Export limit exceeded: 362537 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 20043 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 362537 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (362537 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-0938 1 Cisco 1 Secure Access Control Server 2026-04-16 N/A
Cross-site scripting vulnerability in CiscoSecure ACS 3.0 allows remote attackers to execute arbitrary script or HTML as other web users via the action argument in a link to setup.exe.
CVE-2003-0280 1 Youngzsoft 1 Cmailserver 2026-04-16 N/A
Multiple buffer overflows in the SMTP Service for ESMTP CMailServer 4.0.2003.03.27 allow remote attackers to execute arbitrary code via long (1) MAIL FROM or (2) RCPT TO commands.
CVE-2005-0385 1 Frank Mcingvale 1 Luxman 2026-04-16 N/A
Buffer overflow in luxman before 0.41, if used with certain insecure svgalib libraries, allows local users to execute arbitrary code via a long -f command line argument.
CVE-2003-0282 3 Info-zip, Redhat, Sco 5 Unzip, Enterprise Linux, Linux and 2 more 2026-04-16 N/A
Directory traversal vulnerability in UnZip 5.50 allows attackers to overwrite arbitrary files via invalid characters between two . (dot) characters, which are filtered and result in a ".." sequence.
CVE-2002-0946 1 Seanox 1 Devwex 2026-04-16 N/A
Directory traversal vulnerability in SeaNox Devwex before 1.2002.0601 allows remote attackers to read arbitrary files via ..\ (dot dot) sequences in an HTTP request.
CVE-2003-0283 1 Phorum 1 Phorum 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Phorum before 3.4.3 allows remote attackers to inject arbitrary web script and HTML tags via a message with a "<<" before a tag name in the (1) subject, (2) author's name, or (3) author's e-mail.
CVE-2003-0284 1 Adobe 1 Acrobat 2026-04-16 N/A
Adobe Acrobat 5 does not properly validate JavaScript in PDF files, which allows remote attackers to write arbitrary files into the Plug-ins folder that spread to other PDF documents, as demonstrated by the W32.Yourde virus.
CVE-2003-0287 1 Six Apart 1 Movable Type 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Movable Type before 2.6, and possibly other versions including 2.63, allows remote attackers to insert arbitrary web script or HTML via the Name textbox, possibly when the "Allow HTML in comments?" option is enabled.
CVE-2005-0396 2 Kde, Redhat 3 Dcopserver, Desktop Communication Protocol Daemon, Enterprise Linux 2026-04-16 N/A
Desktop Communication Protocol (DCOP) daemon, aka dcopserver, in KDE before 3.4 allows local users to cause a denial of service (dcopserver consumption) by "stalling the DCOP authentication process."
CVE-2003-0289 1 Cdrtools 1 Cdrecord 2026-04-16 N/A
Format string vulnerability in scsiopen.c of the cdrecord program in cdrtools 2.0 allows local users to gain privileges via format string specifiers in the dev parameter.
CVE-2003-0292 1 Inktomi 1 Inktomi Traffic-server 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Inktomi Traffic-Server 5.5.1 allows remote attackers to insert arbitrary web script or HTML into an error page that appears to come from the domain that the client is visiting, aka "Man-in-the-Middle" XSS.
CVE-2003-0294 1 Php-proxima 1 Php-proxima 2026-04-16 N/A
autohtml.php in php-proxima 6.0 and earlier allows remote attackers to read arbitrary files via the name parameter in a modload operation.
CVE-2005-0397 2 Imagemagick, Redhat 2 Imagemagick, Enterprise Linux 2026-04-16 N/A
Format string vulnerability in the SetImageInfo function in image.c for ImageMagick before 6.0.2.5 may allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in a filename argument to convert, which may be called by other web applications.
CVE-2003-0296 1 Ximian 1 Evolution 2026-04-16 N/A
The IMAP Client for Evolution 1.2.4 allows remote malicious IMAP servers to cause a denial of service and possibly execute arbitrary code via certain large literal size values that cause either integer signedness errors or integer overflow errors.
CVE-2005-0398 6 Altlinux, Ipsec-tools, Kame and 3 more 7 Alt Linux, Ipsec-tools, Racoon and 4 more 2026-04-16 N/A
The KAME racoon daemon in ipsec-tools before 0.5 allows remote attackers to cause a denial of service (crash) via malformed ISAKMP packets.
CVE-2005-0400 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-16 N/A
The ext2_make_empty function call in the Linux kernel before 2.6.11.6 does not properly initialize memory when creating a block for a new directory entry, which allows local users to obtain potentially sensitive information by reading the block.
CVE-2002-0978 1 Microsoft 1 File Transfer Manager 2026-04-16 N/A
Microsoft File Transfer Manager (FTM) ActiveX control before 4.0 allows remote attackers to upload or download arbitrary files to arbitrary locations via a man-in-the-middle attack with modified TGT and TGN parameters in a call to the "Persist" function.
CVE-2003-0300 8 Microsoft, Mozilla, Mutt and 5 more 8 Outlook Express, Mozilla, Mutt and 5 more 2026-04-16 N/A
The IMAP Client for Sylpheed 0.8.11 allows remote malicious IMAP servers to cause a denial of service (crash) via certain large literal size values that cause either integer signedness errors or integer overflow errors.
CVE-2003-0303 1 Oneorzero 1 Oneorzero Helpdesk 2026-04-16 N/A
SQL injection vulnerability in one||zero (aka One or Zero) Helpdesk 1.4 rc4 allows remote attackers to modify arbitrary ticket number descriptions via the sg parameter.
CVE-2003-0304 1 Oneorzero 1 Oneorzero Helpdesk 2026-04-16 N/A
one||zero (aka One or Zero) Helpdesk 1.4 rc4 allows remote attackers to create administrator accounts by directly calling the install.php Helpdesk Installation script.