Export limit exceeded: 29913 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29913 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-1195 | 1 Gabriele Bartolini | 1 Ht Check | 2026-04-16 | N/A |
| Cross-site scripting vulnerability (XSS) in the PHP interface for ht://Check 1.1 allows remote web servers to insert arbitrary HTML, including script, via a web page. | ||||
| CVE-2004-2008 | 1 Adam Webb | 1 Nukejokes | 2026-04-16 | N/A |
| SQL injection vulnerability in modules.php in NukeJokes 1.7 and 2 Beta allows remote attackers to execute arbitrary SQL via the jokeid parameter. | ||||
| CVE-2002-1867 | 1 Bizdesign | 1 Imagefolio | 2026-04-16 | N/A |
| The default configuration of BizDesign ImageFolio 2.23 through 2.26 does not control access to (1) admin/setup.cgi, which allows remote attackers to create an administrative account, or (2) admin/nph-build.cgi, which allows remote attackers to cause a denial of service (CPU consumption). | ||||
| CVE-2002-1198 | 1 Mozilla | 1 Bugzilla | 2026-04-16 | N/A |
| Bugzilla 2.16.x before 2.16.1 does not properly filter apostrophes from an email address during account creation, which allows remote attackers to execute arbitrary SQL via a SQL injection attack. | ||||
| CVE-2005-2550 | 2 Gnome, Redhat | 2 Evolution, Enterprise Linux | 2026-04-16 | N/A |
| Format string vulnerability in Evolution 1.4 through 2.3.6.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the calendar entries such as task lists, which are not properly handled when the user selects the Calendars tab. | ||||
| CVE-2002-1221 | 3 Freebsd, Isc, Openbsd | 3 Freebsd, Bind, Openbsd | 2026-04-16 | N/A |
| BIND 8.x through 8.3.3 allows remote attackers to cause a denial of service (crash) via SIG RR elements with invalid expiry times, which are removed from the internal BIND database and later cause a null dereference. | ||||
| CVE-2002-0445 | 1 Php Firstpost | 1 Php Firstpost | 2026-04-16 | N/A |
| article.php in PHP FirstPost 0.1 allows allows remote attackers to obtain the full pathname of the server via an invalid post number in the post parameter, which leaks the pathname in an error message. | ||||
| CVE-2002-0454 | 1 Qualcomm | 1 Qpopper | 2026-04-16 | N/A |
| Qpopper (aka in.qpopper or popper) 4.0.3 and earlier allows remote attackers to cause a denial of service (CPU consumption) via a very large string, which causes an infinite loop. | ||||
| CVE-2002-0455 | 1 Incredimail | 1 Incredimail | 2026-04-16 | N/A |
| IncrediMail stores attachments in a directory with a fixed name, which could make it easier for attackers to exploit vulnerabilities in other software that rely on installing and reading files from directories with known pathnames. | ||||
| CVE-2002-0458 | 1 Linux-sottises | 1 News-tnk | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in News-TNK 1.2.1 and earlier allows remote attackers to execute arbitrary Javascript via the WEB parameter. | ||||
| CVE-2002-0461 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| Internet Explorer 5.01 through 6 allows remote attackers to cause a denial of service (application crash) via Javascript in a web page that calls location.replace on itself, causing a loop. | ||||
| CVE-2005-2805 | 1 E107 | 1 E107 | 2026-04-16 | N/A |
| forum_post.php in e107 0.6 allows remote attackers to post to non-existent forums by modifying the forum number. | ||||
| CVE-2005-0016 | 1 Gatos | 1 Gatos | 2026-04-16 | N/A |
| Buffer overflow in the exported_display function in xatitv in gatos before 0.0.5 allows local users to execute arbitrary code. | ||||
| CVE-2002-0472 | 1 Microsoft | 1 Msn Messenger | 2026-04-16 | N/A |
| MSN Messenger Service 3.6, and possibly other versions, uses weak authentication when exchanging messages between clients, which allows remote attackers to spoof messages from other users. | ||||
| CVE-2002-0473 | 1 Phpbb Group | 1 Phpbb | 2026-04-16 | N/A |
| db.php in phpBB 2.0 (aka phpBB2) RC-3 and earlier allows remote attackers to execute arbitrary code from remote servers via the phpbb_root_path parameter. | ||||
| CVE-2005-0022 | 2 Redhat, University Of Cambridge | 2 Enterprise Linux, Exim | 2026-04-16 | N/A |
| Buffer overflow in the spa_base64_to_bits function in Exim before 4.43, as originally obtained from Samba code, and as called by the auth_spa_client function, may allow attackers to execute arbitrary code during SPA authentication. | ||||
| CVE-2005-0036 | 2 Delegate, Etl | 2 Delegate, Delegate | 2026-04-16 | N/A |
| The DNS implementation in DeleGate 8.10.2 and earlier allows remote attackers to cause a denial of service via a compressed DNS packet with a label length byte with an incorrect offset, which could trigger an infinite loop. | ||||
| CVE-2005-0044 | 1 Microsoft | 7 Exchange Server, Windows 2000, Windows 2003 Server and 4 more | 2026-04-16 | N/A |
| The OLE component in Windows 98, 2000, XP, and Server 2003, and Exchange Server 5.0 through 2003, does not properly validate the lengths of messages for certain OLE data, which allows remote attackers to execute arbitrary code, aka the "Input Validation Vulnerability." | ||||
| CVE-2005-2816 | 1 Greymatter | 1 Greymatter Forum | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Greymatter allows remote attackers to inject arbitrary web script or HTML via a post comment, which is recorded in a log file but not properly handled when the administrator uses "View Control Panel Log" to read the log file. | ||||
| CVE-2005-2817 | 1 Simple Machines | 1 Simple Machines Forum | 2026-04-16 | N/A |
| Simple Machines Forum (SMF) 1-0-5 and earlier supports the use of URLs for avatar images, which allows remote attackers to monitor sensitive information of forum visitors such as IP address and user agent, as demonstrated using a PHP script on a malicious server. | ||||