Export limit exceeded: 362723 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (362723 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-0702 | 1 Phpmyfaq | 1 Phpmyfaq | 2026-04-16 | N/A |
| SQL injection vulnerability in phpMyFAQ 1.4 and 1.5 allows remote attackers to add FAQ records to the database via the username field in forum messages. | ||||
| CVE-2003-1098 | 1 Hp | 1 Hp-ux | 2026-04-16 | N/A |
| The Xserver for HP-UX 11.22 was not properly built, which introduced a vulnerability that allows local users to gain privileges. | ||||
| CVE-2005-2142 | 1 Kmint21 Software | 1 Golden Ftp Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in Golden FTP Server 2.60 allows remote authenticated attackers to list arbitrary directories via a "\.." (backslash dot dot) in an LS (LIST) command. | ||||
| CVE-2005-0701 | 1 Oracle | 1 Database Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in Oracle Database Server 8i and 9i allows remote attackers to read or rename arbitrary files via "\\.\\.." (modified dot dot backslash) sequences to UTL_FILE functions such as (1) UTL_FILE.FOPEN or (2) UTL_FILE.frename. | ||||
| CVE-2003-1097 | 1 Hp | 1 Hp-ux | 2026-04-16 | N/A |
| Buffer overflow in rexec on HP-UX B.10.20, B.11.00, and B.11.04, when setuid root, may allow local users to gain privileges via a long -l option. | ||||
| CVE-2002-2044 | 1 Xqus | 1 X-stat | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in x_stat_admin.php in x-stat 2.3 and earlier allows remote attackers to inject arbitrary web script or HTML via a parameter to the phpinfo action. | ||||
| CVE-2003-1096 | 1 Cisco | 1 Leap | 2026-04-16 | N/A |
| The Cisco LEAP challenge/response authentication mechanism uses passwords in a way that is susceptible to dictionary attacks, which makes it easier for remote attackers to gain privileges via brute force password guessing attacks. | ||||
| CVE-2005-4843 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| The SmartConnect Class control allows remote attackers to cause a denial of service (Internet Explorer crash) by creating a COM object of the class associated with the control's CLSID, which is not intended for use within Internet Explorer. | ||||
| CVE-2002-1583 | 1 Ibm | 1 Db2 Universal Database | 2026-04-16 | N/A |
| Buffer overflow in sqllib/security/db2ckpw for IBM DB2 Universal Database 6.0 and 7.0 allows local users to execute arbitrary code via a long username that is read from a file descriptor argument. | ||||
| CVE-2003-0774 | 2 Redhat, Sane | 4 Enterprise Linux, Linux, Sane and 1 more | 2026-04-16 | N/A |
| saned in sane-backends 1.0.7 and earlier does not quickly handle connection drops, which allows remote attackers to cause a denial of service (segmentation fault) when invalid memory is accessed. | ||||
| CVE-2002-1594 | 2 Grpck, Pwck | 2 Grpck, Pwck | 2026-04-16 | N/A |
| Buffer overflow in (1) grpck and (2) pwck, if installed setuid on a system as recommended in some AIX documentation, may allow local users to gain privileges via a long command line argument. | ||||
| CVE-2003-0776 | 2 Redhat, Sane | 4 Enterprise Linux, Linux, Sane and 1 more | 2026-04-16 | N/A |
| saned in sane-backends 1.0.7 and earlier does not properly "check the validity of the RPC numbers it gets before getting the parameters," with unknown consequences. | ||||
| CVE-2005-0604 | 1 Gfi | 1 Languard Network Security Scanner | 2026-04-16 | N/A |
| lnss.exe in GFI Languard Network Security Scanner 5.0 stores the username and password in memory in plaintext, which could allow local administrators to obtain domain administrator credentials. | ||||
| CVE-2003-0785 | 1 Brian Bassett | 1 Ipmasq | 2026-04-16 | N/A |
| ipmasq before 3.5.12, in certain configurations, may forward packets to the external interface even if the packets are not associated with an established connection, which could allow remote attackers to bypass intended filtering. | ||||
| CVE-2005-0616 | 1 Postnuke Software Foundation | 1 Postnuke Phoenix | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the Download module for PostNuke 0.750 and 0.760-RC2 allow remote attackers to inject arbitrary web script or HTML via the (1) Program name, (2) File link, (3) Author name (4) Author e-mail address, (5) File size, (6) Version, or (7) Home page variables. | ||||
| CVE-2003-0787 | 1 Openbsd | 1 Openssh | 2026-04-16 | N/A |
| The PAM conversation function in OpenSSH 3.7.1 and 3.7.1p1 interprets an array of structures as an array of pointers, which allows attackers to modify the stack and possibly gain privileges. | ||||
| CVE-2003-0794 | 1 Gnome | 1 Gdm | 2026-04-16 | N/A |
| GDM 2.4.4.x before 2.4.4.4, and 2.4.1.x before 2.4.1.7, does not limit the number or duration of commands and uses a blocking socket connection, which allows attackers to cause a denial of service (resource exhaustion) by sending commands and not reading the results. | ||||
| CVE-2005-0621 | 1 Enlight Software | 1 Scrapland | 2026-04-16 | N/A |
| Scrapland 1.0 and earlier allows remote attackers to cause a denial of service (server termination) by triggering an error, which is treated as a fatal error by the server, as demonstrated using (1) signed integers for size values, (2) an invalid model, (3) a "newpos" value that is less than or equal to a size value, or (4) partial packets. | ||||
| CVE-2003-0796 | 1 Sgi | 1 Irix | 2026-04-16 | N/A |
| Unknown vulnerability in rpc.mountd SGI IRIX 6.5.18 through 6.5.22 allows remote attackers to mount from unprivileged ports even with the -n option disabled. | ||||
| CVE-2005-0622 | 1 Raidenhttpd | 1 Raidenhttpd | 2026-04-16 | N/A |
| RaidenHTTPD 1.1.32, and possibly other versions before 1.1.34, allows remote attackers to view the PHP source code via an HTTP GET request for a filename with a trailing (1) . (dot) or (2) space. | ||||