Export limit exceeded: 365164 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 29946 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29946 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-3585 | 1 Phpwebthings | 1 Phpwebthings | 2026-04-16 | N/A |
| SQL injection vulnerability in forum.php in PhpWebThings 1.4.4 allows remote attackers to execute arbitrary SQL commands via the forum parameter. | ||||
| CVE-2002-0523 | 1 Asp-nuke | 1 Asp-nuke | 2026-04-16 | N/A |
| ASP-Nuke RC2 and earlier allows remote attackers to list all logged-in users by submitting an invalid "pseudo" cookie. | ||||
| CVE-2002-1419 | 1 Sgi | 1 Irix | 2026-04-16 | N/A |
| The upgrade of IRIX on Origin 3000 to 6.5.13 through 6.5.16 changes the MAC address of the system, which could modify intended access restrictions that are based on a MAC address. | ||||
| CVE-2005-0294 | 1 Minis | 1 Minis | 2026-04-16 | N/A |
| minis.php in Minis 0.2.1 allows remote attackers to cause a denial of service (infinite loop) via an HTTP request for a file that the web server does not have permission to read, as demonstrated using the month parameter. | ||||
| CVE-2005-0300 | 1 Jsboard | 1 Jsboard | 2026-04-16 | N/A |
| Directory traversal vulnerability in session.php in JSBoard 2.0.9 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the table parameter. | ||||
| CVE-2002-0528 | 1 Watchguard | 1 Soho Firewall | 2026-04-16 | N/A |
| Watchguard SOHO firewall 5.0.35 unpredictably disables certain IP restrictions for customized services that were set before the administrator upgrades to 5.0.35, which could allow remote attackers to bypass the intended access control rules. | ||||
| CVE-2005-2939 | 1 Vmware | 1 Workstation | 2026-04-16 | N/A |
| Unquoted Windows search path vulnerability in VMWare Workstation 5.0.0 build-13124 might allow local users to gain privileges via a malicious "program.exe" file in the C: folder. | ||||
| CVE-2002-1421 | 1 Ilia Alshanetsky | 1 Fudforum | 2026-04-16 | N/A |
| SQL injection vulnerabilities in FUDforum before 2.2.0 allow remote attackers to perform unauthorized database operations via (1) report.php, (2) selmsg.php, and (3) showposts.php. | ||||
| CVE-2002-1422 | 1 Ilia Alshanetsky | 1 Fudforum | 2026-04-16 | N/A |
| admbrowse.php in FUDforum before 2.2.0 allows remote attackers to create or delete files via URL-encoded pathnames in the cur and dest parameters. | ||||
| CVE-2005-2943 | 1 Davide Libenzi | 1 Xmail | 2026-04-16 | N/A |
| Stack-based buffer overflow in sendmail in XMail before 1.22 allows remote attackers to execute arbitrary code via a long -t command line option. | ||||
| CVE-2002-2220 | 1 Chetcpasswd | 1 Chetcpasswd | 2026-04-16 | N/A |
| Buffer overflow in Pedro Lineu Orso chetcpasswd before 1.12, when configured for access from 0.0.0.0, allows local users to gain privileges via unspecified vectors. | ||||
| CVE-2002-0542 | 1 Openbsd | 1 Openbsd | 2026-04-16 | N/A |
| mail in OpenBSD 2.9 and 3.0 processes a tilde (~) escape character in a message even when it is not in interactive mode, which could allow local users to gain root privileges via calls to mail in cron. | ||||
| CVE-2002-1426 | 1 Hp | 1 Procurve Switch 4000m | 2026-04-16 | N/A |
| HP ProCurve Switch 4000M C.07.23 allows remote attackers to cause a denial of service (crash) via an SNMP write request containing 85 characters, possibly triggering a buffer overflow. | ||||
| CVE-2005-3595 | 1 Microsoft | 1 Windows Xp | 2026-04-16 | N/A |
| By default Microsoft Windows XP Home Edition installs with a blank password for the Administrator account, which allows remote attackers to gain control of the computer. | ||||
| CVE-2005-2955 | 1 Adaptive Technology Resource Centre | 1 Atutor | 2026-04-16 | N/A |
| config.inc.php in ATutor 1.5.1, and possibly earlier versions, uses an incomplete blacklist to check for dangerous file extensions, which allows authenticated administrators or educators to execute arbitrary code by uploading files with other executable extensions such as .inc, .php4, or others. | ||||
| CVE-2002-0544 | 1 Aprelium Technologies | 1 Abyss Web Server | 2026-04-16 | N/A |
| Aprelium Abyss Web Server (abyssws) before 1.0.3 stores the administrative console password in plaintext in the abyss.conf file, which allows local users with access to the file to gain privileges. | ||||
| CVE-2005-2957 | 1 Avira | 1 Desktop | 2026-04-16 | N/A |
| Stack-based buffer overflow in AVIRA Desktop for Windows 1.00.00.68 with AVPACK32.DLL 6.31.0.3, when archive scanning is enabled, allows remote attackers to execute arbitrary code via a long filename in an ACE archive. | ||||
| CVE-2002-0573 | 1 Sun | 2 Solaris, Sunos | 2026-04-16 | N/A |
| Format string vulnerability in RPC wall daemon (rpc.rwalld) for Solaris 2.5.1 through 8 allows remote attackers to execute arbitrary code via format strings in a message that is not properly provided to the syslog function when the wall command cannot be executed. | ||||
| CVE-2003-0447 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| The Custom HTTP Errors capability in Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to execute script in the Local Zone via an argument to shdocvw.dll that causes a "javascript:" link to be generated. | ||||
| CVE-2005-0411 | 1 Citrusdb | 1 Citrusdb | 2026-04-16 | N/A |
| Directory traversal vulnerability in index.php for CitrusDB 0.3.6 and earlier allows remote attackers and local users to include arbitrary PHP files via .. (dot dot) sequences in the load parameter. | ||||