Export limit exceeded: 365502 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 365502 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (365502 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-1536 | 1 Hans Persson | 1 Molly | 2026-04-16 | N/A |
| Molly IRC bot 0.5 allows remote attackers to execute arbitrary commands via shell metacharacters in (1) the $host variable for nslookup.pl, (2) the $to, $from, or $message variables in pop.pl, (3) the $words or $text variables in sms.pl, or (4) the $server or $printer variables in hpled.pl. | ||||
| CVE-2005-2572 | 1 Oracle | 1 Mysql | 2026-04-16 | N/A |
| MySQL, when running on Windows, allows remote authenticated users with insert privileges on the mysql.func table to cause a denial of service (server hang) and possibly execute arbitrary code via (1) a request for a non-library file, which causes the Windows LoadLibraryEx function to block, or (2) a request for a function in a library that has the XXX_deinit or XXX_init functions defined but is not tailored for mySQL, such as jpeg1x32.dll and jpeg2x32.dll. | ||||
| CVE-2004-0753 | 2 Gnome, Redhat | 3 Gdkpixbuf, Gtk, Enterprise Linux | 2026-04-16 | N/A |
| The BMP image processor for (1) gdk-pixbuf before 0.22 and (2) gtk2 before 2.2.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted BMP file. | ||||
| CVE-2004-0747 | 2 Apache, Redhat | 2 Http Server, Enterprise Linux | 2026-04-16 | 7.8 High |
| Buffer overflow in Apache 2.0.50 and earlier allows local users to gain apache privileges via a .htaccess file that causes the overflow during expansion of environment variables. | ||||
| CVE-2003-1564 | 2 Redhat, Xmlsoft | 2 Enterprise Linux, Libxml2 | 2026-04-16 | 6.5 Medium |
| libxml2, possibly before 2.5.0, does not properly detect recursion during entity expansion, which allows context-dependent attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, aka the "billion laughs attack." | ||||
| CVE-2002-1975 | 1 Sharp | 4 Zaurus Sl-5000d, Zaurus Sl-5000d Firmware, Zaurus Sl-5500 and 1 more | 2026-04-16 | 5.5 Medium |
| Sharp Zaurus PDA SL-5000D and SL-5500 uses a salt of "A0" to encrypt the screen-locking password as stored in the Security.conf file, which makes it easier for local users to guess the password via brute force methods. | ||||
| CVE-2002-1956 | 1 Rox | 1 Filer | 2026-04-16 | N/A |
| ROX Filer 1.1.9 and 1.2 is installed with world writable permissions, which allows local users to write to arbitrary files. | ||||
| CVE-2002-1948 | 1 Gringotts | 1 Gringotts | 2026-04-16 | N/A |
| Multiple buffer overflows in Gringotts 0.5.9 allows local users to execute arbitrary commands via unknown attack vectors. | ||||
| CVE-2002-1939 | 1 Flashfxp | 1 Flashfxp | 2026-04-16 | N/A |
| FlashFXP 1.4 prints FTP passwords in plaintext when there are transfers in the queue, which allows attackers to obtain FTP passwords of other users by editing the queue properties. | ||||
| CVE-2006-0025 | 1 Microsoft | 1 Windows Media Player | 2026-04-16 | N/A |
| Stack-based buffer overflow in Microsoft Windows Media Player 9 and 10 allows remote attackers to execute arbitrary code via a PNG image with a large chunk size. | ||||
| CVE-2005-1290 | 1 Phpbb Group | 1 Phpbb | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in phpBB 2.0.14 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) u parameter to profile.php, (2) highlight parameter to viewtopic.php, or (3) forumname or forumdesc parameters to admin_forums.php. | ||||
| CVE-2005-1291 | 1 Cartwiz | 1 Asp Cart | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in CartWIZ ASP Cart allow remote attackers to execute arbitrary SQL commands via the idProduct parameter to (1) addToCart.asp or (2) productDetails.asp, the (3) priceFrom, (4) idCategory, or (5) priceTo parameter to searchResults.asp, or (6) the idParentCategory parameter to productCatalogSubCats.asp. | ||||
| CVE-2005-1298 | 1 Inserter.cgi | 1 Inserter.cgi | 2026-04-16 | N/A |
| The inserter.cgi script allows remote attackers to read arbitrary files via a full pathname in the argument. | ||||
| CVE-2005-1318 | 1 Horde | 1 Forwards | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Horde Forwards E-Mail Forwarding Manager before 2.2.2 allows remote attackers to inject arbitrary web script or HTML via the parent's frame page title. | ||||
| CVE-2005-1324 | 1 Matthieu Aubry | 1 Phpmyvisites | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index.php for phpMyVisites allow remote attackers to inject arbitrary web script or HTML via the (1) part, (2) per, or (3) site parameters. | ||||
| CVE-2005-1325 | 1 Matthieu Aubry | 1 Phpmyvisites | 2026-04-16 | N/A |
| set_lang.php in phpMyVisites 1.3 allows remote attackers to read and include arbitrary files via the mylang parameter. | ||||
| CVE-2005-1349 | 1 Perl | 1 Convert Uulib | 2026-04-16 | N/A |
| Buffer overflow in Convert-UUlib (Convert::UUlib) before 1.051 allows remote attackers to execute arbitrary code via a malformed parameter to a read operation. | ||||
| CVE-2005-1353 | 1 Forum.pl | 1 Forum.pl | 2026-04-16 | N/A |
| The forum.pl script allows remote attackers to read arbitrary files via a full pathname in the argument. | ||||
| CVE-2005-1367 | 1 Pico Server | 1 Pico Server | 2026-04-16 | N/A |
| Pico Server (pServ) 3.2 and earlier allows local users to read arbitrary files as the pServ user via a symlink to a file outside of the web document root. | ||||
| CVE-2005-1369 | 1 Linux | 1 Linux Kernel | 2026-04-16 | N/A |
| The (1) it87 and (2) via686a drivers in I2C for Linux 2.6.x before 2.6.11.8, and 2.6.12 before 2.6.12-rc2, create the sysfs "alarms" file with write permissions, which allows local users to cause a denial of service (CPU consumption) by attempting to write to the file, which does not have an associated store function. | ||||