Export limit exceeded: 360758 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 360758 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 360758 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (360758 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-2466 | 1 Openbook | 1 Openbook | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in the auth_user function in admin.php in OpenBook 1.2.2 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameter. | ||||
| CVE-2004-1855 | 1 Mythic Entertainment | 1 Dark Age Of Camelot | 2026-04-16 | N/A |
| Dark Age of Camelot before 1.68 live patch does not sign the RSA public key, which could allow remote malicious servers to gain sensitive information via a man-in-the-middle attack. | ||||
| CVE-2004-1857 | 1 Hp | 1 Web Jetadmin | 2026-04-16 | N/A |
| Directory traversal vulnerability in setinfo.hts in HP Web Jetadmin 7.5.2546 allows remote authenticated attackers to read arbitrary files via a .. (dot dot) in the setinclude parameter. | ||||
| CVE-2005-3748 | 1 Tru-zone | 1 Nukeet | 2026-04-16 | N/A |
| SQL injection vulnerability in the Search module in Tru-Zone Nuke ET 3.2, and possibly earlier versions, allows remote attackers to execute arbitrary SQL commands via the query parameter. | ||||
| CVE-2004-1864 | 1 Xmb Forum | 1 Xmb | 2026-04-16 | N/A |
| SQL injection vulnerability in Extreme Messageboard (XMB) 1.9 beta allows remote attackers to execute arbitrary SQL commands via the restrict parameter to (1) member.php, (2) misc.php, or (3) today.php. | ||||
| CVE-2004-1866 | 1 Nstx | 1 Ip Over Dns Utility | 2026-04-16 | N/A |
| nstxd in Nstx 1.1 beta3 and earlier allows remote attackers to cause a denial of service (crash) via a large packet, which triggers a null dereference. | ||||
| CVE-2005-3749 | 1 Ibm | 1 Aix | 2026-04-16 | N/A |
| Unspecified "absolute path vulnerabilities" in the diagela command (diagela.sh) in IBM AIX 5.2 and 5.3 have unknown impact and attack vectors. | ||||
| CVE-2005-2477 | 1 Naxtor | 1 Shopping Cart | 2026-04-16 | N/A |
| shop_display_products.php in Naxtor Shopping Cart 1.0 allows remote attackers to obtain sensitive information via a cat_id with a "'" (single quote), which reveals the path in an error message, possibly due to an SQL injection vulnerability. | ||||
| CVE-2004-1876 | 1 Clam Anti-virus | 1 Clamav | 2026-04-16 | N/A |
| The "%f" feature in the VirusEvent directive in Clam AntiVirus daemon (clamd) before 0.70 allows local users to execute arbitrary commands via shell metacharacters in a file name. | ||||
| CVE-2004-1888 | 1 Aborior | 1 Encore Web Forum | 2026-04-16 | N/A |
| display.cgi in Aborior Encore WebForum allows remote to execute arbitrary commands via shell metacharacters in the file variable. | ||||
| CVE-2005-2481 | 1 Macromedia | 1 Coldfusion Fusebox | 2026-04-16 | N/A |
| ColdFusion Fusebox 4.1.0 allows remote attackers to obtain sensitive information via an invalid fuseaction parameter, which leaks the full server path in an error message, as demonstrated using the "?" (question mark) character. | ||||
| CVE-2005-3483 | 2 Graphon, Microsoft | 2 Go-global, Windows | 2026-04-16 | N/A |
| Buffer overflow in GO-Global for Windows 3.1.0.3270 and earlier allows remote attackers to execute arbitrary code via a data block that is longer than the specified data block size. | ||||
| CVE-2004-1889 | 1 Sgi | 1 Irix | 2026-04-16 | N/A |
| Unknown vulnerability in ftpd in SGI IRIX 6.5.20 through 6.5.23 allows remote attackers to cause a denial of service (hang) via a link failure with Microsoft Windows. | ||||
| CVE-2005-2483 | 1 Karrigell | 1 Karrigell | 2026-04-16 | N/A |
| Eval injection vulnerability in Karrigell before 2.1.8 allows remote attackers to execute arbitrary Python code via modified arguments to a Karrigell services (.ks) script, which can reference functions from libraries that are used by that script. | ||||
| CVE-2002-1850 | 1 Apache | 1 Http Server | 2026-04-16 | 7.5 High |
| mod_cgi in Apache 2.0.39 and 2.0.40 allows local users and possibly remote attackers to cause a denial of service (hang and memory consumption) by causing a CGI script to send a large amount of data to stderr, which results in a read/write deadlock between httpd and the CGI script. | ||||
| CVE-2005-2495 | 2 Redhat, Xfree86 Project | 2 Enterprise Linux, Xfree86 | 2026-04-16 | N/A |
| Multiple integer overflows in XFree86 before 4.3.0 allow user-assisted attackers to execute arbitrary code via a crafted pixmap image. | ||||
| CVE-2005-3490 | 1 Asus | 1 Video Security Online | 2026-04-16 | N/A |
| Directory traversal vulnerability in the web server in Asus Video Security 3.5.0.0 and earlier allows remote attackers to read arbitrary files via "../" or "..\" sequences in the URL. | ||||
| CVE-2004-1915 | 1 Lcdproc | 1 Lcdproc | 2026-04-16 | N/A |
| Buffer overflow in the parse_all_client_messages function in LCDproc 0.4.x up to 0.4.4 allows remote attackers to execute arbitrary code via a large number of arguments. | ||||
| CVE-2005-2499 | 2 Redhat, Slocate | 2 Enterprise Linux, Slocate | 2026-04-16 | N/A |
| slocate before 2.7 does not properly process very long paths, which allows local users to cause a denial of service (updatedb exit and incomplete slocate database) via a certain crafted directory structure. | ||||
| CVE-2004-1916 | 1 Lcdproc | 1 Lcdproc | 2026-04-16 | N/A |
| Multiple buffer overflows in LCDProc 0.4.1, and possibly other 0.4.x versions up to 0.4.4, allows remote attackers to execute arbitrary code via (1) a long invalid command to parse_all_client_messages function, or (2) long argv command to test_func_func function. | ||||