Export limit exceeded: 363759 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (363759 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2003-0245 2 Apache, Redhat 2 Http Server, Linux 2026-04-16 N/A
Vulnerability in the apr_psprintf function in the Apache Portable Runtime (APR) library for Apache 2.0.37 through 2.0.45 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long strings, as demonstrated using XML objects to mod_dav, and possibly other vectors.
CVE-2005-0494 1 Thomson 1 Thomson Cable Modem 2026-04-16 N/A
The RgSecurity form in the HTTP server for the Thomson TCW690 cable modem running firmware 2.1 and software ST42.03.0a does not properly validate the password before performing changes, which allows remote attackers on the LAN to gain access via a direct POST request.
CVE-2005-2559 1 E107 1 E107 2026-04-16 N/A
doping.php in ePing plugin 1.02 and earlier for e107 portal allows remote attackers to execute arbitrary code or overwrite files via (1) shell metacharacters in the eping_count parameter or (2) restricted shell metacharacters such as ">" and "&" in the eping_host parameter, which is not handled by the validation function.
CVE-2003-0252 2 Linux-nfs, Redhat 3 Nfs-utils, Enterprise Linux, Linux 2026-04-16 9.8 Critical
Off-by-one error in the xlog function of mountd in the Linux NFS utils package (nfs-utils) before 1.0.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via certain RPC requests to mountd that do not contain newlines.
CVE-2005-0501 1 Digipen Institute Of Technology 1 Bontago 2026-04-16 N/A
Buffer overflow in Bontago 1.1 and earlier allows remote attackers to execute arbitrary code via a long nickname.
CVE-2006-3514 1 Phpblogger 1 Php-blogger 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in admin/actions.php in PHP-Blogger 2.2.5, and possibly earlier versions, allow remote attackers to execute arbitrary web script or HTML via the (1) name, (2) title, (3) news, (4) description, and (5) sitename parameters.
CVE-2003-0261 1 Fuzz 1 Fuzz 2026-04-16 N/A
fuzz 0.6 and earlier creates temporary files insecurely, which could allow local users to gain root privileges.
CVE-2006-3516 1 Freehost 1 Freehost 2026-04-16 N/A
Multiple SQL injection vulnerabilities in FreeHost allow remote attackers to execute arbitrary SQL commands via (1) readme parameter to FreeHost/misc.php or (2) index parameter to FreeHost/news.php.
CVE-2003-0267 1 Bvrp Software 1 Slwebmail 2026-04-16 N/A
ShowGodLog.dll in SLWebMail 3 on Windows systems allows remote attackers to read arbitrary files by directly calling ShowGodLog.dll with an argument specifying the full path of the target file.
CVE-2003-0269 1 Youbin 1 Youbin 2026-04-16 N/A
Buffer overflow in youbin allows local users to gain privileges via a long HOME environment variable.
CVE-2005-0510 1 Fallback-reboot 1 Fallback-reboot 2026-04-16 N/A
The daemon for fallback-reboot before 0.995 allows attackers to cause a denial of service (daemon exit), possibly related to verbose debug messages when the daemon is not on a tty.
CVE-2006-3517 1 Rwscripts.com 1 Rw Download 2026-04-16 N/A
PHP remote file inclusion vulnerability in stats.php in RW::Download, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the root_path parameter.
CVE-2003-0293 1 Palm 1 Palmos 2026-04-16 N/A
PalmOS allows remote attackers to cause a denial of service (CPU consumption) via a flood of ICMP echo request (ping) packets.
CVE-2003-0310 1 Ez 1 Ez Publish 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in articleview.php for eZ publish 2.2 allows remote attackers to insert arbitrary web script.
CVE-2003-0331 1 Ttcms 1 Ttforum 2026-04-16 N/A
SQL injection vulnerability in ttForum allows remote attackers to execute arbitrary SQL and gain ttForum Administrator privileges via the Ignorelist-Textfield argument in the Preferences page.
CVE-2006-3349 1 Sms Script 1 Sms Script 2026-04-16 N/A
Multiple SQL injection vulnerabilities in SmS Script allow remote attackers to execute arbitrary SQL commands via the CatID parameter in (1) cat.php and (2) add.php.
CVE-2006-3348 1 Swsoft 1 Hspcomplete 2026-04-16 N/A
Multiple SQL injection vulnerabilities in HSPcomplete 3.2.2 and 3.3 Beta and earlier allow remote attackers to execute arbitrary SQL commands via the (1) type parameter in report.php and (2) level parameter in custom_buttons.php.
CVE-2006-3342 1 Olate 1 Arctic 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in index.php in Arctic 1.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the query parameter in a search cmd.
CVE-2002-2181 1 Sonicwall 1 Content Filtering 2026-04-16 N/A
SonicWall Content Filtering allows local users to access prohibited web sites via requests to the web site's IP address instead of the domain name.
CVE-2002-2179 1 Unisys 1 Clearpath Mcp 2026-04-16 N/A
The dynamic initialization feature of the ClearPath MCP environment allows remote attackers to cause a denial of service (crash) via a TCP port scan using a tool such as nmap.