Export limit exceeded: 362537 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 20043 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 362537 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (362537 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-0938 | 1 Cisco | 1 Secure Access Control Server | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in CiscoSecure ACS 3.0 allows remote attackers to execute arbitrary script or HTML as other web users via the action argument in a link to setup.exe. | ||||
| CVE-2003-0280 | 1 Youngzsoft | 1 Cmailserver | 2026-04-16 | N/A |
| Multiple buffer overflows in the SMTP Service for ESMTP CMailServer 4.0.2003.03.27 allow remote attackers to execute arbitrary code via long (1) MAIL FROM or (2) RCPT TO commands. | ||||
| CVE-2005-0385 | 1 Frank Mcingvale | 1 Luxman | 2026-04-16 | N/A |
| Buffer overflow in luxman before 0.41, if used with certain insecure svgalib libraries, allows local users to execute arbitrary code via a long -f command line argument. | ||||
| CVE-2003-0282 | 3 Info-zip, Redhat, Sco | 5 Unzip, Enterprise Linux, Linux and 2 more | 2026-04-16 | N/A |
| Directory traversal vulnerability in UnZip 5.50 allows attackers to overwrite arbitrary files via invalid characters between two . (dot) characters, which are filtered and result in a ".." sequence. | ||||
| CVE-2002-0946 | 1 Seanox | 1 Devwex | 2026-04-16 | N/A |
| Directory traversal vulnerability in SeaNox Devwex before 1.2002.0601 allows remote attackers to read arbitrary files via ..\ (dot dot) sequences in an HTTP request. | ||||
| CVE-2003-0283 | 1 Phorum | 1 Phorum | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Phorum before 3.4.3 allows remote attackers to inject arbitrary web script and HTML tags via a message with a "<<" before a tag name in the (1) subject, (2) author's name, or (3) author's e-mail. | ||||
| CVE-2003-0284 | 1 Adobe | 1 Acrobat | 2026-04-16 | N/A |
| Adobe Acrobat 5 does not properly validate JavaScript in PDF files, which allows remote attackers to write arbitrary files into the Plug-ins folder that spread to other PDF documents, as demonstrated by the W32.Yourde virus. | ||||
| CVE-2003-0287 | 1 Six Apart | 1 Movable Type | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Movable Type before 2.6, and possibly other versions including 2.63, allows remote attackers to insert arbitrary web script or HTML via the Name textbox, possibly when the "Allow HTML in comments?" option is enabled. | ||||
| CVE-2005-0396 | 2 Kde, Redhat | 3 Dcopserver, Desktop Communication Protocol Daemon, Enterprise Linux | 2026-04-16 | N/A |
| Desktop Communication Protocol (DCOP) daemon, aka dcopserver, in KDE before 3.4 allows local users to cause a denial of service (dcopserver consumption) by "stalling the DCOP authentication process." | ||||
| CVE-2003-0289 | 1 Cdrtools | 1 Cdrecord | 2026-04-16 | N/A |
| Format string vulnerability in scsiopen.c of the cdrecord program in cdrtools 2.0 allows local users to gain privileges via format string specifiers in the dev parameter. | ||||
| CVE-2003-0292 | 1 Inktomi | 1 Inktomi Traffic-server | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Inktomi Traffic-Server 5.5.1 allows remote attackers to insert arbitrary web script or HTML into an error page that appears to come from the domain that the client is visiting, aka "Man-in-the-Middle" XSS. | ||||
| CVE-2003-0294 | 1 Php-proxima | 1 Php-proxima | 2026-04-16 | N/A |
| autohtml.php in php-proxima 6.0 and earlier allows remote attackers to read arbitrary files via the name parameter in a modload operation. | ||||
| CVE-2005-0397 | 2 Imagemagick, Redhat | 2 Imagemagick, Enterprise Linux | 2026-04-16 | N/A |
| Format string vulnerability in the SetImageInfo function in image.c for ImageMagick before 6.0.2.5 may allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in a filename argument to convert, which may be called by other web applications. | ||||
| CVE-2003-0296 | 1 Ximian | 1 Evolution | 2026-04-16 | N/A |
| The IMAP Client for Evolution 1.2.4 allows remote malicious IMAP servers to cause a denial of service and possibly execute arbitrary code via certain large literal size values that cause either integer signedness errors or integer overflow errors. | ||||
| CVE-2005-0398 | 6 Altlinux, Ipsec-tools, Kame and 3 more | 7 Alt Linux, Ipsec-tools, Racoon and 4 more | 2026-04-16 | N/A |
| The KAME racoon daemon in ipsec-tools before 0.5 allows remote attackers to cause a denial of service (crash) via malformed ISAKMP packets. | ||||
| CVE-2005-0400 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2026-04-16 | N/A |
| The ext2_make_empty function call in the Linux kernel before 2.6.11.6 does not properly initialize memory when creating a block for a new directory entry, which allows local users to obtain potentially sensitive information by reading the block. | ||||
| CVE-2002-0978 | 1 Microsoft | 1 File Transfer Manager | 2026-04-16 | N/A |
| Microsoft File Transfer Manager (FTM) ActiveX control before 4.0 allows remote attackers to upload or download arbitrary files to arbitrary locations via a man-in-the-middle attack with modified TGT and TGN parameters in a call to the "Persist" function. | ||||
| CVE-2003-0300 | 8 Microsoft, Mozilla, Mutt and 5 more | 8 Outlook Express, Mozilla, Mutt and 5 more | 2026-04-16 | N/A |
| The IMAP Client for Sylpheed 0.8.11 allows remote malicious IMAP servers to cause a denial of service (crash) via certain large literal size values that cause either integer signedness errors or integer overflow errors. | ||||
| CVE-2003-0303 | 1 Oneorzero | 1 Oneorzero Helpdesk | 2026-04-16 | N/A |
| SQL injection vulnerability in one||zero (aka One or Zero) Helpdesk 1.4 rc4 allows remote attackers to modify arbitrary ticket number descriptions via the sg parameter. | ||||
| CVE-2003-0304 | 1 Oneorzero | 1 Oneorzero Helpdesk | 2026-04-16 | N/A |
| one||zero (aka One or Zero) Helpdesk 1.4 rc4 allows remote attackers to create administrator accounts by directly calling the install.php Helpdesk Installation script. | ||||