included in the printer-drivers package in Mandrake Linux, allows local users to execute arbitrary code via a long HOME environment variable.
CVE-1999-0043 6 Bsdi, Caldera, Isc and 3 more 7 Bsd Os, Openlinux, Inn and 4 more 2026-04-16 9.8 Critical
Command execution via shell metachars in INN daemon (innd) 1.5 using "newgroup" and "rmgroup" control messages, and others.
CVE-1999-0049 1 Sgi 1 Irix 2026-04-16 N/A
Csetup under IRIX allows arbitrary file creation or overwriting.
CVE-1999-0054 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Sun's ftpd daemon can be subjected to a denial of service.