Export limit exceeded: 29946 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29946 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-0670 | 1 Pingtel | 1 Xpressa | 2026-04-16 | N/A |
| The web interface for Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 uses Base64 encoded usernames and passwords for HTTP basic authentication, which allows remote attackers to steal and easily decode the passwords via sniffing. | ||||
| CVE-2001-0614 | 1 Carello | 1 E-commerce | 2026-04-16 | N/A |
| Carello E-Commerce 1.2.1 and earlier allows a remote attacker to gain additional privileges and execute arbitrary commands via a specially constructed URL. | ||||
| CVE-1999-0845 | 1 Sco | 1 Unixware | 2026-04-16 | N/A |
| Buffer overflow in SCO su program allows local users to gain root access via a long username. | ||||
| CVE-2005-4824 | 1 Glen Campbell | 1 Siteframe | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in web/classes.php in Siteframe before 3.2.2 allows remote attackers to execute arbitrary PHP code via a URL in the LOCAL_PATH parameter, a different vulnerability than CVE-2005-1965. | ||||
| CVE-2001-0616 | 1 Faust Informatics | 1 Freestyle Chat | 2026-04-16 | N/A |
| Faust Informatics Freestyle Chat server prior to 4.1 SR3 allows a remote attacker to create a denial of service via a URL request which includes a MS-DOS device name (e.g., GET /aux HTTP/1.0). | ||||
| CVE-2005-0015 | 1 Crosswire Bible Society | 1 Sword | 2026-04-16 | N/A |
| diatheke.pl in Sword 1.5.7a allows remote attackers to execute arbitrary commands via shell metacharacters in a URL. | ||||
| CVE-2002-0111 | 1 Funsoft | 1 Dinos Webserver | 2026-04-16 | N/A |
| Directory traversal vulnerability in Funsoft Dino's Webserver 1.2 and earlier allows remote attackers to read files or execute arbitrary commands via a .. (dot dot) in the URL. | ||||
| CVE-2002-0160 | 1 Cisco | 1 Secure Access Control Server | 2026-04-16 | N/A |
| The administration function in Cisco Secure Access Control Server (ACS) for Windows, 2.6.x and earlier and 3.x through 3.01 (build 40), allows remote attackers to read HTML, Java class, and image files outside the web root via a ..\.. (modified ..) in the URL to port 2002. | ||||
| CVE-2002-1190 | 1 Cisco | 1 Unity Server | 2026-04-16 | N/A |
| Cisco Unity 2.x and 3.x uses well-known default user accounts, which could allow remote attackers to gain access and place arbitrary calls. | ||||
| CVE-2000-0179 | 1 Hp | 1 Openview Omniback Ii | 2026-04-16 | N/A |
| HP OpenView OmniBack 2.55 allows remote attackers to cause a denial of service via a large number of connections to port 5555. | ||||
| CVE-2000-0187 | 1 Alex Heiphetz Group | 1 Ezshopper | 2026-04-16 | N/A |
| EZShopper 3.0 loadpage.cgi CGI script allows remote attackers to read arbitrary files via a .. (dot dot) attack or execute commands via shell metacharacters. | ||||
| CVE-2005-1780 | 1 Dotnetindex | 1 Active News Manager | 2026-04-16 | N/A |
| SQL injection vulnerability in admin/login.asp in Active News Manager allows remote attackers to execute arbitrary SQL commands via the password. | ||||
| CVE-2000-0188 | 1 Alex Heiphetz Group | 1 Ezshopper | 2026-04-16 | N/A |
| EZShopper 3.0 search.cgi CGI script allows remote attackers to read arbitrary files via a .. (dot dot) attack or execute commands via shell metacharacters. | ||||
| CVE-2001-1160 | 1 Microburst | 1 Udirectory | 2026-04-16 | N/A |
| udirectory.pl in Microburst Technologies uDirectory 2.0 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the category_file field. | ||||
| CVE-2002-0175 | 1 Avaya | 1 Libsafe | 2026-04-16 | N/A |
| libsafe 2.0-11 and earlier allows attackers to bypass protection against format string vulnerabilities via format strings that use the "'" and "I" characters, which are implemented in libc but not libsafe. | ||||
| CVE-2000-0191 | 1 Axis | 1 Storpoint Cd | 2026-04-16 | N/A |
| Axis StorPoint CD allows remote attackers to access administrator URLs without authentication via a .. (dot dot) attack. | ||||
| CVE-2005-0005 | 7 Debian, Gentoo, Graphicsmagick and 4 more | 7 Debian Linux, Linux, Graphicsmagick and 4 more | 2026-04-16 | N/A |
| Heap-based buffer overflow in psd.c for ImageMagick 6.1.0, 6.1.7, and possibly earlier versions allows remote attackers to execute arbitrary code via a .PSD image file with a large number of layers. | ||||
| CVE-2001-1158 | 1 Checkpoint | 1 Firewall-1 | 2026-04-16 | N/A |
| Check Point VPN-1/FireWall-1 4.1 base.def contains a default macro, accept_fw1_rdp, which can allow remote attackers to bypass intended restrictions with forged RDP (internal protocol) headers to UDP port 259 of arbitrary hosts. | ||||
| CVE-2001-0117 | 4 Immunix, Mandrakesoft, Redhat and 1 more | 5 Immunix, Mandrake Linux, Mandrake Linux Corporate Server and 2 more | 2026-04-16 | N/A |
| sdiff 2.7 in the diffutils package allows local users to overwrite files via a symlink attack. | ||||
| CVE-2000-0205 | 1 Trend Micro | 1 Officescan | 2026-04-16 | N/A |
| Trend Micro OfficeScan allows remote attackers to replay administrative commands and modify the configuration of OfficeScan clients. | ||||