Export limit exceeded: 29946 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29946 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2001-0944 | 1 Khaled Mardam-bey | 1 Mirc | 2026-04-16 | N/A |
| DDE in mIRC allows local users to launch applications under another user's account via a DDE message that executes a command, which may be executed by the other user's process. | ||||
| CVE-2005-1837 | 1 Fortinet | 1 Fortinet Firewall | 2026-04-16 | N/A |
| Fortinet firewall running FortiOS 2.x contains a hardcoded username with the password set to the serial number, which allows local users with console access to gain privileges. | ||||
| CVE-2005-4026 | 1 Geeklog | 1 Geeklog | 2026-04-16 | N/A |
| search.php in Geeklog 1.4.x before 1.4.0rc1, and 1.3.x before 1.3.11sr3, allows remote attackers to obtain sensitive information via invalid (1) datestart and (2) dateend parameters, which leaks the web server path in an error message. | ||||
| CVE-2001-0953 | 1 Nara Vision | 1 Kebi Community | 2026-04-16 | N/A |
| Kebi WebMail allows remote attackers to access the administrator menu and gain privileges via the /a/ hidden directory, which is installed under the web document root. | ||||
| CVE-2005-4141 | 1 Aspmforum | 1 Aspmforum | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in ASPMForum allow remote attackers to execute arbitrary SQL commands via the (1) harf parameter in kullanicilistesi.asp and (2) baslik parameter in forum.asp. | ||||
| CVE-2005-4030 | 1 Quicksilver Forums | 1 Quicksilver Forums | 2026-04-16 | N/A |
| SQL injection vulnerability in Quicksilver Forums before 1.5.1 allows remote attackers to execute arbitrary SQL commands via the HTTP_USER_AGENT header. | ||||
| CVE-2005-1869 | 1 Appindex | 1 Mwchat | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in start_lobby.php in MWChat 6.x allows remote attackers to execute arbitrary PHP code via the CONFIG[MWCHAT_Libs] parameter. | ||||
| CVE-2001-1023 | 1 Xcache Technologies | 1 Xcache | 2026-04-16 | N/A |
| Xcache 2.1 allows remote attackers to determine the absolute path of web server documents by requesting a URL that is not cached by Xcache, which returns the full pathname in the Content-PageName header. | ||||
| CVE-2004-1477 | 1 Macromedia | 1 Jrun | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the Management Console in JRun 4.0 allows remote attackers to execute arbitrary web script or HTML and possibly hijack a user's session. | ||||
| CVE-2005-4033 | 1 Ali Bousahid | 1 Nodezilla | 2026-04-16 | N/A |
| Nodezilla 0.4.13-corno-fulgure does not properly protect the evl_data directory, which could allow them to be shared when they are not protected by PRIVATEDATADIR in nodezilla.ini, which allows remote attackers to obtain sensitive information. | ||||
| CVE-2004-1478 | 2 Hitachi, Macromedia | 4 Cosminexus Enterprise, Cosminexus Server, Coldfusion and 1 more | 2026-04-16 | N/A |
| JRun 4.0 does not properly generate and handle the JSESSIONID, which allows remote attackers to perform a session fixation attack and hijack a user's HTTP session. | ||||
| CVE-2005-4039 | 1 Web4future | 1 Portal Solutions | 2026-04-16 | N/A |
| Directory traversal vulnerability in arhiva.php in Web4Future Portal Solutions News Portal allows remote attackers to read arbitrary files via the dir parameter. | ||||
| CVE-2001-1040 | 1 Hp | 1 Jetadmin | 2026-04-16 | N/A |
| HP LaserJet, and possibly other JetDirect devices, resets the admin password when the device is turned off, which could allow remote attackers to access the device without the password. | ||||
| CVE-2001-1048 | 1 Topher1kenobe | 1 Awol | 2026-04-16 | N/A |
| AWOL PHP script allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable. | ||||
| CVE-2001-1051 | 1 Dark Hart Portal | 1 Darkportal-unix | 2026-04-16 | N/A |
| Dark Hart Portal (darkportal) PHP script allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable. | ||||
| CVE-2005-4042 | 1 Mr. Cgi Guy | 1 Warm Links | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Warm Links 1.0.0 and earlier allows remote attackers to inject arbitrary web script or HTML via a parameter to search.cgi. | ||||
| CVE-2001-1059 | 1 Vmware | 1 Workstation | 2026-04-16 | N/A |
| VMWare creates a temporary file vmware-log.USERNAME with insecure permissions, which allows local users to read or modify license information. | ||||
| CVE-2001-1063 | 1 Caldera | 2 Openunix, Unixware | 2026-04-16 | N/A |
| Buffer overflow in uidadmin in Caldera Open Unix 8.0.0 and UnixWare 7 allows local users to gain root privileges via a long -S (scheme) command line argument. | ||||
| CVE-2005-4051 | 1 E107 | 1 E107 | 2026-04-16 | N/A |
| e107 0.6174 allows remote attackers to vote multiple times for a download via repeated requests to rate.php. | ||||
| CVE-2005-4053 | 1 Cowiki | 1 Cowiki | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in coWiki 0.3.4 allows remote attackers to inject arbitrary web script or HTML via the q parameter, as demonstrated using 26.html. | ||||