Export limit exceeded: 45835 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 29913 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29913 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-0480 | 1 Trackercam | 1 Trackercam | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in TrackerCam 5.12 and earlier allows remote attackers to inject arbitrary HTML or web script via the login request, which is recorded in a log file but not properly handled when the administrator views the log file. | ||||
| CVE-2002-1439 | 1 Hp | 2 Virtualvault, Vvos | 2026-04-16 | N/A |
| Unknown vulnerability related to stack corruption in the TGA daemon for HP-UX 11.04 (VVOS) Virtualvault 4.0, 4.5, and 4.6 may allow attackers to obtain access to system files. | ||||
| CVE-2002-1440 | 1 Gateway | 1 Gs-400 | 2026-04-16 | N/A |
| The Gateway GS-400 server has a default root password of "0001n" that can not be changed via the administrative interface, which can allow attackers to gain root privileges. | ||||
| CVE-2005-2996 | 1 Symantec Veritas | 2 Storage Exec, Storagecentral | 2026-04-16 | N/A |
| Multiple heap-based and stack-based buffer overflows in certain DCOM server components in VERITAS Storage Exec Storage Exec 5.3 before Hotfix 9 and StorageCentral 5.2 before Hot Fix 2 allow remote attackers to execute arbitrary code via certain ActiveX controls. | ||||
| CVE-2005-3001 | 1 Sun | 1 Solaris | 2026-04-16 | N/A |
| Unspecified vulnerability in the "tl" driver in Solaris 10 allows local users to cause a denial of service (panic) via unknown vectors. | ||||
| CVE-2005-3004 | 1 Interakt | 1 Mx Shop | 2026-04-16 | N/A |
| SQL injection vulnerability in Interakt MX Shop 3.2.0 allows remote attackers to execute arbitrary SQL commands via the (1) idp, (2) id_ctg, or (3) id_prd parameters to the pages module in index.php. | ||||
| CVE-2006-0383 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| IPSec when used with VPN networks in Mac OS X 10.4 through 10.4.5 allows remote attackers to cause a denial of service (application crash) via unspecified vectors involving the "incorrect handling of error conditions". | ||||
| CVE-2006-2634 | 1 Neocrome | 1 Seditio | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Neocrome Land Down Under (LDU) in Neocrome Seditio 102 allows remote attackers to inject arbitrary web script or HTML via an HTTP Referer field. | ||||
| CVE-2006-0387 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| Stack-based buffer overflow in Safari in Mac OS X 10.4.5 and earlier, and 10.3.9 and earlier, allows remote attackers to execute arbitrary code via unspecified vectors involving a web page with crafted JavaScript, a different vulnerability than CVE-2005-4504. | ||||
| CVE-2006-0389 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Syndication (Safari RSS) in Mac OS X 10.4 through 10.4.5 allows remote attackers to execute arbitrary JavaScript via unspecified vectors involving RSS feeds. | ||||
| CVE-2005-3933 | 1 88script | 1 88script Event Calendar | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php in 88Script's Event Calendar 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the m parameter. | ||||
| CVE-2006-0778 | 1 Xmb Forum | 1 Xmb | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in XMB Forums 1.9.3 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) $u2u_select array parameter to u2u.inc.php and (2) $val variable (fidpw0 cookie value) in today.php. | ||||
| CVE-2006-0780 | 1 Perlblog | 1 Perlblog | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in weblog.pl in PerlBlog 1.09b and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) name and (2) email parameters. | ||||
| CVE-2006-0781 | 1 Perlblog | 1 Perlblog | 2026-04-16 | N/A |
| Directory traversal vulnerability in weblog.pl in PerlBlog 1.09b and earlier allows remote attackers to read certain files via the month parameter. | ||||
| CVE-2005-3995 | 1 Sobexsrv | 1 Sobexsrv | 2026-04-16 | N/A |
| Format string vulnerability in the dosyslog function in the OBEX server (obexsrv.c) for Sobexsrv before 1.0.0-pre4, when the syslog (-S) function is enabled, allows remote attackers to execute arbitrary code via format string specifiers in file name arguments to OBEX commands. | ||||
| CVE-2006-0782 | 1 Perlblog | 1 Perlblog | 2026-04-16 | N/A |
| Unspecified vulnerability in weblog.pl in PerlBlog 1.09b and earlier allows remote attackers to create arbitrary files and possibly execute arbitrary code via unspecified attack vectors related to improper handling of (1) the reply parameter, possibly involving injection of (2) the name parameter and (3) the body parameter. | ||||
| CVE-2006-2642 | 1 Php-residence | 1 Php-residence | 2026-04-16 | N/A |
| ** UNVERIFIABLE ** NOTE: this issue does not contain any verifiable or actionable details. Cross-site scripting (XSS) vulnerability in Marco M. F. De Santis Php-residence 0.6 and earlier allows remote attackers to inject arbitrary web script or HTML via "any of its input." NOTE: the original disclosure is based on vague researcher claims without vendor acknowledgement; therefore this identifier cannot be linked with any future identifier that identifies more specific vectors. Perhaps this should not be included in CVE. | ||||
| CVE-2006-0775 | 1 Ridder Roeland | 1 Birthsys | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in show.php in BirthSys 3.1 allow remote attackers to execute arbitrary SQL commands via the $month variable. NOTE: a vector regarding the $date parameter and data.php (date.php) was originally reported, but this appears to be in error. | ||||
| CVE-2005-4004 | 1 Infinetsoftware | 1 Mytemplatesite | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in search.asp in MyTemplateSite 1.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the q parameter. | ||||
| CVE-2006-2647 | 1 Ibm | 1 Aix | 2026-04-16 | N/A |
| Untrusted search path vulnerability in update_flash for IBM AIX 5.1, 5.2 and 5.3 allows local users to execute arbitrary commands via unknown vectors involving lsmcode and possibly other commands. | ||||