Total
29894 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-2039 | 1 Qnx | 1 Rtos | 2026-04-16 | N/A |
| /bin/su in QNX realtime operating system (RTOS) 4.25 and 6.1.0 allows local users to obtain sensitive information from core dump files by sending the SIGSERV (invalid memory reference) signal. | ||||
| CVE-2002-2041 | 1 Qnx | 1 Rtos | 2026-04-16 | N/A |
| Multiple buffer overflows in realtime operating system (RTOS) 6.1.0 allows local users to execute arbitrary code via (1) a long ABLANG environment variable in phlocale or (2) a long -u option to pkg-installer. | ||||
| CVE-2002-2046 | 1 Xqus | 1 X-news | 2026-04-16 | N/A |
| x_news.php in X-News (x_news) 1.1 and earlier allows remote attackers to gain administrative privileges by stealing and replaying the md5_password cookie. | ||||
| CVE-2002-2048 | 1 Michael Baumer | 1 Pfinger | 2026-04-16 | N/A |
| Buffer overflow in PFinger 0.7.8 client allows remote attackers to execute arbitrary code via a long query value passed to the (1) finger program, (2) -l, (3) -d, and (4) -t options. NOTE: if PFinger is not setuid or setgid, then this issue would not cross privilege boundaries and would not be considered a vulnerability. | ||||
| CVE-2006-2211 | 1 321soft | 1 Php-gallery | 2026-04-16 | N/A |
| Absolute path traversal vulnerability in index.php in 321soft PhP-Gallery 0.9 allows remote attackers to browse arbitrary directories via the path parameter. | ||||
| CVE-2006-1294 | 1 Knowledgebasepublisher | 1 Knowledgebasepublisher | 2026-04-16 | N/A |
| PHP remote file include vulnerability in PageController.php in KnowledgebasePublisher 1.2 allows remote attackers to include and execute arbitrary PHP code via a URL in the dir parameter. | ||||
| CVE-2006-1296 | 1 Beagle-project | 1 Beagle | 2026-04-16 | N/A |
| Untrusted search path vulnerability in Beagle 0.2.2.1 might allow local users to gain privileges via a malicious beagle-info program in the current working directory, or possibly directories specified in the PATH. | ||||
| CVE-2006-2214 | 1 4images | 1 Image Gallery Management System | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in 4images 1.7.1 and earlier allow remote attackers to execute arbitrary SQL commands via the sessionid parameter in (1) top.php and (2) member.php. NOTE: this issue has also been reported to affect 1.7.2. | ||||
| CVE-2006-1298 | 1 Symantec Veritas | 1 Backup Exec | 2026-04-16 | N/A |
| Format string vulnerability in the Job Engine service (bengine.exe) in the Media Server in Veritas Backup Exec 10d (10.1) for Windows Servers rev. 5629, Backup Exec 10.0 for Windows Servers rev. 5520, Backup Exec 10.0 for Windows Servers rev. 5484, and Backup Exec 9.1 for Windows Servers rev. 4691, when the job log mode is Full Detailed (aka Full Details), allows remote authenticated users to cause a denial of service and possibly execute arbitrary code via a crafted filename on a machine that is backed up by Backup Exec. | ||||
| CVE-2006-1321 | 1 Webcheck | 1 Webcheck | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in webcheck before 1.9.6 allows remote attackers to inject arbitrary web script or HTML via the (1) url, (2) title, or (3) author name in a crawled page, which is not properly sanitized in the tooltips of a report. | ||||
| CVE-2006-1322 | 1 Novell | 2 Netware, Netware Ftp Server | 2026-04-16 | N/A |
| Novell Netware NWFTPD 5.06.05 allows remote attackers to cause a denial of service (ABEND) via an MDTM command that uses a long path for the target file, possibly due to a buffer overflow. | ||||
| CVE-2006-1327 | 1 Softbb | 1 Softbb | 2026-04-16 | N/A |
| SQL injection vulnerability in reg.php in SoftBB 0.1 allows remote attackers to execute arbitrary SQL commands via the mail parameter. | ||||
| CVE-2006-1347 | 1 Greg Neustaetter | 1 Gcards | 2026-04-16 | N/A |
| SQL injection vulnerability in loginfunction.php in Greg Neustaetter gCards 1.45 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter. | ||||
| CVE-2006-2231 | 1 Big Webmaster | 1 Big Webmaster Guestbook Script | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in addguest.cgi in Big Webmaster Guestbook Script 1.02 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) mail, (2) site, (3) city, (4) state, (5) country, and possibly (6) name fields, which are viewed via viewguest.cgi. | ||||
| CVE-2006-2234 | 1 Tyrocms | 1 Tyrocms | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in TyroCMS beta 1.0 allow remote attackers to inject arbitrary web script or HTML via (1) a javascript URI in an img BBCode tag, or a JavaScript event in a (2) url BBCode tag or (3) color BBCode tag. | ||||
| CVE-2006-2241 | 1 Ftrainsoft | 1 Fast Click | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in show.php in Fast Click SQL Lite 1.1.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the path parameter. NOTE: This is a different vulnerability than CVE-2006-2175. | ||||
| CVE-2006-2244 | 1 Web4future | 1 News Portal | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Web4Future News Portal allow remote attackers to execute arbitrary SQL commands via the ID parameter to (1) comentarii.php or (2) view.php. | ||||
| CVE-2006-1378 | 1 Counterpane | 1 Password Safe | 2026-04-16 | N/A |
| PasswordSafe 3.0 beta, when running on Windows before XP, uses a weak random number generator (C++ rand function) during generation of the database encryption key, which makes it easier for attackers to decrypt the database and steal passwords by generating keys for all possible rand() seed values and conducting a known plaintext attack. | ||||
| CVE-2006-2246 | 1 Uapplication | 1 Ublog | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in UBlog 1.6 Access Edition allows remote attackers to inject arbitrary web script or HTML via text fields when adding a blog entry. | ||||
| CVE-1999-0639 | 2026-04-16 | N/A | ||
| The chargen service is running. | ||||