Export limit exceeded: 361712 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29946 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-1106 1 Cisco 1 Vpn Client 2026-04-16 N/A
Cisco Virtual Private Network (VPN) Client software 2.x.x, and 3.x before 3.5.1C, does not properly verify that certificate DN fields match those of the certificate from the VPN Concentrator, which allows remote attackers to conduct man-in-the-middle attacks.
CVE-2002-1115 1 Mantis 1 Mantis 2026-04-16 N/A
Mantis 0.17.4a and earlier allows remote attackers to view private bugs by modifying the f_id bug ID parameter to (1) bug_update_advanced_page.php, (2) bug_update_page.php, (3) view_bug_advanced_page.php, or (4) view_bug_page.php.
CVE-1999-0375 1 Network Flight Recorder 1 Network Flight Recorder 2026-04-16 N/A
Buffer overflow in webd in Network Flight Recorder (NFR) 2.0.2-Research allows remote attackers to execute commands.
CVE-2001-0397 1 Silent Runner 1 Silent Runner Collector Src 2026-04-16 N/A
Buffer overflow in Silent Runner Collector (SRC) 1.6.1 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long SMTP HELO command.
CVE-2005-1395 1 Swlink 1 Ce Ceterm 2026-04-16 N/A
Buffer overflow in Ce/Ceterm (aka ARPUS/Ce) 2.5.4 and earlier may allow local users to gain privileges via a long (1) XAPPLRESLANGPATH or (2) XAPPLRESDIR environment variable, or (3) command line argument.
CVE-2006-3723 1 Oracle 1 Peoplesoft Enterprise 2026-04-16 N/A
Unspecified vulnerability in PeopleSoft Enterprise Portal for Oracle PeopleSoft Enterprise Portal 8.8 with Enforcer Portal Pack Bundle #10 and 8.9 Bundle #3 has unknown impact and attack vectors, aka Oracle Vuln# PSE02.
CVE-2002-1118 1 Oracle 2 Oracle8i, Oracle9i 2026-04-16 N/A
TNS Listener in Oracle Net Services for Oracle 9i 9.2.x and 9.0.x, and Oracle 8i 8.1.x, allows remote attackers to cause a denial of service (hang or crash) via a SERVICE_CURLOAD command.
CVE-2001-0400 1 Matt Tourtillott 1 Nph-maillist 2026-04-16 N/A
nph-maillist.pl allows remote attackers to execute arbitrary commands via shell metacharacters ("`") in the email address.
CVE-2005-1404 1 Myphp Forum 1 Myphp Forum 2026-04-16 N/A
MyPHP Forum 1.0 allows remote attackers to spoof the username by modifying the (1) nbuser parameter to post.php or (2) sender parameter to privmsg.php.
CVE-1999-0417 1 Sun 1 Sunos 2026-04-16 N/A
64 bit Solaris 7 procfs allows local users to perform a denial of service.
CVE-2001-1295 1 Grant Averett 1 Cerberus Ftp Server 2026-04-16 N/A
Directory traversal vulnerability in Cerberus FTP Server 1.5 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the CD command.
CVE-2002-1271 1 Perl-mailtools 1 Perl-mailtools 2026-04-16 N/A
The Mail::Mailer Perl module in the perl-MailTools package 1.47 and earlier uses mailx as the default mailer, which allows remote attackers to execute arbitrary commands by inserting them into the mail body, which is then processed by mailx.
CVE-2002-1279 1 Masqmail 1 Masqmail 2026-04-16 N/A
Multiple buffer overflows in conf.c for Masqmail 0.1.x before 0.1.17, and 0.2.x before 0.2.15, allow local users to gain privileges via certain entries in the configuration file (-C option).
CVE-2005-0532 1 Linux 1 Linux Kernel 2026-04-16 N/A
The reiserfs_copy_from_user_to_file_region function in reiserfs/file.c for Linux kernel 2.6.10 and 2.6.11 before 2.6.11-rc4, when running on 64-bit architectures, may allow local users to trigger a buffer overflow as a result of casting discrepancies between size_t and int data types.
CVE-2005-0565 1 Phpwebsite 1 Phpwebsite 2026-04-16 N/A
The Announce module in phpWebSite 0.10.0 and earlier allows remote attackers to execute arbitrary PHP code by setting the Image field to reference a PHP file whose name contains a .gif.php extension.
CVE-2002-1476 1 Netbsd 1 Netbsd 2026-04-16 N/A
Buffer overflow in setlocale in libc on NetBSD 1.4.x through 1.6, and possibly other operating systems, when called with the LC_ALL category, allows local attackers to execute arbitrary code via a user-controlled locale string that has more than 6 elements, which exceeds the boundaries of the new_categories category array, as exploitable through programs such as xterm and zsh.
CVE-2002-1152 2 Kde, Redhat 2 Kde, Linux 2026-04-16 N/A
Konqueror in KDE 3.0 through 3.0.2 does not properly detect the "secure" flag in an HTTP cookie, which could cause Konqueror to send the cookie across an unencrypted channel, which could allow remote attackers to steal the cookie via sniffing.
CVE-2005-0571 1 Punbb 1 Punbb 2026-04-16 N/A
admin_loader.php in PunBB 1.2.1 allows remote attackers to read arbitrary files via the plugin parameter.
CVE-2005-3547 1 Invision Power Services 1 Invision Board 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Invision Power Board 2.1 allows remote attackers to inject arbitrary web script or HTML via the (1) adsess, (2) name, and (3) description parameters in admin.php, and the (4) ACP Notes, (5) Member Name, (6) Password, (7) Email Address, (8) Components, and multiple other input fields.
CVE-2002-1383 3 Apple, Easy Software Products, Redhat 3 Mac Os X, Cups, Linux 2026-04-16 N/A
Multiple integer overflows in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allow remote attackers to execute arbitrary code via (1) the CUPSd HTTP interface, as demonstrated by vanilla-coke, and (2) the image handling code in CUPS filters, as demonstrated by mksun.