Export limit exceeded: 360033 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (360033 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2001-0480 | 1 Alex Linde | 1 Alexs Ftp Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in Alex's FTP Server 0.7 allows remote attackers to read arbitrary files via a ... (modified dot dot) in the (1) GET or (2) CD commands. | ||||
| CVE-1999-0596 | 2026-04-16 | N/A | ||
| A Windows NT log file has an inappropriate maximum size or retention period. | ||||
| CVE-2001-0481 | 1 Mandrakesoft | 1 Mandrake Linux | 2026-04-16 | N/A |
| Vulnerability in rpmdrake in Mandrake Linux 8.0 related to insecure temporary file handling. | ||||
| CVE-2005-1681 | 1 Bugada Andrea | 1 Php Advanced Transfer Manager | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in common.php in phpATM 1.21, and possibly earlier versions, allows remote attackers to execute arbitrary PHP code via a URL in the include_location parameter to index.php. | ||||
| CVE-1999-0604 | 1 Selena Sol | 1 Selena Sol Webstore | 2026-04-16 | N/A |
| An incorrect configuration of the WebStore 1.0 shopping cart CGI program "web_store.cgi" could disclose private information. | ||||
| CVE-1999-0608 | 1 Pdgsoft | 1 Pdg Shopping Cart | 2026-04-16 | N/A |
| An incorrect configuration of the PDG Shopping Cart CGI program "shopper.cgi" could disclose private information. | ||||
| CVE-2002-0070 | 1 Microsoft | 4 Windows 2000, Windows 98, Windows 98se and 1 more | 2026-04-16 | N/A |
| Buffer overflow in Windows Shell (used as the Windows Desktop) allows local and possibly remote attackers to execute arbitrary code via a custom URL handler that has not been removed for an application that has been improperly uninstalled. | ||||
| CVE-2005-3006 | 1 Opera | 1 Opera Browser | 2026-04-16 | N/A |
| The mail client in Opera before 8.50 opens attached files from the user's cache directory without warning the user, which might allow remote attackers to inject arbitrary web script and spoof attachment filenames. | ||||
| CVE-2002-1238 | 1 Peter Sandvik | 1 Simple Web Server | 2026-04-16 | N/A |
| Peter Sandvik's Simple Web Server 0.5.1 and earlier allows remote attackers to bypass access restrictions for files via an HTTP request with a sequence of multiple / (slash) characters such as http://www.example.com///file/. | ||||
| CVE-2005-3007 | 1 Opera | 1 Opera Browser | 2026-04-16 | N/A |
| Opera before 8.50 allows remote attackers to spoof the content type of files via a filename with a trailing "." (dot), which might allow remote attackers to trick users into processing dangerous content. | ||||
| CVE-2005-3008 | 1 Amar Sagoo | 1 Tofu | 2026-04-16 | N/A |
| Tofu 0.2 allows remote attackers to execute arbitrary Python code via crafted pickled objects, which Tofu unpickles and executes. | ||||
| CVE-2002-0621 | 1 Microsoft | 1 Commerce Server | 2026-04-16 | N/A |
| Buffer overflow in the Office Web Components (OWC) package installer used by Microsoft Commerce Server 2000 allows remote attackers to cause the process to fail or run arbitrary code in the LocalSystem security context via certain input to the OWC package installer. | ||||
| CVE-2002-1928 | 1 Software602 | 1 602pro Lan Suite | 2026-04-16 | N/A |
| 602Pro LAN SUITE 2002 allows remote attackers to view the directory tree via an HTTP GET request with a trailing "~" (tilde) or ".bak" extension. | ||||
| CVE-2005-3648 | 1 Moodle | 1 Moodle | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in the get_record function in datalib.php in Moodle 1.5.2 allow remote attackers to execute arbitrary SQL commands via the id parameter in (1) category.php and (2) info.php. | ||||
| CVE-2005-0521 | 1 Sendlink | 1 Sendlink | 2026-04-16 | N/A |
| SendLink 1.5 stores sensitive information, possibly including passwords, in plaintext in the data.eat file, which allows local users to gain privileges. | ||||
| CVE-2005-3010 | 1 Cutephp | 1 Cutenews | 2026-04-16 | N/A |
| Direct static code injection vulnerability in the flood protection feature in inc/shows.inc.php in CuteNews 1.4.0 and earlier allows remote attackers to execute arbitrary PHP code via the HTTP_CLIENT_IP header (Client-Ip), which is injected into data/flood.db.php. | ||||
| CVE-2005-0526 | 1 Pblang | 1 Pblang | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in PBLang 4.65 allow remote attackers to inject arbitrary web script or HTML via (1) the search string to search.php, (2) the subject of a PM, which is processed by pm.php, or (3) the body of a PM, which is processed by pmpshow.php. | ||||
| CVE-2005-3018 | 1 Apple | 1 Safari | 2026-04-16 | N/A |
| Apple Safari allows remote attackers to cause a denial of service (application crash) via a crafted data:// URL. | ||||
| CVE-2002-1262 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| Internet Explorer 5.5 and 6.0 does not perform complete security checks on external caching, which allows remote attackers to read arbitrary files. | ||||
| CVE-2002-1271 | 1 Perl-mailtools | 1 Perl-mailtools | 2026-04-16 | N/A |
| The Mail::Mailer Perl module in the perl-MailTools package 1.47 and earlier uses mailx as the default mailer, which allows remote attackers to execute arbitrary commands by inserting them into the mail body, which is then processed by mailx. | ||||