Export limit exceeded: 362238 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 362238 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (362238 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-2266 1 Netscreen 1 Screenos 2026-04-16 N/A
NetScreen ScreenOS 2.8 through 4.0, when forwarding H.323 or Netmeeting traffic, allows remote attackers to cause a denial of service (firewall session table consumption) by establishing multiple half-open H.323 sessions, which are not cleaned up on garbage removal and do not time out for 36 hours.
CVE-2004-1986 2 Coppermine, Francisco Burzi 2 Coppermine Photo Gallery, Php-nuke 2026-04-16 N/A
Directory traversal vulnerability in modules.php in Coppermine Photo Gallery 1.2.2b and 1.2.0 RC4 allows remote attackers with administrative privileges to read arbitrary files via a .. (dot dot) in the startdir parameter.
CVE-2005-2731 1 Astaro 1 Security Linux 2026-04-16 N/A
Directory traversal vulnerability in Astaro Security Linux 6.0, when using Webmin, allows remote authenticated webmin users to read arbitrary files via a .. (dot dot) in the wfe_download parameter to index.fpl.
CVE-2002-2267 1 Bogofilter 1 Bogopass Email Filter 2026-04-16 N/A
bogopass in bogofilter 0.9.0.4 allows local users to overwrite arbitrary files via a symlink attack on the bogopass temporary file.
CVE-2002-2268 1 Netdave 1 Webster Http Server 2026-04-16 N/A
Buffer overflow in Webster HTTP Server allows remote attackers to execute arbitrary code via a long URL.
CVE-2004-1998 1 Francisco Burzi 1 Php-nuke 2026-04-16 N/A
The Downloads module in Php-Nuke 6.x through 7.2 allows remote attackers to gain sensitive information via an invalid show parameter to modules.php, which reveals the full path in a PHP error message.
CVE-2005-2735 1 Phpgraphy 1 Phpgraphy 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in phpGraphy 0.9.9a and earlier allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag.
CVE-2002-2277 1 Portail Web Php 1 Portail Web Php 2026-04-16 N/A
SQL injection vulnerability in mod_search/index.php in PortailPHP 0.99 allows remote attackers to execute arbitrary SQL commands via the (1) $rech, (2) $BD_Tab_docs, (3) $BD_Tab_file, (4) $BD_Tab_liens, (5) $BD_Tab_faq, or (6) $chemin variables.
CVE-2002-2288 1 Mambo 1 Site Server 2026-04-16 N/A
Mambo Site Server 4.0.11 allows remote attackers to obtain the physical path of the server via an HTTP request to index.php with a parameter that does not exist, which causes the path to be leaked in an error message.
CVE-2002-2289 1 Working Resources Inc. 1 Badblue 2026-04-16 N/A
soinfo.php in BadBlue 1.7.1 calls the phpinfo function, which allows remote attackers to gain sensitive information including ODBC passwords.
CVE-2005-0255 2 Mozilla, Redhat 4 Firefox, Mozilla, Thunderbird and 1 more 2026-04-16 N/A
String handling functions in Mozilla 1.7.3, Firefox 1.0, and Thunderbird before 1.0.2, such as the nsTSubstring_CharT::Replace function, do not properly check the return values of other functions that resize the string, which allows remote attackers to cause a denial of service and possibly execute arbitrary code by forcing an out-of-memory state that causes a reallocation to fail and return a pointer to a fixed address, which leads to heap corruption.
CVE-2002-0471 1 Phpnettoolpack 1 Phpnettoolpack 2026-04-16 N/A
PHPNetToolpack 0.1 allows remote attackers to execute arbitrary code via shell metacharacters in the a_query variable.
CVE-2002-2290 1 Mambo 1 Mambo Site Server 2026-04-16 N/A
Mambo Site Server 4.0.11 installs with a default username and password of admin, which allows remote attackers to gain privileges.
CVE-2005-0256 1 Washington University 1 Wu-ftpd 2026-04-16 N/A
The wu_fnmatch function in wu_fnmatch.c in wu-ftpd 2.6.1 and 2.6.2 allows remote attackers to cause a denial of service (CPU exhaustion by recursion) via a glob pattern with a large number of * (wildcard) characters, as demonstrated using the dir command.
CVE-2002-2294 1 Symantec 4 Enterprise Firewall, Gateway Security, Raptor Firewall and 1 more 2026-04-16 N/A
Multiple buffer overflows in Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 allow remote attackers to cause a denial of service (service termination) via (1) malformed RealAudio (rad) packets that are not properly handled by the RealAudio Proxy, or (2) crafted packets to the statistics service (statsd).
CVE-2002-2296 1 Yabb 1 Yabb 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in YaBB.pl in Yet Another Bulletin Board (YaBB) 1 Gold SP 1 allows remote attackers to inject arbitrary web script or HTML via the num parameter.
CVE-2002-2301 1 Lawson Software 1 Lawson Financials 2026-04-16 N/A
Lawson Financials 8.0, when configured to use a third party relational database, stores usernames and passwords in a world-readable file, which allows local users to read the passwords and log onto the database.
CVE-2002-2307 1 Pyramid 1 Benhur Software Update 2026-04-16 N/A
The default configuration of BenHur Firewall release 3 update 066 fix 2 allows remote attackers to access arbitrary services by connecting from source port 20.
CVE-2002-2309 1 Php 1 Php 2026-04-16 N/A
php.exe in PHP 3.0 through 4.2.2, when running on Apache, does not terminate properly, which allows remote attackers to cause a denial of service via a direct request without arguments.
CVE-2002-2317 1 Symantec 1 Velociraptor 2026-04-16 N/A
Memory leak in the (1) httpd, (2) nntpd, and (3) vpn driver in VelociRaptor 1.0 allows remote attackers to cause a denial of service (memory consumption) via an unknown method.