Search Results (363381 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-0627 1 Polycom 8 Viewstation 128, Viewstation 512, Viewstation Dcp and 5 more 2026-04-16 N/A
The Web server for Polycom ViewStation before 7.2.4 allows remote attackers to bypass authentication and read files via Unicode encoded requests.
CVE-2003-0900 1 Larry Wall 1 Perl 2026-04-16 N/A
Perl 5.8.1 on Fedora Core does not properly initialize the random number generator when forking, which makes it easier for attackers to predict random numbers.
CVE-2006-3998 1 Wowroster 1 Wowroster 2026-04-16 N/A
PHP remote file inclusion vulnerability in conf.php in WoWRoster (aka World of Warcraft Roster) 1.5.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the subdir parameter.
CVE-2006-3997 1 Wowroster 1 Wowroster 2026-04-16 N/A
PHP remote file inclusion vulnerability in hsList.php in WoWRoster (aka World of Warcraft Roster) 1.5.x and earlier allows remote attackers to execute arbitrary PHP code via a URL in the subdir parameter.
CVE-2006-3941 1 Sun 1 N1 Grid Engine 2026-04-16 N/A
Unspecified vulnerability in the daemons for Sun N1 Grid Engine 5.3 and N1 Grid Engine 6.0 allows local users to cause a denial of service (grid service shutdown) and possibly execute arbitrary code using buffer overflows via unknown vectors that cause (1) qmaster or (2) execd to terminate.
CVE-2002-0489 1 Linux Directory Penguin 1 Nslookup 2026-04-16 N/A
Linux Directory Penguin NsLookup CGI script (nslookup.pl) 1.0 allows remote attackers to execute arbitrary code via shell metacharacters in the (1) query or (2) type parameters.
CVE-2002-0495 1 Cgiscript 1 Cssearch Professional 2026-04-16 N/A
csSearch.cgi in csSearch 2.3 and earlier allows remote attackers to execute arbitrary Perl code via the savesetup command and the setup parameter, which overwrites the setup.cgi configuration file that is loaded by csSearch.cgi.
CVE-2002-0496 1 Southwest 1 Southwest 2026-04-16 N/A
The HTTP server for SouthWest Talker server 1.0.0 allows remote attackers to cause a denial of service (server crash) via a malformed URL to port 5002.
CVE-2006-3945 2 Microsoft, Opera 2 Windows Xp, Opera Browser 2026-04-16 N/A
The CSS functionality in Opera 9 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) by setting the background property of a DHTML element to a long http or https URL, which triggers memory corruption.
CVE-2006-3946 1 Apple 2 Mac Os X, Safari 2026-04-16 N/A
WebCore in Apple Mac OS X 10.3.9 and 10.4 through 10.4.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted HTML that triggers a "memory management error" in WebKit, possibly due to a buffer overflow, as originally reported for the KHTMLParser::popOneBlock function in Apple Safari 2.0.4 using Javascript that changes document.body.innerHTML within a DIV tag.
CVE-2006-3950 1 X-scripts 1 X-statistics 2026-04-16 N/A
SQL injection vulnerability in x-statistics.php in X-Scripts X-Statistics 1.20 allows remote attackers to execute arbitrary SQL commands via the User-Agent HTTP header.
CVE-2006-3954 1 Mybulletinboard 1 Mybulletinboard 2026-04-16 N/A
Directory traversal vulnerability in usercp.php in MyBB (aka MyBulletinBoard) 1.x allows remote attackers to read arbitrary files via a .. (dot dot) in the gallery parameter in a (1) avatar or (2) do_avatar action.
CVE-2003-0854 3 Gnu, Redhat, Washington University 4 Fileutils, Enterprise Linux, Linux and 1 more 2026-04-16 N/A
ls in the fileutils or coreutils packages allows local users to consume a large amount of memory via a large -w value, which can be remotely exploited via applications that use ls, such as wu-ftpd.
CVE-2002-0511 1 Nscd 1 Nscd 2026-04-16 N/A
The default configuration of Name Service Cache Daemon (nscd) in Caldera OpenLinux 3.1 and 3.1.1 uses cached PTR records instead of consulting the authoritative DNS server for the A record, which could make it easier for remote attackers to bypass applications that restrict access based on host names.
CVE-2003-0855 2 Charles Kerr, Redhat 3 Pan, Enterprise Linux, Linux 2026-04-16 N/A
Pan 0.13.3 and earlier allows remote attackers to cause a denial of service (crash) via a news post with a long author email address.
CVE-2003-0856 2 Redhat, Stephen Hemminger 3 Enterprise Linux, Linux, Iproute 2026-04-16 N/A
iproute 2.4.7 and earlier allows local users to cause a denial of service via spoofed messages as other users to the kernel netlink interface.
CVE-2006-3955 1 Minibb 1 Minibb 2026-04-16 N/A
Multiple PHP remote file inclusion vulnerabilities in MiniBB Forum 1.5a allow remote attackers to execute arbitrary PHP code via a URL in the absolute_path parameter to (1) news.php, (2) search.php, or (3) whosOnline.php.
CVE-2003-0857 1 Redhat 1 Enterprise Linux 2026-04-16 N/A
The (1) ipq_read and (2) ipulog_read functions in iptables allow local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface.
CVE-2006-3958 1 Pkr Internet 1 Taskjitsu 2026-04-16 N/A
Multiple unspecified cross-site scripting (XSS) vulnerabilities in Taskjitsu 2.0.3 allow remote attackers to inject arbitrary web script or HTML via (1) the Search Tasks system, or authenticated users via (2) the Edit Task system, (3) the back-end Category Editor system, and (4) "Pages that display task status, email addresses, URL, customer, and project information."
CVE-2002-0524 1 Asp-nuke 1 Asp-nuke 2026-04-16 N/A
ASP-Nuke RC2 and earlier allows remote attackers to determine the absolute path of the server by (1) calling database-inc.asp with incorrect cookies, or (2) calling Post.asp with certain arguments, which leak the pathname in an error message.