Export limit exceeded: 363849 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (363849 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-0250 1 Ibm 1 Aix 2026-04-16 N/A
Format string vulnerability in auditselect on IBM AIX 5.1, 5.2, and 5.3 allows local users to execute arbitrary code via format string specifiers in a command line argument.
CVE-2005-0252 1 Guillaumegardey 1 Biborb 2026-04-16 N/A
SQL injection vulnerability in BibORB 1.3.2, and possibly earlier versions, allows remote attackers to execute arbitrary SQL commands via the (1) Username or (2) Password.
CVE-2003-1549 1 Myabracadaweb 1 Myabracadaweb 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in header.php in MyABraCaDaWeb 1.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the ma_kw parameter.
CVE-2004-1685 1 Smc Networks 2 Smc7004vwbr, Smc7008abr 2026-04-16 N/A
SMC routers SMC7004VWBR running firmware 1.00.014 and SMC7008ABR EU running firmware 1.42.003 allow remote attackers to bypass authentication by connecting to it from the same IP address as the administrator who is logged in, then accessing the setup_status.htm or status.HTM pages.
CVE-2004-1683 1 Qnx 1 Rtos 2026-04-16 N/A
A race condition in crrtrap for QNX RTP 6.1 allows local users to gain privileges by modifying the PATH environment variable to reference a malicious io-graphics program before is executed by crrtrap.
CVE-2004-1679 1 Jigunet 2 Twinftp Enterprise, Twinftp Standard 2026-04-16 N/A
Directory traversal vulnerability in TwinFTP 1.0.3 R2 allows remote attackers to create arbitrary files via a .../ (triple dot) in the (1) CWD, (2) STOR, or (3) RETR commands.
CVE-2004-1678 1 Logicnow 1 Perldesk 2026-04-16 N/A
Directory traversal vulnerability in pdesk.cgi in PerlDesk allows remote attackers to read portions of arbitrary files and possibly execute arbitrary Perl modules via ".." sequences terminated by a %00 (null) character in the lang parameter, which can leak portions of the requested files if a compilation error message occurs.
CVE-2004-1669 2 Icewarp, Merak 2 Web Mail, Mail Server 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in MERAK Mail Server 7.4.5 with Icewarp Web Mail 5.2.7 and possibly other versions allows remote attackers to execute arbitrary web script or HTML via the (1) User name parameter to accountsettings.html or (2) Search string parameter to search.html.
CVE-2004-1656 1 Comersus Open Technologies 1 Comersus Cart 2026-04-16 N/A
CRLF injection vulnerability in Comersus Shopping Cart 5.0991 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the redirecturl parameter.
CVE-2003-1545 2 Nukestyles, Phpnuke 2 Viewpage, Nukestyles Viewpage Module 2026-04-16 N/A
Absolute path traversal vulnerability in nukestyles.com viewpage.php addon for PHP-Nuke allows remote attackers to read arbitrary files via a full pathname in the file parameter. NOTE: This was originally reported as an issue in PHP-Nuke 6.5, but this is an independent addon.
CVE-2004-1650 1 D-link 1 Dcs-900 Internet Camera 2026-04-16 N/A
D-Link DCS-900 Internet Camera listens on UDP port 62976 for an IP address, which allows remote attackers to change the IP address of the camera via a UDP broadcast packet.
CVE-2004-1649 1 Microsoft 1 Windows 2000 2026-04-16 N/A
Buffer overflow in Microsoft Msinfo32.exe might allow local users to execute arbitrary code via a long filename in the msinfo_file command line parameter. NOTE: this issue might not cross security boundaries, so it may be REJECTED in the future.
CVE-2003-1544 1 Microsoft 1 Windows 2000 2026-04-16 N/A
Unrestricted critical resource lock in Terminal Services for Windows 2000 before SP4 and Windows XP allows remote authenticated users to cause a denial of service (reboot) by obtaining a read lock on msgina.dll, which prevents msgina.dll from being loaded.
CVE-2004-1644 1 Jerod Moemeka 1 Xedus 2026-04-16 N/A
Xedus 1.0 allows remote attackers to cause a denial of service (refuse connections) by connecting multiple times from the same IP address.
CVE-2004-1633 1 Mozilla 1 Bugzilla 2026-04-16 N/A
process_bug.cgi in Bugzilla 2.9 through 2.18rc2 and 2.19 from CVS does not check edit permissions on the keywords field, which allows remote authenticated users to modify the keywords in a bug via the keywordaction parameter.
CVE-2004-1629 1 Distinct Web Creations 1 Dwc Articles 2026-04-16 N/A
Multiple SQL injection vulnerabilities in Dwc_articles 1.6 and earlier allow remote attackers to execute arbitrary SQL statements.
CVE-2006-5002 1 Ibm 1 Inventory Scout 2026-04-16 N/A
Unspecified vulnerability in IBM Inventory Scout for AIX 2.2.0.0 through 2.2.0.9 (invscoutClient_VPD_Survey) allows attackers to overwrite arbitrary files via unspecified vectors.
CVE-2006-5001 2 Ipswitch, Progress 2 Ws Ftp Server, Ws Ftp Server 2026-04-16 N/A
Unspecified vulnerability in the log analyzer in WS_FTP Server 5.05 before Hotfix 1, and possibly other versions down to 5.0, prevents certain sensitive information from being displayed in the (1) Files and (2) Summary tabs. NOTE: in the early publication of this identifier on 20060926, the description was used for the wrong issue.
CVE-2004-1621 1 Ibm 1 Lotus Domino 2026-04-16 N/A
NOTE: this issue has been disputed by the vendor. Cross-site scripting (XSS) vulnerability in IBM Lotus Notes R6 and Domino R6, and possibly earlier versions, allows remote attackers to execute arbitrary web script or HTML via square brackets at the beginning and end of (1) computed for display, (2) computed when composed, or (3) computed text element fields. NOTE: the vendor has disputed this issue, saying that it is not a problem with Notes/Domino itself, but with the applications that do not properly handle this feature
CVE-2006-4996 1 Joomla 1 Joomlalib 2026-04-16 N/A
Unspecified vulnerability in JoomlaLib (com_joomlalib) before 1.2.2 for Joomla! allows remote attackers to have an unknown impact, related to "Joomla globals hacked by script kiddies."