Export limit exceeded: 29946 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29946 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-0109 1 Suse 1 Suse Linux 2026-04-16 N/A
rctab in SuSE 7.0 and earlier allows local users to create or overwrite arbitrary files via a symlink attack on the rctmp temporary file.
CVE-2004-1110 2 Gentoo, Jean-jacques Sarton 2 Linux, Mtink 2026-04-16 N/A
The mtink status monitor before 1.0.5 for Epson printers allows local users to overwrite arbitrary files via a symlink attack on the epson temporary file.
CVE-2006-1555 1 Tachyon 1 Vsns Lemon 2026-04-16 N/A
VSNS Lemon 3.2.0 allows remote attackers to bypass authentication and access password-protected articles by setting the vsns[topic_id] cookie to the targeted topic.
CVE-2006-1588 1 Netbsd 1 Netbsd 2026-04-16 N/A
The bridge ioctl (if_bridge code) in NetBSD 1.6 through 3.0 does not clear sensitive memory before copying ioctl results to the requesting process, which allows local users to obtain portions of kernel memory.
CVE-2001-0132 1 Trend Micro 1 Interscan Viruswall 2026-04-16 N/A
Interscan VirusWall 3.6.x and earlier follows symbolic links when uninstalling the product, which allows local users to overwrite arbitrary files via a symlink attack.
CVE-2001-0141 2 Gert Doering, Redhat 2 Mgetty, Linux 2026-04-16 N/A
mgetty 1.1.22 allows local users to overwrite arbitrary files via a symlink attack in some configurations.
CVE-2001-0151 1 Microsoft 1 Internet Information Services 2026-04-16 N/A
IIS 5.0 allows remote attackers to cause a denial of service via a series of malformed WebDAV requests.
CVE-2001-0201 1 Umut Gokbayrak 1 Postaci 2026-04-16 N/A
The Postaci frontend for PostgreSQL does not properly filter characters such as semicolons, which could allow remote attackers to execute arbitrary SQL queries via the deletecontact.php program.
CVE-2001-0208 1 Microfocus 1 Cobol 2026-04-16 N/A
MicroFocus Cobol 4.1, with the AppTrack feature enabled, installs the mfaslmf directory and the nolicense file with insecure permissions, which allows local users to gain privileges by modifying files.
CVE-2001-0212 1 His 1 Auktion 2026-04-16 N/A
Directory traversal vulnerability in HIS Auktion 1.62 allows remote attackers to read arbitrary files via a .. (dot dot) in the menue parameter, and possibly execute commands via shell metacharacters.
CVE-2004-1129 1 Youngzsoft 1 Cmailserver 2026-04-16 N/A
SQL injection vulnerability in (1) fdelmail.asp, (2) addressc.asp, and possibly (3) postmail.asp and (4) fmvmail.asp in CMailServer 5.2 allow remote attackers to inject arbitrary SQL commands and delete mail metadata or e-mail addresses of contacts via the indexOfMail parameter.
CVE-2001-0220 2 Ja-elvis, Ko-helvis 2 Ja-elvis, Ko-helvis 2026-04-16 N/A
Buffer overflow in ja-elvis and ko-helvis ports of elvis allow local users to gain root privileges.
CVE-2001-0221 1 Freebsd 1 Ja-xklock 2026-04-16 N/A
Buffer overflow in ja-xklock 2.7.1 and earlier allows local users to gain root privileges.
CVE-2004-1147 1 Phpmyadmin 1 Phpmyadmin 2026-04-16 N/A
phpMyAdmin 2.6.0-pl2, and other versions before 2.6.1, with external transformations enabled, allows remote attackers to execute arbitrary commands via shell metacharacters.
CVE-2001-0259 1 Ssh 1 Ssh 2026-04-16 N/A
ssh-keygen in ssh 1.2.27 - 1.2.30 with Secure-RPC can allow local attackers to recover a SUN-DES-1 magic phrase generated by another user, which the attacker can use to decrypt that user's private key file.
CVE-2001-0282 1 Guido Frassetto 1 Sedum 2026-04-16 N/A
SEDUM 2.1 HTTP server allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long HTTP request.
CVE-2000-0440 2 Freebsd, Netbsd 2 Freebsd, Netbsd 2026-04-16 N/A
NetBSD 1.4.2 and earlier allows remote attackers to cause a denial of service by sending a packet with an unaligned IP timestamp option.
CVE-2003-1108 1 Alcatel-lucent 1 Omnipcx 2026-04-16 N/A
The Session Initiation Protocol (SIP) implementation in Alcatel OmniPCX Enterprise 5.0 Lx allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted INVITE messages, as demonstrated by the OUSPG PROTOS c07-sip test suite.
CVE-2005-4003 1 Asps 1 Shopping Cart 2026-04-16 N/A
Multiple SQL injection vulnerabilities in Absolute Shopping Package Solutions (ASPS) Shopping Cart Professional 2.9d and earlier, and Lite 2.1 and earlier, allow remote attackers to execute arbitrary SQL commands via the (1) srch_product_name parameter to adv_search.asp and (2) b_search parameter to bsearch.asp. NOTE: the original disclosure was specifically only for an XSS issue, but the CVE description was for SQL injection. Since the original disclosure, SQL injection vectors have been reported. This CVE might be REJECTed or significantly altered pending additional information.
CVE-2004-1403 1 Sir 1 Gnuboard 2026-04-16 N/A
PHP remote file inclusion vulnerability in index.php in GNUBoard 3.39 and earlier allows remote attackers to execute arbitrary PHP code by modifying the doc parameter to reference a URL on a remote web server that contains the code.