Search Results (35583 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-2022 1 Sun 2 Iplanet Messaging Server, One Messaging Server 2026-04-16 N/A
Unknown vulnerability in Webmail in iPlanet Messaging Server 5.2 Patch 1 and Sun ONE Messaging Server 6.2 allows remote attackers to execute arbitrary Javascript, possibly due to a cross-site scripting (XSS) vulnerability.
CVE-2005-1974 1 Sun 1 J2se 2026-04-16 N/A
Unspecified vulnerability in Java 2 Platform, Standard Edition (J2SE) 5.0 and 5.0 Update 1 and J2SE 1.4.2 up to 1.4.2_07, as used in multiple products and platforms including (1) HP-UX and (2) APC PowerChute, allows applications to assign permissions to themselves and gain privileges.
CVE-2005-1139 1 Opera 1 Opera Browser 2026-04-16 N/A
Opera 8 Beta 3, when using first-generation vetted digital certificates, displays the Organizational information of an SSL certificate, which is easily spoofed and can facilitate phishing attacks.
CVE-2006-4469 1 Joomla 1 Joomla\! 2026-04-16 N/A
Unspecified vulnerability in PEAR.php in Joomla! before 1.0.11 allows remote attackers to perform "remote execution," related to "Injection Flaws."
CVE-2004-1368 1 Oracle 9 Application Server, Collaboration Suite, E-business Suite and 6 more 2026-04-16 N/A
ISQL*Plus in Oracle 10g Application Server allows remote attackers to execute arbitrary files via an absolute pathname in the file parameter to the load.uix script.
CVE-2005-0456 1 Opera 1 Opera Browser 2026-04-16 N/A
Opera 7.54 and earlier does not properly validate base64 encoded binary data in a data: (RFC 2397) URL, which causes the URL to be obscured in a download dialog, which may allow remote attackers to trick users into executing arbitrary code.
CVE-2004-2478 3 Ca, Ibm, Jetty 3 Unicenter Web Services Distributed Management, Trading Partner Interchange, Jetty Http Server 2026-04-16 N/A
Unspecified vulnerability in Jetty HTTP Server, as used in (1) IBM Trading Partner Interchange before 4.2.4, (2) CA Unicenter Web Services Distributed Management (WSDM) before 3.11, and possibly other products, allows remote attackers to read arbitrary files via a .. (dot dot) in the URL.
CVE-2004-2345 1 Oracle 1 Database Server 2026-04-16 N/A
Unknown multiple vulnerabilities in Oracle9i Database Server 9.0.1.4, 9.0.1.5, 9.2.0.3, and 9.2.0.4 allow local users with the ability to invoke SQL to cause a denial of service or obtain sensitive information.
CVE-2004-1615 1 Opera 1 Opera Browser 2026-04-16 N/A
Opera allows remote attackers to cause a denial of service (invalid memory reference and application crash) via a web page or HTML email that contains a TBODY tag with a large COL SPAN value, as demonstrated by mangleme.
CVE-2004-1490 1 Opera 1 Opera Browser 2026-04-16 N/A
Opera 7.54 and earlier allows remote attackers to spoof file types in the download dialog via dots and non-breaking spaces (ASCII character code 160) in the (1) Content-Disposition or (2) Content-Type headers.
CVE-1999-0070 1 Apache 1 Http Server 2026-04-16 N/A
test-cgi program allows an attacker to list files on the server.
CVE-2004-1491 4 Gentoo, Kde, Opera and 1 more 4 Linux, Kde, Opera Browser and 1 more 2026-04-16 N/A
Opera 7.54 and earlier uses kfmclient exec to handle unknown MIME types, which allows remote attackers to execute arbitrary code via a shortcut or launcher that contains an Exec entry.
CVE-2006-3712 1 Oracle 1 Application Server 2026-04-16 N/A
Unspecified vulnerability in OC4J for Oracle Application Server 9.0.4.2 and 10.1.2.0.0 has unknown impact and attack vectors, aka Oracle Vuln# AS07.
CVE-2006-3711 1 Oracle 1 Application Server 2026-04-16 N/A
Unspecified vulnerability in OC4J for Oracle Application Server 9.0.2.3, 9.0.3.1, and 9.0.4.1 has unknown impact and attack vectors, aka Oracle Vuln# AS06.
CVE-2006-3709 1 Oracle 1 Application Server 2026-04-16 N/A
Unspecified vulnerability in OC4J for Oracle Application Server 9.0.2.3, 9.0.3.1, and 10.1.2.0.0 has unknown impact and attack vectors, aka Oracle Vuln# AS04.
CVE-2006-3707 1 Oracle 1 Application Server 2026-04-16 N/A
Unspecified vulnerability in OC4J for Oracle Application Server 9.0.2.3 and 9.0.3.1 has unknown impact and attack vectors, aka Oracle Vuln# AS02.
CVE-2006-3706 1 Oracle 1 Application Server 2026-04-16 N/A
Unspecified vulnerability in OC4J for Oracle Application Server 9.0.2.3 has unknown impact and attack vectors, aka Oracle Vuln# AS01.
CVE-2006-3705 1 Oracle 1 Database Server 2026-04-16 N/A
Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 have unknown impact and attack vectors, aka Oracle Vuln# (1) DB21 for Statistics and (2) DB22 for Upgrade & Downgrade. NOTE: as of 20060719, Oracle has not disputed a claim by a reliable researcher that DB21 is for a local SQL injection vulnerability in SYS.DBMS_STATS, and that DB22 is for SQL injection in SYS.DBMS_UPGRADE.
CVE-2006-3703 1 Oracle 1 Database Server 2026-04-16 N/A
Unspecified vulnerability in InterMedia for Oracle Database 9.0.1.5, 9.2.0.6, and 10.1.0.4 has unknown impact and attack vectors, aka oracle Vuln# DB07.
CVE-1999-0236 2 Apache, Illinois 2 Http Server, Ncsa Httpd 2026-04-16 7.5 High
ScriptAlias directory in NCSA and Apache httpd allowed attackers to read CGI programs.