Export limit exceeded: 363759 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (363759 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-1481 1 Phpgb 1 Phpgb 2026-04-16 N/A
savesettings.php in phpGB 1.20 and earlier does not require authentication, which allows remote attackers to cause a denial of service or execute arbitrary PHP code by using savesettings.php to modify config.php.
CVE-2002-1552 1 Novell 1 Edirectory 2026-04-16 N/A
Novell eDirectory (eDir) 8.6.2 and Netware 5.1 eDir 85.x allows users with expired passwords to gain inappropriate permissions when logging in from Remote Manager.
CVE-2005-0676 1 Phpoutsourcing 1 Zorum 2026-04-16 N/A
index.php in Zorum 3.5 allows remote attackers to trigger an SQL error, and possibly inject arbitrary SQL commands, via the search capability.
CVE-2005-0679 1 Stadtaus 1 Tell A Friend Script 2026-04-16 N/A
PHP remote file inclusion vulnerability in tell_a_friend.inc.php for Tell A Friend Script 2.7 before 20050305 allows remote attackers to execute arbitrary PHP code by modifying the script_root parameter to reference a URL on a remote web server that contains the code. NOTE: it was later reported that 2.4 is also affected.
CVE-2002-0651 2 Isc, Redhat 3 Bind, Enterprise Linux, Linux 2026-04-16 N/A
Buffer overflow in the DNS resolver code used in libc, glibc, and libbind, as derived from ISC BIND, allows remote malicious DNS servers to cause a denial of service and possibly execute arbitrary code via the stub resolvers.
CVE-2002-0655 4 Apple, Openssl, Oracle and 1 more 8 Mac Os X, Openssl, Application Server and 5 more 2026-04-16 N/A
OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, does not properly handle ASCII representations of integers on 64 bit platforms, which could allow attackers to cause a denial of service and possibly execute arbitrary code.
CVE-2002-1482 1 Phpgb 1 Phpgb 2026-04-16 N/A
SQL injection vulnerability in login.php for phpGB 1.20 and earlier, when magic_quotes_gpc is not enabled, allows remote attackers to gain administrative privileges via SQL code in the password entry.
CVE-2005-0680 1 Stadtaus 1 Download Center Lite 2026-04-16 N/A
PHP remote file inclusion vulnerability in download_center_lite.inc.php for Download Center Lite 1.6 allows remote attackers to execute arbitrary PHP code by modifying the script_root parameter to reference a URL on a remote web server that contains the code.
CVE-2002-1483 1 Db4web 1 Db4web 2026-04-16 N/A
db4web_c and db4web_c.exe programs in DB4Web 3.4 and 3.6 allow remote attackers to read arbitrary files via an HTTP request whose argument is a filename of the form (1) C: (drive letter), (2) //absolute/path (double-slash), or (3) .. (dot-dot).
CVE-2005-0684 1 Mysql 1 Maxdb 2026-04-16 N/A
Multiple buffer overflows in the web tool for MySQL MaxDB before 7.5.00.26 allows remote attackers to execute arbitrary code via (1) an HTTP GET request with a long file parameter after a percent ("%") sign or (2) a long Lock-Token string to the WebDAV functionality, which is not properly handled by the getLockTokenHeader function in WDVHandler_CommonUtils.c.
CVE-2002-2015 1 Postnuke Software Foundation 1 Postnuke 2026-04-16 N/A
PHP file inclusion vulnerability in user.php in PostNuke 0.703 allows remote attackers to include arbitrary files and possibly execute code via the caselist parameter.
CVE-2002-0656 4 Apple, Openssl, Oracle and 1 more 8 Mac Os X, Openssl, Application Server and 5 more 2026-04-16 N/A
Buffer overflows in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, allow remote attackers to execute arbitrary code via (1) a large client master key in SSL2 or (2) a large session ID in SSL3.
CVE-2005-4419 1 Quicksquare Development 2 Honeycomb Archive, Honeycomb Archive Enterprise 2026-04-16 N/A
Multiple SQL injection vulnerabilities in CategoryResults.cfm in Honeycomb Archive and Honeycomb Archive Enterprise 3.0 allow remote attackers to execute arbitrary SQL commands via the (1) series, (2) cat_parent, (3) cat, and (4) div parameters.
CVE-2005-0686 1 Mlterm 1 Mlterm 2026-04-16 N/A
Integer overflow in mlterm 2.5.0 through 2.9.1, with gdk-pixbuf support enabled, allows remote attackers to execute arbitrary code via a large image file that is used as a background.
CVE-2005-3059 3 Linux, Microsoft, Opera 3 Linux Kernel, Windows, Opera Browser 2026-04-16 N/A
Multiple unspecified vulnerabilities in Opera 8.50 on Linux and Windows have unknown impact and attack vectors, related to (1) " handling of must-revalidate cache directive for HTTPS pages" or (2) a "display issue with cookie comment encoding."
CVE-2002-1571 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-16 N/A
The linux 2.4 kernel before 2.4.19 assumes that the fninit instruction clears all registers, which could lead to an information leak on processors that do not clear all relevant SSE registers.
CVE-2005-0687 1 Hashcash 1 Hashcash 2026-04-16 N/A
Format string vulnerability in Hashcash 1.16 allows remote attackers to cause a denial of service (memory consumption) and possibly execute arbitrary code via format string specifiers in a reply address, which is not properly handled when printing the header.
CVE-2005-3062 1 Alstrasoft 1 E-friends 2026-04-16 N/A
PHP remote file inclusion vulnerability in index.php in AlstraSoft E-Friends 4.0 allows remote attackers to execute arbitrary PHP code via the mode parameter.
CVE-2005-0691 1 Socialmpn 1 Socialmpn 2026-04-16 N/A
PHP remote file inclusion vulnerability in article mode for modules.php in SocialMPN allows remote attackers to execute arbitrary PHP code by modifying the name parameter to reference a URL on a remote web server that contains the code.
CVE-2002-1281 2 Kde, Redhat 2 Kde, Linux 2026-04-16 N/A
Unknown vulnerability in the rlogin KIO subsystem (rlogin.protocol) of KDE 2.x 2.1 and later, and KDE 3.x 3.0.4 and earlier, allows local and remote attackers to execute arbitrary code via a certain URL.