Search Results (29946 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-1407 1 Skype Technologies 1 Skype 2026-04-16 N/A
Skype for Windows 1.2.0.0 to 1.2.0.46 allows local users to bypass the identity check for an authorized application, then call arbitrary Skype API functions by modifying or replacing that application.
CVE-2005-1408 1 Apple 1 Keynote 2026-04-16 N/A
Apple Keynote 2.0 and 2.0.1 allows remote attackers to read arbitrary files via the keynote: URI handler in a crafted Keynote presentation.
CVE-2002-1022 1 Working Resources Inc. 1 Badblue 2026-04-16 N/A
BadBlue server stores passwords in plaintext in the ext.ini file, which could allow local and possibly remote attackers to gain privileges.
CVE-2005-1448 1 S9y 1 Serendipity 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in the BBCode plugin for Serendipity before 0.8 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
CVE-2005-3262 1 Rarlab 1 Winrar 2026-04-16 N/A
Format string vulnerability in RARLAB WinRAR 2.90 through 3.50 allows remote attackers to execute arbitrary code via format string specifiers in a UUE/XXE file, which are not properly handled when WinRAR displays diagnostic errors related to an invalid filename.
CVE-2005-3696 1 Arki-db 1 Arki-db 2026-04-16 N/A
SQL injection vulnerability in Arki-DB 1.0 and 2.0 allows remote attackers to execute arbitrary SQL commands via the catid parameter in a view action (view.php) to index.php.
CVE-2002-1629 1 Multi-tech 1 Proxyserver 2026-04-16 N/A
Multi-Tech ProxyServer products MTPSR1-100, MTPSR1-120, MTPSR1-202ST, MTPSR2-201, and MTPSR3-200 ship with a null password, which allows remote attackers to gain administrative privileges via Telnet or HTTP.
CVE-2005-1464 2 Ethereal Group, Redhat 2 Ethereal, Enterprise Linux 2026-04-16 N/A
Multiple unknown vulnerabilities in the (1) KINK, (2) L2TP, (3) MGCP, (4) EIGRP, (5) DLSw, (6) MEGACO, (7) LMP, and (8) RSVP dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (infinite loop).
CVE-2005-3270 1 Symantec 1 Norton Antivirus 2026-04-16 N/A
Untrusted search path vulnerability in DiskMountNotify for Symantec Norton AntiVirus 9.0.3 allows local users to gain privileges by modifying the PATH to reference a malicious (1) ps or (2) grep file.
CVE-2002-1031 1 Key Focus 1 Kf Web Server 2026-04-16 N/A
KeyFocus (KF) web server 1.0.2 allows remote attackers to list directories and read restricted files via an HTTP request containing a %00 (null) character.
CVE-2002-1631 1 Oracle 1 Application Server 2026-04-16 N/A
SQL injection vulnerability in the query.xsql sample page in Oracle 9i Application Server (9iAS) allows remote attackers to execute arbitrary code via the sql parameter.
CVE-2002-1032 1 Key Focus 1 Kf Web Server 2026-04-16 N/A
Buffer overflow in KeyFocus (KF) web server 1.0.5 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed HTTP header.
CVE-2004-0042 1 Beasts 1 Vsftpd 2026-04-16 N/A
vsftpd 1.1.3 generates different error messages depending on whether or not a valid username exists, which allows remote attackers to identify valid usernames.
CVE-2002-1040 1 Ibm 1 Aix 2026-04-16 N/A
Unknown vulnerability in the WebSecure (DFSWeb) configuration utilities in AIX 4.x, possibly related to relative pathnames.
CVE-2002-1048 1 Hp 1 Jetdirect 2026-04-16 N/A
HP JetDirect printers allow remote attackers to obtain the administrative password for the (1) web and (2) telnet services via an SNMP request to the variable (.iso.3.6.1.4.1.11.2.3.9.4.2.1.3.9.1.1.0.
CVE-2004-0054 1 Cisco 1 Ios 2026-04-16 N/A
Multiple vulnerabilities in the H.323 protocol implementation for Cisco IOS 11.3T through 12.2T allow remote attackers to cause a denial of service and possibly execute arbitrary code, as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 protocol.
CVE-2005-1465 2 Ethereal Group, Redhat 2 Ethereal, Enterprise Linux 2026-04-16 N/A
Unknown vulnerability in the NCP dissector in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (long loop).
CVE-2005-1483 1 Interspire 1 Articlelive 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in ArticleLive 2005 allow remote attackers to inject arbitrary web script or HTML via the (1) Query, (2) Username, (3) LastName, (4) Biography, or (5) BlogId parameter.
CVE-2005-1499 1 Mywebland 1 Mybloggie 2026-04-16 N/A
delcomment.php in myBloggie 2.1.1 allows remote attackers to delete arbitrary comments by modifying the comment_id parameter.
CVE-2005-3708 1 Apple 1 Quicktime 2026-04-16 N/A
Integer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via crafted TGA image files.