Export limit exceeded: 363806 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 363806 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 363806 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (363806 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-1529 | 1 Surfcontrol | 1 Superscout Email Filter | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in msgError.asp for the administrative web interface (STEMWADM) for SurfControl SuperScout Email Filter allows remote attackers to insert arbitrary script or HTML via the Reason parameter. | ||||
| CVE-2002-1516 | 1 Sgi | 1 Irix | 2026-04-16 | N/A |
| rpcbind in SGI IRIX, when using the -w command line switch, allows local users to overwrite arbitrary files via a symlink attack. | ||||
| CVE-2005-0649 | 1 Pixel-apes Group | 1 Safehtml | 2026-04-16 | N/A |
| Pixel-Apes SafeHTML before 1.2.1 allows remote attackers to bypass cross-site scripting (XSS) protection via "hexadecimal HTML entities." | ||||
| CVE-2002-1514 | 1 Borland Software | 1 Interbase | 2026-04-16 | N/A |
| gds_lock_mgr in Borland InterBase allows local users to overwrite files and gain privileges via a symlink attack on a "isc_init1.X" temporary file, as demonstrated by modifying the xinetdbd file. | ||||
| CVE-2002-0644 | 1 Microsoft | 2 Data Engine, Sql Server | 2026-04-16 | N/A |
| Buffer overflow in several Database Consistency Checkers (DBCCs) for Microsoft SQL Server 2000 and Microsoft Desktop Engine (MSDE) 2000 allows members of the db_owner and db_ddladmin roles to execute arbitrary code. | ||||
| CVE-2002-2011 | 1 Jon Howell | 1 Faq-o-matic | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the fom CGI program (fom.cgi) in Faq-O-Matic 2.711 and 2.712 allows remote attackers to inject arbitrary web script or HTML via the file parameter. | ||||
| CVE-2002-1513 | 1 Compaq | 1 Tcp-ip Services | 2026-04-16 | N/A |
| The UCX POP server in HP TCP/IP services for OpenVMS 4.2 through 5.3 allows local users to truncate arbitrary files via the -logfile command line option, which overrides file system permissions because the server runs with the SYSPRV and BYPASS privileges. | ||||
| CVE-2002-1471 | 1 Ximian | 1 Evolution | 2026-04-16 | N/A |
| The camel component for Ximian Evolution 1.0.x and earlier does not verify certificates when it establishes a new SSL connection after previously verifying a certificate, which could allow remote attackers to monitor or modify sessions via a man-in-the-middle attack. | ||||
| CVE-1999-0496 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| A Windows NT 4.0 user can gain administrative rights by forcing NtOpenProcessToken to succeed regardless of the user's permissions, aka GetAdmin. | ||||
| CVE-2001-1306 | 1 Sun | 1 Iplanet Directory Server | 2026-04-16 | N/A |
| iPlanet Directory Server 4.1.4 and earlier (LDAP) allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via invalid BER length of length fields, as demonstrated by the PROTOS LDAPv3 test suite. | ||||
| CVE-1999-0497 | 2026-04-16 | N/A | ||
| Anonymous FTP is enabled. | ||||
| CVE-2002-0047 | 2 Olaf Titz, Redhat | 2 Cipe, Linux | 2026-04-16 | N/A |
| CIPE VPN package before 1.3.0-3 allows remote attackers to cause a denial of service (crash) via a short malformed packet. | ||||
| CVE-2002-0820 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| FreeBSD kernel 4.6 and earlier closes the file descriptors 0, 1, and 2 after they have already been assigned to /dev/null when the descriptors reference procfs or linprocfs, which could allow local users to reuse the file descriptors in a setuid or setgid program to modify critical data and gain privileges. | ||||
| CVE-1999-0522 | 2026-04-16 | N/A | ||
| The permissions for a system-critical NIS+ table (e.g. passwd) are inappropriate. | ||||
| CVE-2002-0833 | 1 Qualcomm | 1 Eudora | 2026-04-16 | N/A |
| Buffer overflow in Eudora 5.1.1 and 5.0-J for Windows, and possibly other versions, allows remote attackers to execute arbitrary code via a multi-part message with a long boundary string. | ||||
| CVE-2001-1311 | 1 Ibm | 1 Lotus Domino R5 | 2026-04-16 | N/A |
| Buffer overflows in Lotus Domino R5 before R5.0.7a allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite. | ||||
| CVE-1999-0527 | 2026-04-16 | N/A | ||
| The permissions for system-critical data in an anonymous FTP account are inappropriate. For example, the root directory is writeable by world, a real password file is obtainable, or executable commands such as "ls" can be overwritten. | ||||
| CVE-1999-0546 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| The Windows NT guest account is enabled. | ||||
| CVE-2001-0468 | 1 Ftpfs | 1 Ftpfs | 2026-04-16 | N/A |
| Buffer overflow in FTPFS allows local users to gain root privileges via a long user name. | ||||
| CVE-2001-1313 | 1 Ibm | 1 Lotus Domino R5 | 2026-04-16 | N/A |
| Lotus Domino R5 before R5.0.7a allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via miscellaneous packets with semi-valid BER encodings, as demonstrated by the PROTOS LDAPv3 test suite. | ||||