Export limit exceeded: 360766 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 29946 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29946 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-1195 | 2 Mplayer, Xine | 2 Mplayer, Xine-lib | 2026-04-16 | N/A |
| Multiple heap-based buffer overflows in the code used to handle (1) MMS over TCP (MMST) streams or (2) RealMedia RTSP streams in xine-lib before 1.0, and other products that use xine-lib such as MPlayer 1.0pre6 and earlier, allow remote malicious servers to execute arbitrary code. | ||||
| CVE-2005-1351 | 1 Leif M. Wright | 1 Ad.cgi | 2026-04-16 | N/A |
| The ad.cgi script allows remote attackers to execute arbitrary commands via shell metacharacters in the argument. | ||||
| CVE-2002-1625 | 1 Macromedia | 1 Flash Player | 2026-04-16 | N/A |
| Macromedia Flash Player 6 does not terminate connections when the user leaves the web page, which allows remote attackers to cause a denial of service (bandwidth, resource, and CPU consumption) via the (1) loadMovie or (2) loadSound commands, which continue to execute until the browser is closed. | ||||
| CVE-2000-0886 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2026-04-16 | N/A |
| IIS 5.0 allows remote attackers to execute arbitrary commands via a malformed request for an executable file whose name is appended with operating system commands, aka the "Web Server File Request Parsing" vulnerability. | ||||
| CVE-2000-0989 | 1 Intel | 1 Inbusiness Email Station | 2026-04-16 | N/A |
| Buffer overflow in Intel InBusiness eMail Station 1.04.87 POP service allows remote attackers to cause a denial of service and possibly execute commands via a long username. | ||||
| CVE-2005-1354 | 1 Forum.pl | 1 Forum.pl | 2026-04-16 | N/A |
| The forum.pl script allows remote attackers to execute arbitrary commands via shell metacharacters in the argument. | ||||
| CVE-2005-1356 | 1 Includer.cgi | 1 Includer.cgi | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in includer.cgi script in The Includer allows remote attackers to inject arbitrary web script or HTML via the argument. | ||||
| CVE-2002-0977 | 1 Microsoft | 1 File Transfer Manager | 2026-04-16 | N/A |
| Buffer overflow in Microsoft File Transfer Manager (FTM) ActiveX control before 4.0 allows remote attackers to execute arbitrary code via a long TS value. | ||||
| CVE-2005-1359 | 1 Text.cgi | 1 Text.cgi | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in text.cgi script allows remote attackers to inject arbitrary web script or HTML via the argument. | ||||
| CVE-2002-1000 | 1 Analogx | 1 Simpleserver Shout | 2026-04-16 | N/A |
| Buffer overflow in AnalogX SimpleServer:Shout 1.0 allows remote attackers to cause a denial of service and execute arbitrary code via a long request to TCP port 8001. | ||||
| CVE-2005-1363 | 1 Metalinks | 1 Metacart2 | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in MetaCart 2.0 for PayFlow allow remote attackers to execute arbitrary commands via (1) intCatalogID, (2) strSubCatalogID, or (3) strSubCatalog_NAME parameter to productsByCategory.asp, (4) curCatalogID, (5) strSubCatalog_NAME, (6) intCatalogID, or (7) page parameter to productsByCategory.asp or (8) intProdID parameter to product.asp. | ||||
| CVE-2005-1391 | 1 Apsis | 1 Pound | 2026-04-16 | N/A |
| Buffer overflow in the add_port function in APSIS Pound 1.8.2 and earlier allows remote attackers to execute arbitrary code via a long Host HTTP header. | ||||
| CVE-2005-3695 | 1 Litespeed Technologies | 1 Litespeed Web Server | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in admin/config/confMgr.php in LiteSpeed Web Server 2.1.5 allows remote attackers to inject arbitrary web script or HTML via the m parameter. | ||||
| CVE-2005-3261 | 1 Versatilebulletinboard | 1 Versatilebulletinboard | 2026-04-16 | N/A |
| getversions.php in versatileBulletinBoard (vBB) 1.0.0 RC2 lists the versions of all installed scripts, which allows remote attackers to obtain sensitive information via a direct request. | ||||
| CVE-2002-1022 | 1 Working Resources Inc. | 1 Badblue | 2026-04-16 | N/A |
| BadBlue server stores passwords in plaintext in the ext.ini file, which could allow local and possibly remote attackers to gain privileges. | ||||
| CVE-2005-1448 | 1 S9y | 1 Serendipity | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the BBCode plugin for Serendipity before 0.8 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | ||||
| CVE-2005-3262 | 1 Rarlab | 1 Winrar | 2026-04-16 | N/A |
| Format string vulnerability in RARLAB WinRAR 2.90 through 3.50 allows remote attackers to execute arbitrary code via format string specifiers in a UUE/XXE file, which are not properly handled when WinRAR displays diagnostic errors related to an invalid filename. | ||||
| CVE-2005-3696 | 1 Arki-db | 1 Arki-db | 2026-04-16 | N/A |
| SQL injection vulnerability in Arki-DB 1.0 and 2.0 allows remote attackers to execute arbitrary SQL commands via the catid parameter in a view action (view.php) to index.php. | ||||
| CVE-2004-0277 | 1 Bolintech | 1 Dream Ftp Server | 2026-04-16 | N/A |
| Format string vulnerability in Dream FTP 1.02 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in the username. | ||||
| CVE-2005-1602 | 1 Net56 | 1 File Manager | 2026-04-16 | N/A |
| SQL injection vulnerability in login.asp for Net56 Browser Based File Manager 1.0 allows remote attackers to execute arbitrary SQL commands and bypass authentication via the password field. | ||||