Export limit exceeded: 29946 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29946 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-0151 | 1 Xintercepttalk | 1 Xitalk | 2026-04-16 | N/A |
| Unknown vulnerability in xitalk 1.1.11 and earlier allows local users to execute arbitrary commands. | ||||
| CVE-2004-0160 | 1 Synaesthesia | 1 Synaesthesia | 2026-04-16 | N/A |
| Synaesthesia 2.2 and earlier allows local users to execute arbitrary code via a symlink attack on the configuration file. | ||||
| CVE-2004-0162 | 3 Clearswift, F-secure, Paul L Daniels | 3 Mailsweeper, Internet Gatekeeper, Ripmime | 2026-04-16 | N/A |
| Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME encapsulation that uses RFC822 comment fields, which may be interpreted as other fields by mail clients. | ||||
| CVE-2004-0169 | 1 Apple | 1 Darwin Streaming Server | 2026-04-16 | N/A |
| QuickTime Streaming Server in MacOS X 10.2.8 and 10.3.2 allows remote attackers to cause a denial of service (crash) via DESCRIBE requests with long User-Agent fields, which causes an Assert error to be triggered in the BufferIsFull function. | ||||
| CVE-2004-0171 | 2 Freebsd, Openbsd | 2 Freebsd, Openbsd | 2026-04-16 | N/A |
| FreeBSD 5.1 and earlier, and Mac OS X before 10.3.4, allows remote attackers to cause a denial of service (resource exhaustion of memory buffers and system crash) via a large number of out-of-sequence TCP packets, which prevents the operating system from creating new connections. | ||||
| CVE-2005-4659 | 1 Ipcop | 1 Ipcop | 2026-04-16 | N/A |
| IPCop (aka IPCop Firewall) before 1.4.10 has world-readable permissions for the backup.key file, which might allow local users to overwrite system configuration files and gain privileges by creating a malicious encrypted backup archive owned by "nobody", then executing ipcoprscfg to restore from this backup. | ||||
| CVE-2006-0215 | 1 Qualityebiz | 1 Quality Ppc | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in admin.php in QualityEBiz Quality PPC (QPPC) 1.0 build 1644 allows remote attackers to inject arbitrary web script or HTML via the cpage parameter. NOTE: this issue might be resultant from CVE-2006-0216. | ||||
| CVE-2006-0217 | 1 Ultimate Auction | 1 Ultimate Auction | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Ultimate Auction 3.67 allow remote attackers to inject arbitrary web script or HTML via the (1) item parameter in item.pl and (2) category parameter in itemlist.pl, which reflects the XSS in an error message. NOTE: the affected version might be wrong since the current version as of 20060116 is 3.6.1. | ||||
| CVE-2006-2876 | 1 Deltascripts | 1 Php Pro Publish | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in cat.php in PHP Pro Publish 2.0 allows remote attackers to inject arbitrary web script or HTML via the catname parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2006-2877 | 1 Sangwan Kim | 1 Bookmark4u | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in Bookmark4U 2.0.0 and earlier allows remote attackers to include arbitrary PHP files via the include_prefix parameter in (1) inc/dbase.php, (2) inc/config.php, (3) inc/common.php, and (4) inc/function.php. NOTE: it has been reported that the inc directory is protected by a .htaccess file, so this issue only applies in certain environments or configurations. | ||||
| CVE-2006-3166 | 1 Free Realty | 1 Free Realty | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in propview.php in Free Realty 2.9-0.6 and earlier allows remote attackers to execute arbitrary web script or HTML via the sort parameter. | ||||
| CVE-2006-3168 | 1 Comscripts | 1 Cs-forum | 2026-04-16 | N/A |
| SQL injection vulnerability in CS-Forum before 0.82 allows remote attackers to execute arbitrary SQL commands via the (1) id and (2) debut parameters in (a) read.php, and the (3) search and (4) debut parameters in (b) index.php. | ||||
| CVE-2006-3169 | 1 Comscripts | 1 Cs-forum | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in CS-Forum 0.81 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) msg_result and (2) rep_titre parameters in (a) read.php; and the (3) id and (4) parent parameters and (5) CSForum_nom, (6) CSForum_mail, and (7) CSForum_url cookie parameters in (b) ajouter.php. | ||||
| CVE-2002-1493 | 1 Lycos | 1 Htmlgear Guestgear | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Lycos HTMLGear guestbook allows remote attackers to inject arbitrary script via (1) STYLE attributes or (2) SRC attributes in an IMG tag. | ||||
| CVE-2006-3170 | 1 Comscripts | 1 Cs-forum | 2026-04-16 | N/A |
| CS-Forum before 0.82 allows remote attackers to obtain sensitive information via unspecified manipulations, possibly involving an empty collapse[] or readall parameter to index.php, which reveals the installation path in an error message. | ||||
| CVE-2002-1610 | 1 Hp | 2 Hp-ux, Tru64 | 2026-04-16 | N/A |
| Unknown vulnerability in ping in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to cause a denial of service. | ||||
| CVE-2005-2271 | 1 Alexander Clauss | 1 Icab | 2026-04-16 | N/A |
| iCab 2.9.8 does not clearly associate a Javascript dialog box with the web page that generated it, which allows remote attackers to spoof a dialog box from a trusted site and facilitates phishing attacks, aka the "Dialog Origin Spoofing Vulnerability." | ||||
| CVE-2006-3177 | 1 Bible Portal Project | 1 Bible Portal Project | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in Admin/rtf_parser.php in The Bible Portal Project 2.12 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the destination parameter. | ||||
| CVE-2002-1518 | 1 Sgi | 1 Irix | 2026-04-16 | N/A |
| mv in IRIX 6.5 creates a directory with world-writable permissions while moving a directory, which could allow local users to modify files and directories. | ||||
| CVE-2002-1521 | 1 Mdg Computer Services | 1 Web Server 4d | 2026-04-16 | N/A |
| Web Server 4D (WS4D) 3.6 stores passwords in plaintext in the Ws4d.4DD file, which allows attackers to gain privileges. | ||||