Export limit exceeded: 29911 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29911 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-3572 | 1 Papoo | 1 Papoo | 2026-04-16 | N/A |
| SQL injection vulnerability in forumthread.php in Papoo 3 RC3 and earlier allows remote attackers to execute arbitrary SQL commands via the msgid parameter. | ||||
| CVE-2003-0507 | 1 Microsoft | 1 Windows 2000 | 2026-04-16 | N/A |
| Stack-based buffer overflow in Active Directory in Windows 2000 before SP4 allows remote attackers to cause a denial of service (reboot) and possibly execute arbitrary code via an LDAP version 3 search request with a large number of (1) "AND," (2) "OR," and possibly other statements, which causes LSASS.EXE to crash. | ||||
| CVE-2003-0509 | 1 Cyberstrong | 1 Eshop | 2026-04-16 | N/A |
| SQL injection vulnerability in Cyberstrong eShop 4.2 and earlier allows remote attackers to steal authentication information and gain privileges via the ProductCode parameter in (1) 10expand.asp, (2) 10browse.asp, and (3) 20review.asp. | ||||
| CVE-2003-0511 | 1 Cisco | 1 Ios | 2026-04-16 | N/A |
| The web server for Cisco Aironet AP1x00 Series Wireless devices running certain versions of IOS 12.2 allow remote attackers to cause a denial of service (reload) via a malformed URL. | ||||
| CVE-2003-0510 | 1 Ezbounce | 1 Ezbounce | 2026-04-16 | N/A |
| Format string vulnerability in ezbounce 1.0 through 1.50 allows remote attackers to execute arbitrary code via the "sessions" command. | ||||
| CVE-2003-0515 | 1 Teapop | 1 Teapop | 2026-04-16 | N/A |
| SQL injection vulnerabilities in the (1) PostgreSQL or (2) MySQL authentication modules for teapop 0.3.5 and earlier allow attackers to execute arbitrary SQL and possibly gain privileges. | ||||
| CVE-2003-0518 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| The screen saver in MacOS X allows users with physical access to cause the screen saver to crash and gain access to the underlying session via a large number of characters in the password field, possibly triggering a buffer overflow. | ||||
| CVE-2003-0516 | 1 Gert Doering | 1 Mgetty | 2026-04-16 | N/A |
| cnd.c in mgetty 1.1.28 and earlier does not properly filter non-printable characters and quotes, which may allow remote attackers to execute arbitrary commands via shell metacharacters in (1) caller ID or (2) caller name strings. | ||||
| CVE-2006-3578 | 1 Fujitsu | 1 Serverview | 2026-04-16 | N/A |
| Directory traversal vulnerability in Fujitsu ServerView 2.50 up to 3.60L98 and 4.10L11 up to 4.11L81 allows remote attackers to read arbitrary files via unspecified vectors. | ||||
| CVE-2005-0637 | 1 Openbsd | 1 Openbsd | 2026-04-16 | N/A |
| The copy functions in locore.s such as copyout in OpenBSD 3.5 and 3.6, and possibly other BSD based operating systems, may allow attackers to exceed certain address boundaries and modify kernel memory. | ||||
| CVE-2005-0638 | 4 Altlinux, Redhat, Suse and 1 more | 4 Alt Linux, Enterprise Linux, Suse Linux and 1 more | 2026-04-16 | N/A |
| xloadimage before 4.1-r2, and xli before 1.17, allows attackers to execute arbitrary commands via shell metacharacters in filenames for compressed images, which are not properly quoted when calling the gunzip command. | ||||
| CVE-2003-0537 | 1 Daiki Ueno | 1 Liece Emacs Irc Client | 2026-04-16 | N/A |
| The liece Emacs IRC client 2.0+0.20030527 and earlier creates temporary files insecurely, which could allow local users to overwrite arbitrary files as other users. | ||||
| CVE-2006-3585 | 1 Jetbox | 1 Jetbox Cms | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Jetbox CMS 2.1 SR1 allow remote attackers to inject arbitrary web script or HTML via the (1) login parameter in admin/cms/index.php, (2) unspecified parameters in the "Supply news" page in formmail.php, (3) the URL in the "Site statistics" page, and the (5) query_string parameter when performing a search. | ||||
| CVE-2005-0647 | 1 Php Arena | 1 Panews | 2026-04-16 | N/A |
| admin_setup.php in paNews 2.0.4b allows remote attackers to inject arbitrary PHP code via the (1) $form[comments] or (2) $form[autoapprove] parameters, which are written to config.php. | ||||
| CVE-2003-0559 | 1 Phpforum | 1 Phpforum | 2026-04-16 | N/A |
| mainfile.php in phpforum 2 RC-1, and possibly earlier versions, allows remote attackers to execute arbitrary PHP code by modifying the MAIN_PATH parameter to reference a URL on a remote web server that contains the code. | ||||
| CVE-2003-0558 | 1 Leapware | 1 Leapftp | 2026-04-16 | N/A |
| Buffer overflow in LeapFTP 2.7.3.600 allows remote FTP servers to execute arbitrary code via a long IP address response to a PASV request. | ||||
| CVE-2003-0555 | 1 Imagemagick | 1 Imagemagick | 2026-04-16 | N/A |
| ImageMagick 5.4.3.x and earlier allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a "%x" filename, possibly triggering a format string vulnerability. | ||||
| CVE-2005-2636 | 2 Phpadsnew, Phppgads | 2 Phpadsnew, Phppgads | 2026-04-16 | N/A |
| SQL injection vulnerability in lib-view-direct.inc.php in phpAdsNew and phpPgAds before 2.0.6 allows remote attackers to execute arbitrary SQL commands via the clientid parameter. | ||||
| CVE-2006-3586 | 1 Jetbox | 1 Jetbox Cms | 2026-04-16 | N/A |
| SQL injection vulnerability in Jetbox CMS 2.1 SR1 allows remote attackers to execute arbitrary SQL commands via the (1) frontsession COOKIE parameter and (2) view parameter in index.php, and the (3) login parameter in admin/cms/index.php. | ||||
| CVE-2003-0577 | 1 Mpg123 | 1 Mpg123 | 2026-04-16 | N/A |
| mpg123 0.59r allows remote attackers to cause a denial of service and possibly execute arbitrary code via an MP3 file with a zero bitrate, which creates a negative frame size. | ||||