Export limit exceeded: 29917 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29917 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-2101 | 1 Kde | 1 Kde | 2026-04-16 | N/A |
| langen2kvtml in KDE 3.0 to 3.4.2 creates insecure temporary files in /tmp with predictable names, which allows local users to overwrite arbitrary files. | ||||
| CVE-2005-3837 | 1 Scssboard | 1 Scssboard | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the search module in sCssBoard 1.2 and 1.12, and earlier versions, allows remote attackers to inject arbitrary web script or HTML via the search_term parameter. | ||||
| CVE-2002-1736 | 1 Markus Triska | 1 Cginews | 2026-04-16 | N/A |
| Unknown vulnerability in CGINews before 1.06 allow remote attackers to read arbitrary files via "unfiltered user input." | ||||
| CVE-2005-2126 | 1 Microsoft | 4 Ie, Windows 2000, Windows 2003 Server and 1 more | 2026-04-16 | N/A |
| The FTP client in Windows XP SP1 and Server 2003, and Internet Explorer 6 SP1 on Windows 2000 SP4, when "Enable Folder View for FTP Sites" is enabled and the user manually initiates a file transfer, allows user-assisted, remote FTP servers to overwrite files in arbitrary locations via crafted filenames. | ||||
| CVE-2002-1738 | 1 Alt-n | 1 Mdaemon | 2026-04-16 | N/A |
| Alt-N Technologies MDaemon 5.0.5.0 and earlier creates a default MDaemon mail account with a password of MServer, which could allow remote attackers to send anonymous email. | ||||
| CVE-2005-2149 | 1 The Cacti Group | 1 Cacti | 2026-04-16 | N/A |
| config.php in Cacti 0.8.6e and earlier allows remote attackers to set the no_http_headers switch, then modify session information to gain privileges and disable the use of addslashes to conduct SQL injection attacks. | ||||
| CVE-2000-0404 | 1 Microsoft | 5 Terminal Server, Windows 2000, Windows 95 and 2 more | 2026-04-16 | N/A |
| The CIFS Computer Browser service allows remote attackers to cause a denial of service by sending a ResetBrowser frame to the Master Browser, aka the "ResetBrowser Frame" vulnerability. | ||||
| CVE-2005-3839 | 1 Supportpro | 1 Supportdesk | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in SupportPRO Supportdesk allows remote attackers to inject arbitrary web script or HTML via the (1) post tickers and (2) view tickets options. | ||||
| CVE-2000-0416 | 1 Microsoft | 1 Windows 2000 | 2026-04-16 | N/A |
| NTMail 5.x allows network users to bypass the NTMail proxy restrictions by redirecting their requests to NTMail's web configuration server. | ||||
| CVE-2005-2170 | 1 Ibm | 1 Tivoli Management Framework | 2026-04-16 | N/A |
| The LCF component (lcfd) in IBM Tivoli Management Framework Endpoint allows remote attackers to cause a denial of service (process exit and connection loss) by connecting to LCF and ending the connection without sending any data. | ||||
| CVE-2005-2179 | 1 Jaws | 1 Jaws | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in BlogModel.php in Jaws 0.5.2 and earlier allows remote attackers to execute arbitrary PHP code via the path parameter. | ||||
| CVE-2004-1448 | 1 Jetbox | 1 Jetbox One Cms | 2026-04-16 | N/A |
| Jetbox One 2.0.8 and possibly other versions allow remote attackers with Author privileges in the IMAGES module to upload PHP files and execute arbitrary code. | ||||
| CVE-2005-3401 | 1 Thehacker | 1 Thehacker | 2026-04-16 | N/A |
| Multiple interpretation error in TheHacker 5.8.4.128 allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a dangerous file type by applications on the end system, as demonstrated by a "triple headed" program that contains EXE, EML, and HTML content, aka the "magic byte bug." | ||||
| CVE-2005-2191 | 1 Comersus Open Technologies | 1 Comersus Cart | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Comersus shopping cart allow remote attackers to inject arbitrary web script or HTML via the (1) name parameter to comersus_backoffice_listAssignedPricesToCustomer.asp or (2) message parameter to comersus_backoffice_message.asp. | ||||
| CVE-2005-2197 | 1 Id Board | 1 Id Board | 2026-04-16 | N/A |
| SQL injection vulnerability in sql.cls.php in Id Board 1.1.3 allows remote attackers to modify SQL queries, as demonstrated using the f parameter to index.php. | ||||
| CVE-2005-2198 | 1 Spid | 1 Spid | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in lang.php in SPiD before 1.3.1 allows remote attackers to execute arbitrary code via the lang_path parameter. | ||||
| CVE-2002-1755 | 1 Tinc | 1 Tinc | 2026-04-16 | N/A |
| tinc 1.0pre3 and 1.0pre4 VPN does not authenticate forwarded packets, which allows remote attackers to inject data into user sessions without detection, and possibly control the data contents via cut-and-paste attacks on CBC. | ||||
| CVE-2005-3405 | 1 Adaptive Technology Resource Centre | 1 Atutor | 2026-04-16 | N/A |
| ATutor 1.4.1 through 1.5.1-pl1 allows remote attackers to execute arbitrary PHP functions via a direct request to forum.inc.php with a modified addslashes parameter with either the (1) asc or (2) desc parameters set, possibly due to an eval injection vulnerability. | ||||
| CVE-2005-3413 | 1 Eyeos Project | 1 Eyeos | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in desktop.php in eyeOS 0.8.4 allows remote attackers to inject arbitrary web script or HTML via the motd parameter. | ||||
| CVE-2005-2264 | 2 Mozilla, Redhat | 2 Firefox, Enterprise Linux | 2026-04-16 | N/A |
| Firefox before 1.0.5 allows remote attackers to steal sensitive information by opening a malicious link in the Firefox sidebar using the _search target, then injecting script into other pages via a data: URL. | ||||