Search Results (361066 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-2421 1 Beehive Forum 1 Beehive Forum 2026-04-16 N/A
Multiple SQL injection vulnerabilities in index.php and other pages in Beehive Forum allow remote attackers to execute arbitrary SQL commands via the webtag parameter.
CVE-2004-2446 1 1st Class Internet Solutions 1 1st Class Mail Server 2026-04-16 N/A
Directory traversal vulnerability in 1st Class Mail Server 4.01 allows remote attackers to read arbitrary files via a ".." (dot dot) sequences in unknown vectors.
CVE-2005-2422 1 Beehive Forum 1 Beehive Forum 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in index.php in Beehive Forum allows remote attackers to inject arbitrary web script or HTML via the webtag parameter.
CVE-2004-0975 4 Gentoo, Mandrakesoft, Openssl and 1 more 6 Linux, Mandrake Linux, Mandrake Linux Corporate Server and 3 more 2026-04-16 N/A
The der_chop script in the openssl package in Trustix Secure Linux 1.5 through 2.1 and other operating systems allows local users to overwrite files via a symlink attack on temporary files.
CVE-2004-0976 2 Larry Wall, Redhat 2 Perl, Enterprise Linux 2026-04-16 N/A
Multiple scripts in the perl package in Trustix Secure Linux 1.5 through 2.1 and other operating systems allows local users to overwrite files via a symlink attack on temporary files.
CVE-2005-1470 2 Ethereal Group, Redhat 2 Ethereal, Enterprise Linux 2026-04-16 N/A
Multiple unknown vulnerabilities in the (1) TZSP, (2) MGCP, (3) ISUP, (4) SMB, or (5) Bittorrent dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (segmentation fault) via unknown vectors.
CVE-2003-1297 1 Efs Software 1 Efs Web Server 2026-04-16 N/A
Easy File Sharing (EFS) Web Server 1.2 stores the (1) option.ini (aka options.ini) file and (2) log directory under the web root with insufficient access control, which allows remote attackers to obtain sensitive information including an SMTP account username and password hash, the server configuration, and server log files.
CVE-2005-1473 1 Apple 1 Mac Os X 2026-04-16 N/A
SecurityAgent in Apple Mac OS X 10.4.1 allows attackers with physical access to bypass the locked screensaver and launch background applications by opening a URL from a text input field.
CVE-2005-1479 1 Jgs-xa 1 Jgs-portal 2026-04-16 N/A
SQL injection vulnerability in jgs_portal.php in JGS-Portal 3.0.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2005-2423 1 Beehive Forum 1 Beehive Forum 2026-04-16 N/A
Beehive Forum allows remote attackers to obtain sensitive information via (1) an invalid final_uri or sort_by parameter to index.php or a direct request to (2) admin.php, (3) attachments.inc.php, (4) banned.inc.php, (5) beehive.inc.php, (6) constants.inc.php, (7) db.inc.php, (8) dictionary.inc.php or (9) search_index.php, which reveal the path in an error message.
CVE-2004-2453 1 Tutti Nova 1 Tutti Nova 2026-04-16 N/A
Unknown vulnerability in Tutti Nova 0.10 through 0.12 (Beta) and 0.9.4, when register_globals is enabled, has unknown impact and attack vectors.
CVE-2003-1306 1 Microsoft 1 Urlscan 2026-04-16 N/A
Microsoft URLScan 2.5, with the RemoveServerHeader option enabled, allows remote attackers to obtain sensitive information (server name and version) via an HTTP request that generates certain errors such as 400 "Bad Request," which leak the Server header in the response.
CVE-2004-0980 3 Angus Mackay, Debian, Gentoo 3 Ez-ipupdate, Debian Linux, Linux 2026-04-16 N/A
Format string vulnerability in ez-ipupdate.c for ez-ipupdate 3.0.10 through 3.0.11b8, when running in daemon mode with certain service types in use, allows remote servers to execute arbitrary code.
CVE-2004-0981 5 Debian, Gentoo, Imagemagick and 2 more 5 Debian Linux, Linux, Imagemagick and 2 more 2026-04-16 N/A
Buffer overflow in the EXIF parsing routine in ImageMagick before 6.1.0 allows remote attackers to execute arbitrary code via a certain image file.
CVE-2004-0984 1 Gnu 1 Mailutils 2026-04-16 N/A
Unknown vulnerability in the dotlock implementation in mailutils before 1:0.5-4 on Debian GNU/Linux allows attackers to gain privileges.
CVE-2005-2425 1 Ares 1 Fileshare 2026-04-16 N/A
Stack-based buffer overflow in Ares FileShare 1.1 allows remote attackers or local users to execute arbitrary code via a (1) long history parameter in the configuration file (ares.conf) or (2) long search string.
CVE-2004-0985 1 Microsoft 1 Ie 2026-04-16 N/A
Internet Explorer 6.x on Windows XP SP2 allows remote attackers to execute arbitrary code, as demonstrated using a document with a draggable file type such as .xml, .doc, .py, .cdf, .css, .pdf, or .ppt, and using ADODB.Connection and ADODB.recordset to write to a .hta file that is interpreted in the Local Zone by HTML Help.
CVE-2005-1487 1 Fishnet 1 Fishcart 2026-04-16 N/A
Multiple SQL injection vulnerabilities in FishCart 3.1 allow remote attackers to execute arbitrary SQL commands via the (1) cartid parameter to upstnt.php or (2) psku parameter to display.php. NOTE: the vendor disputes this report, saying that they are forced SQL errors. The original researcher is known to be unreliable
CVE-2004-0988 1 Apple 1 Quicktime 2026-04-16 N/A
Integer overflow on Apple QuickTime before 6.5.2, when running on Windows systems, allows remote attackers to cause a denial of service (memory consumption) via certain inputs that cause a large memory operation.
CVE-2005-1491 2 Icewarp, Merak 2 Web Mail, Mail Server 2026-04-16 N/A
Merak Mail Server 8.0.3 with Icewarp Web Mail 5.4.2 allows remote authenticated users to (1) move their home directory via viewaction.html or (2) move arbitrary files via the importfile parameter to importaction.html.