Export limit exceeded: 350525 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 350525 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 350525 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (350525 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-2306 | 1 Sun | 2 Solaris, Sunos | 2026-04-16 | N/A |
| Sun Solaris 7 through 9, when Basic Security Module (BSM) is enabled and the SUNWscpu package has been removed as a result of security hardening, disables mail alerts from the audit_warn script, which might allow attackers to escape detection. | ||||
| CVE-2005-2083 | 1 Truenorth Software | 1 Ia Emailserver | 2026-04-16 | N/A |
| Format string vulnerability in IMAP4 in IA eMailServer Corporate Edition 5.2.2 build 1051 allows remote attackers to cause a denial of service (application crash) via a LIST command with format string specifiers as the second argument. | ||||
| CVE-2004-2316 | 1 Mbedthis Software | 1 Mbedthis Appweb Http Server | 2026-04-16 | N/A |
| Mbedthis AppWeb HTTP server before 1.0.2 allows remote attackers to cause a denial of service (crash) via a GET request containing an MS-DOS device name such as COM1. | ||||
| CVE-2002-0775 | 1 Hosting Controller | 1 Hosting Controller | 2026-04-16 | N/A |
| browse.asp in Hosting Controller allows remote attackers to view arbitrary directories by specifying the target pathname in the FilePath parameter. | ||||
| CVE-2002-0780 | 1 Novell | 1 Bordermanager | 2026-04-16 | N/A |
| IP/IPX gateway for Novell BorderManager 3.6 SP 1a allows remote attackers to cause a denial of service via a connection to port 8225 with a large amount of random data, which causes ipipxgw.nlm to ABEND. | ||||
| CVE-2004-2317 | 1 Mbedthis Software | 1 Mbedthis Appweb Http Server | 2026-04-16 | N/A |
| Information leak in Mbedthis AppWeb HTTP server 1.0 through 1.1.2 allows remote attackers to obtain sensitive information via a user message that is generated when Mbedthis denies access. | ||||
| CVE-2006-2974 | 1 Emailarchitect | 1 Email Server | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in EmailArchitect Email Server 6.1.0.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) errCode and (2) uid parameter in (a) default.asp and (3) dname parameter in (b) /admin/dns.asp and (c) /additional/regdomain_done.asp. | ||||
| CVE-2006-2977 | 1 Mafia Moblog | 1 Mafia Moblog | 2026-04-16 | N/A |
| SQL injection vulnerability in big.php in Mafia Moblog 0.6M1 and earlier allows remote attackers to execute arbitrary SQL commands via the img parameter. | ||||
| CVE-2006-2978 | 1 Mafia Moblog | 1 Mafia Moblog | 2026-04-16 | N/A |
| Mafia Moblog 0.6M1 and earlier allows remote attackers to obtain the installation path in an error message via a direct request to (1) big.php and (2) upgrade.php. | ||||
| CVE-2004-2334 | 1 Emumail | 1 Emu Webmail | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in EMU Webmail 5.2.7 allow remote attackers to inject arbitrary web script or HTML via (1) a hex-encoded value to the variable parameter in emumail.fcgi, (2) the folder parameter in emumail.fcgi, or Javascript in the (3) username or (4) password field in the login page. | ||||
| CVE-2002-0817 | 1 William Deich | 1 Super | 2026-04-16 | N/A |
| Format string vulnerability in super for Linux allows local users to gain root privileges via a long command line argument. | ||||
| CVE-2002-0821 | 2 Ethereal Group, Redhat | 4 Ethereal, Enterprise Linux, Linux and 1 more | 2026-04-16 | N/A |
| Buffer overflows in Ethereal 0.9.4 and earlier allow remote attackers to cause a denial of service or execute arbitrary code via (1) the BGP dissector, or (2) the WCP dissector. | ||||
| CVE-2006-2980 | 1 Viart Ltd | 1 Viart Shop Free | 2026-04-16 | N/A |
| SQL injection vulnerability in block_forum_topic_new.php in ViArt Shop Free 2.5.5, and possibly other distributions including Light, Standard, and Enterprise, might allow remote attackers to execute arbitrary SQL commands via unknown vectors, probably involving the forum_id parameter. | ||||
| CVE-2002-0876 | 1 Evolvable Corporation | 1 Shambala Server | 2026-04-16 | N/A |
| Web server for Shambala 4.5 allows remote attackers to cause a denial of service (crash) via a malformed HTTP request. | ||||
| CVE-2006-2982 | 1 Enterprise Payroll Systems | 1 Enterprise Payroll Systems | 2026-04-16 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Enterprise Timesheet and Payroll Systems (EPS) 1.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the absolutepath parameter in (1) footer.php and (2) admin/footer.php. | ||||
| CVE-2002-0837 | 2 Redhat, Wordtrans | 2 Linux, Wordtrans-web | 2026-04-16 | N/A |
| wordtrans 1.1pre8 and earlier in the wordtrans-web package allows remote attackers to (1) execute arbitrary code or (2) conduct cross-site scripting attacks via certain parameters (possibly "dict") to the wordtrans.php script. | ||||
| CVE-2004-2352 | 1 Martin Bauer | 1 Gbook | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in GBook for PHP-Nuke 1.0 allows remote attackers to inject arbitrary web script or HTML via cookies that are stored in the $_COOKIE PHP variable, which is not cleansed by PHP-Nuke. | ||||
| CVE-2001-1412 | 1 Apple | 1 Mac Os X | 2026-04-16 | N/A |
| nidump on MacOS X before 10.3 allows local users to read the encrypted passwords from the password file by specifying passwd as a command line argument. | ||||
| CVE-2001-1426 | 1 Alcatel | 1 Speed Touch Home | 2026-04-16 | N/A |
| Alcatel Speed Touch running firmware KHDSAA.108 and KHDSAA.132 through KHDSAA.134 has a TFTP server running without a password, which allows remote attackers to change firmware versions or the device's configurations. | ||||
| CVE-2004-1667 | 1 Gearbox Software | 1 Halo Combat Evolved | 2026-04-16 | N/A |
| Off-by-one error in Halo Combat Evolved 1.04 and earlier allows remote attackers to cause a denial of service (server crash) via a long client response. | ||||