Export limit exceeded: 365488 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (365488 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-1462 | 2 Ethereal Group, Redhat | 2 Ethereal, Enterprise Linux | 2026-04-16 | N/A |
| Double free vulnerability in the ICEP dissector in Ethereal before 0.10.11 may allow remote attackers to execute arbitrary code. | ||||
| CVE-2005-1467 | 2 Ethereal Group, Redhat | 2 Ethereal, Enterprise Linux | 2026-04-16 | N/A |
| Unknown vulnerability in the NDPS dissector in Ethereal before 0.10.11 allows remote attackers to cause a denial of service (memory exhaustion) via unknown vectors. | ||||
| CVE-1999-1068 | 1 Oracle | 1 Http Server | 2026-04-16 | N/A |
| Oracle Webserver 2.1, when serving PL/SQL stored procedures, allows remote attackers to cause a denial of service via a long HTTP GET request. | ||||
| CVE-2005-1475 | 1 Opera | 1 Opera Browser | 2026-04-16 | N/A |
| The XMLHttpRequest object in Opera 8.0 Final Build 1095 allows remote attackers to bypass access restrictions and perform unauthorized actions on other domains via a redirect. | ||||
| CVE-1999-1397 | 1 Microsoft | 1 Index Server | 2026-04-16 | N/A |
| Index Server 2.0 on IIS 4.0 stores physical path information in the ContentIndex\Catalogs subkey of the AllowedPaths registry key, whose permissions allows local and remote users to obtain the physical paths of directories that are being indexed. | ||||
| CVE-1999-1486 | 1 Ibm | 1 Aix | 2026-04-16 | N/A |
| sadc in IBM AIX 4.1 through 4.3, when called from programs such as timex that are setgid adm, allows local users to overwrite arbitrary files via a symlink attack. | ||||
| CVE-2005-1486 | 1 Fishnet | 1 Fishcart | 2026-04-16 | N/A |
| Multiple cross-site scripting vulnerabilities in FishCart 3.1 allow remote attackers to inject arbitrary web script or HTML via the (1) trackingnum, (2) reqagree, or (3) m parameter to upstracking.php or (4) nlst parameter to display.php. NOTE: the vendor was not able to reproduce some of the reported vectors but believes that they have been addressed. The original researcher is known to be unreliable. | ||||
| CVE-1999-1537 | 1 Microsoft | 1 Internet Information Server | 2026-04-16 | N/A |
| IIS 3.x and 4.x does not distinguish between pages requiring encryption and those that do not, which allows remote attackers to cause a denial of service (resource exhaustion) via SSL requests to the HTTPS port for normally unencrypted files, which will cause IIS to perform extra work to send the files over SSL. | ||||
| CVE-2000-0121 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| The Recycle Bin utility in Windows NT and Windows 2000 allows local users to read or modify files by creating a subdirectory with the victim's SID in the recycler directory, aka the "Recycle Bin Creation" vulnerability. | ||||
| CVE-2005-1496 | 1 Oracle | 2 Application Server, Oracle10g | 2026-04-16 | N/A |
| The DBMS_Scheduler in Oracle 10g allows remote attackers with CREATE JOB privileges to gain additional privileges by changing SESSION_USER to the SYS user. | ||||
| CVE-2005-1497 | 1 Mywebland | 1 Mybloggie | 2026-04-16 | N/A |
| index.php in myBloggie 2.1.1 allows remote attackers to obtain sensitive information via an invalid post_id parameter, which reveals the path in an error message. | ||||
| CVE-2005-1502 | 1 Midicart Software | 1 Midicart Php Shopping Cart | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in MidiCart PHP Shopping Cart allows remote attackers to inject arbitrary web script or HTML via the (1) searchstring parameter to search_list.php or the (2) secondgroup or (3) maingroup parameters to item_list.php. | ||||
| CVE-2000-0359 | 1 Acme Labs | 1 Thttpd | 2026-04-16 | N/A |
| Buffer overflow in Trivial HTTP (THTTPd) allows remote attackers to cause a denial of service or execute arbitrary commands via a long If-Modified-Since header. | ||||
| CVE-2000-0632 | 1 Lsoft | 1 Listserv | 2026-04-16 | N/A |
| Buffer overflow in the web archive component of L-Soft Listserv 1.8d and earlier allows remote attackers to execute arbitrary commands via a long query string. | ||||
| CVE-2000-0773 | 1 Bajie | 1 Java Http Server | 2026-04-16 | N/A |
| Bajie HTTP web server 0.30a allows remote attackers to read arbitrary files via a URL that contains a "....", a variant of the dot dot directory traversal attack. | ||||
| CVE-2005-1506 | 1 Cj | 1 Ultra Plus | 2026-04-16 | N/A |
| SQL injection vulnerability in out.php in CJ Ultra (CJUltra) Plus 1.0.3 and 1.0.4 allows remote attackers to execute arbitrary SQL commands via the perm parameter. | ||||
| CVE-2005-1512 | 1 Pwsphp | 1 Pwsphp | 2026-04-16 | N/A |
| The Admin panel in PwsPHP 1.2.2 does not properly verify uploaded picture files, which allows remote attackers to upload and possibly execute arbitrary files. | ||||
| CVE-2005-1515 | 1 Dan Bernstein | 1 Qmail | 2026-04-16 | N/A |
| Integer signedness error in the qmail_put and substdio_put functions in qmail, when running on 64 bit platforms with a large amount of virtual memory, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large number of SMTP RCPT TO commands. | ||||
| CVE-2001-0902 | 1 Microsoft | 1 Internet Information Services | 2026-04-16 | N/A |
| Microsoft IIS 5.0 allows remote attackers to spoof web log entries via an HTTP request that includes hex-encoded newline or form-feed characters. | ||||
| CVE-2005-1522 | 1 Gnu | 1 Mailutils | 2026-04-16 | N/A |
| The imap4d server for GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows authenticated remote users to cause a denial of service (CPU consumption) via a large range value in the FETCH command. | ||||