Export limit exceeded: 363668 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (363668 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-0877 | 1 Thekelleys | 1 Dnsmasq | 2026-04-16 | 7.5 High |
| Dnsmasq before 2.21 allows remote attackers to poison the DNS cache via answers to queries that were not made by Dnsmasq. | ||||
| CVE-2002-0687 | 2 Redhat, Zope | 2 Powertools, Zope | 2026-04-16 | N/A |
| The "through the web code" capability for Zope 2.0 through 2.5.1 b1 allows untrusted users to shut down the Zope server via certain headers. | ||||
| CVE-2002-0213 | 2 Sgi, Xinet | 2 Irix, K-ashare | 2026-04-16 | N/A |
| xkas in Xinet K-AShare 0.011.01 for IRIX allows local users to read arbitrary files via a symlink attack on the VOLICON file, which is copied to the .HSicon file in a shared directory. | ||||
| CVE-2005-3142 | 1 Kaspersky Lab | 4 Kaspersky Anti-virus, Kaspersky Anti-virus Personal, Kaspersky Anti-virus Personal Pro and 1 more | 2026-04-16 | N/A |
| Heap-based buffer overflow in Kaspersky Antivirus (KAV) 5.0 and Kaspersky Personal Security Suite 1.1 allows remote attackers to execute arbitrary code via a CAB file with large records after the header. | ||||
| CVE-2005-0871 | 1 Phpbb Group | 1 Phpbb | 2026-04-16 | N/A |
| calendar_scheduler.php in Topic Calendar 1.0.1 module for phpBB, when running on a Microsoft IIS server, allows remote attackers to obtain sensitive information via invalid parameters, which reveal the path in an error message. | ||||
| CVE-2003-0065 | 1 National University Of Singapore | 1 Uxterm | 2026-04-16 | N/A |
| The uxterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. | ||||
| CVE-2005-0870 | 1 Phpsysinfo | 1 Phpsysinfo | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in phpSysInfo 2.3, when register_globals is enabled, allow remote attackers to inject arbitrary web script or HTML via the (1) sensor_program parameter to index.php, (2) text[language], (3) text[template], or (4) hide_picklist parameter to system_footer.php. | ||||
| CVE-2006-0712 | 1 Squishdot | 1 Squishdot | 2026-04-16 | N/A |
| mail_html template in Squishdot 1.5.0 and earlier does not properly validate the (1) email and (2) title variables, which allows remote attackers to bypass spam filters by injecting SMTP headers, probably due to a CRLF injection vulnerability. | ||||
| CVE-2002-0048 | 2 Andrew Tridgell, Redhat | 2 Rsync, Linux | 2026-04-16 | N/A |
| Multiple signedness errors (mixed signed and unsigned numbers) in the I/O functions of rsync 2.4.6, 2.3.2, and other versions allow remote attackers to cause a denial of service and execute arbitrary code in the rsync client or server. | ||||
| CVE-2006-4608 | 1 Longino | 1 Jacome Php-revista | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Longino Jacome php-Revista 1.1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) cadena parameter in busqueda.php and the (2) email parameter in lista.php. | ||||
| CVE-2002-0049 | 1 Microsoft | 1 Exchange Server | 2026-04-16 | N/A |
| Microsoft Exchange Server 2000 System Attendant gives "Everyone" group privileges to the WinReg key, which could allow remote attackers to read or modify registry keys. | ||||
| CVE-2005-0752 | 2 Mozilla, Redhat | 2 Firefox, Enterprise Linux | 2026-04-16 | N/A |
| The Plugin Finder Service (PFS) in Firefox before 1.0.3 allows remote attackers to execute arbitrary code via a javascript: URL in the PLUGINSPAGE attribute of an EMBED tag. | ||||
| CVE-2005-3107 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2026-04-16 | N/A |
| fs/exec.c in Linux 2.6, when one thread is tracing another thread that shares the same memory map, might allow local users to cause a denial of service (deadlock) by forcing a core dump when the traced thread is in the TASK_TRACED state. | ||||
| CVE-2002-2093 | 1 Sgi | 1 Irix | 2026-04-16 | N/A |
| The Video Control Panel on SGI O2/IRIX 6.5, when the Default Input is set to "Output Video", allows attackers to access a console session by running videoout then videoin. | ||||
| CVE-2005-0764 | 1 Marc Lehmann | 1 Rxvt-unicode | 2026-04-16 | N/A |
| Buffer overflow in command.C for rxvt-unicode before 5.3 allows remote attackers to execute arbitrary code via a crafted file containing long escape sequences. | ||||
| CVE-2002-1507 | 1 Epic Games | 1 Unreal Tournament Server | 2026-04-16 | N/A |
| Unreal Tournament 2003 (ut2003) clients and servers allow remote attackers to cause a denial of service via malformed messages containing a small number of characters to UDP ports 7778 or 10777. | ||||
| CVE-2002-2067 | 1 East-tec | 1 Eraser | 2026-04-16 | 7.5 High |
| East-Tec Eraser 2002 does not clear Windows alternate data streams that are attached to files on NTFS file systems, which allows attackers to recover sensitive information that was supposed to be deleted. | ||||
| CVE-2002-2177 | 1 Bea | 1 Weblogic Server | 2026-04-16 | N/A |
| BEA WebLogic Server and Express 6.1 through 7.0.0.1 buffers HTTP requests in a way that can cause BEA to send the same response for two different HTTP requests, which could allow remote attackers to obtain sensitive information that was intended for other users. | ||||
| CVE-2005-0770 | 1 Datarescue | 1 Ida Pro | 2026-04-16 | N/A |
| Format string vulnerability in DataRescue Interactive Disassembler and Debugger (IDA) Pro 4.7.0.830 allows remote attackers or local users to cause a denial of service (CPU consumption or application crash) and possibly execute arbitrary code via format string specifiers in a dynamic link library (DLL) name. | ||||
| CVE-2006-2885 | 1 Knowledgetree | 1 Knowledgetree | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in KnowledgeTree Open Source 3.0.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) fDocumentId parameter in view.php and the (2) fSearchableText parameter in /search/simpleSearch.php. | ||||