Export limit exceeded: 365164 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 29946 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29946 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-3585 1 Phpwebthings 1 Phpwebthings 2026-04-16 N/A
SQL injection vulnerability in forum.php in PhpWebThings 1.4.4 allows remote attackers to execute arbitrary SQL commands via the forum parameter.
CVE-2002-0523 1 Asp-nuke 1 Asp-nuke 2026-04-16 N/A
ASP-Nuke RC2 and earlier allows remote attackers to list all logged-in users by submitting an invalid "pseudo" cookie.
CVE-2002-1419 1 Sgi 1 Irix 2026-04-16 N/A
The upgrade of IRIX on Origin 3000 to 6.5.13 through 6.5.16 changes the MAC address of the system, which could modify intended access restrictions that are based on a MAC address.
CVE-2005-0294 1 Minis 1 Minis 2026-04-16 N/A
minis.php in Minis 0.2.1 allows remote attackers to cause a denial of service (infinite loop) via an HTTP request for a file that the web server does not have permission to read, as demonstrated using the month parameter.
CVE-2005-0300 1 Jsboard 1 Jsboard 2026-04-16 N/A
Directory traversal vulnerability in session.php in JSBoard 2.0.9 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the table parameter.
CVE-2002-0528 1 Watchguard 1 Soho Firewall 2026-04-16 N/A
Watchguard SOHO firewall 5.0.35 unpredictably disables certain IP restrictions for customized services that were set before the administrator upgrades to 5.0.35, which could allow remote attackers to bypass the intended access control rules.
CVE-2005-2939 1 Vmware 1 Workstation 2026-04-16 N/A
Unquoted Windows search path vulnerability in VMWare Workstation 5.0.0 build-13124 might allow local users to gain privileges via a malicious "program.exe" file in the C: folder.
CVE-2002-1421 1 Ilia Alshanetsky 1 Fudforum 2026-04-16 N/A
SQL injection vulnerabilities in FUDforum before 2.2.0 allow remote attackers to perform unauthorized database operations via (1) report.php, (2) selmsg.php, and (3) showposts.php.
CVE-2002-1422 1 Ilia Alshanetsky 1 Fudforum 2026-04-16 N/A
admbrowse.php in FUDforum before 2.2.0 allows remote attackers to create or delete files via URL-encoded pathnames in the cur and dest parameters.
CVE-2005-2943 1 Davide Libenzi 1 Xmail 2026-04-16 N/A
Stack-based buffer overflow in sendmail in XMail before 1.22 allows remote attackers to execute arbitrary code via a long -t command line option.
CVE-2002-2220 1 Chetcpasswd 1 Chetcpasswd 2026-04-16 N/A
Buffer overflow in Pedro Lineu Orso chetcpasswd before 1.12, when configured for access from 0.0.0.0, allows local users to gain privileges via unspecified vectors.
CVE-2002-0542 1 Openbsd 1 Openbsd 2026-04-16 N/A
mail in OpenBSD 2.9 and 3.0 processes a tilde (~) escape character in a message even when it is not in interactive mode, which could allow local users to gain root privileges via calls to mail in cron.
CVE-2002-1426 1 Hp 1 Procurve Switch 4000m 2026-04-16 N/A
HP ProCurve Switch 4000M C.07.23 allows remote attackers to cause a denial of service (crash) via an SNMP write request containing 85 characters, possibly triggering a buffer overflow.
CVE-2005-3595 1 Microsoft 1 Windows Xp 2026-04-16 N/A
By default Microsoft Windows XP Home Edition installs with a blank password for the Administrator account, which allows remote attackers to gain control of the computer.
CVE-2005-2955 1 Adaptive Technology Resource Centre 1 Atutor 2026-04-16 N/A
config.inc.php in ATutor 1.5.1, and possibly earlier versions, uses an incomplete blacklist to check for dangerous file extensions, which allows authenticated administrators or educators to execute arbitrary code by uploading files with other executable extensions such as .inc, .php4, or others.
CVE-2002-0544 1 Aprelium Technologies 1 Abyss Web Server 2026-04-16 N/A
Aprelium Abyss Web Server (abyssws) before 1.0.3 stores the administrative console password in plaintext in the abyss.conf file, which allows local users with access to the file to gain privileges.
CVE-2005-2957 1 Avira 1 Desktop 2026-04-16 N/A
Stack-based buffer overflow in AVIRA Desktop for Windows 1.00.00.68 with AVPACK32.DLL 6.31.0.3, when archive scanning is enabled, allows remote attackers to execute arbitrary code via a long filename in an ACE archive.
CVE-2002-0573 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Format string vulnerability in RPC wall daemon (rpc.rwalld) for Solaris 2.5.1 through 8 allows remote attackers to execute arbitrary code via format strings in a message that is not properly provided to the syslog function when the wall command cannot be executed.
CVE-2003-0447 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
The Custom HTTP Errors capability in Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to execute script in the Local Zone via an argument to shdocvw.dll that causes a "javascript:" link to be generated.
CVE-2005-0411 1 Citrusdb 1 Citrusdb 2026-04-16 N/A
Directory traversal vulnerability in index.php for CitrusDB 0.3.6 and earlier allows remote attackers and local users to include arbitrary PHP files via .. (dot dot) sequences in the load parameter.