Export limit exceeded: 29946 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29946 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-4648 | 1 Bingo News | 1 Bingo News | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in bp_ncom.php in BinGo News (BP News) 3.01 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the bnrep parameter. | ||||
| CVE-2002-0295 | 1 Alcatel-lucent | 1 Omnipcx | 2026-04-16 | N/A |
| Alcatel OmniPCX 4400 installs files with world-writable permissions, which allows local users to reconfigure the system and possibly gain privileges. | ||||
| CVE-2002-0296 | 1 Tarantella | 1 Tarantella Enterprise | 2026-04-16 | N/A |
| The installation of Tarantella Enterprise 3 allows local users to overwrite arbitrary files via a symlink attack on the "spinning" temporary file. | ||||
| CVE-2005-3811 | 1 Amax Information Technologies | 1 Magic Winmail Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in admin/main.php in AMAX Magic Winmail Server 4.2 (build 0824) and earlier allows remote attackers to overwrite arbitrary files with session information via the sid parameter. | ||||
| CVE-2003-0262 | 1 Leksbot | 1 Leksbot | 2026-04-16 | N/A |
| leksbot 1.2.3 in Debian GNU/Linux installs the KATAXWR as setuid root, which allows local users to gain root privileges by exploiting unknown vulnerabilities related to the escalated privileges, which KATAXWR is not designed to have. | ||||
| CVE-2005-3461 | 1 Oracle | 1 Peoplesoft Enterprise | 2026-04-16 | N/A |
| Unspecified vulnerability in PeopleTools in Oracle PeopleSoft Enterprise 8.42 up to 8.45.17 has unknown impact and attack vectors, as identified by Oracle Vuln# PSE01. | ||||
| CVE-2005-3540 | 1 Petris | 1 Petris | 2026-04-16 | N/A |
| Buffer overflow in petris before 1.0.1 allows remote attackers to execute arbitrary code via unspecified attack vectors. | ||||
| CVE-2006-4617 | 1 Vtiger | 1 Vtiger Crm | 2026-04-16 | N/A |
| Unrestricted file upload vulnerability in fileupload.html in vtiger CRM 4.2.4, and possibly earlier versions, allows remote attackers to upload and execute arbitrary files with executable extensions in the /cashe/mails folder. | ||||
| CVE-2005-0942 | 1 Sybase | 1 Adaptive Server Enterprise | 2026-04-16 | N/A |
| The XP Server process (xp_server) in Sybase Adaptive Server Enterprise (ASE) XP Server 12.x before 12.5.3 ESD#1 allows attackers to cause a denial of service (process crash) via malformed data sent to the XP Server TCP port. | ||||
| CVE-2005-3546 | 1 F-secure | 2 F-secure Anti-virus, Internet Gatekeeper | 2026-04-16 | N/A |
| suid.cgi scripts in F-Secure (1) Internet Gatekeeper for Linux before 2.15.484 and (2) Anti-Virus Linux Gateway before 2.16 are installed SUID with world-executable permissions, which allows local users to gain privilege. | ||||
| CVE-2006-0691 | 1 Scheduling Management.com | 1 Time Tracking Software | 2026-04-16 | N/A |
| edituser.php in TTS Time Tracking Software 3.0 does not verify that the name and password are correct, which allows remote attackers to overwrite arbitrary data belonging to any account. | ||||
| CVE-2006-0735 | 2 Fuzzymonkey, M Blom | 2 My Blog, Html-bbcode | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in BBcode.pm in M. Blom HTML::BBCode 1.04 and earlier, as used in products such as My Blog before 1.65, allows remote attackers to inject arbitrary Javascript via a javascript URI in an (1) img or (2) url BBcode tag. | ||||
| CVE-2002-1456 | 1 Khaled Mardam-bey | 1 Mirc | 2026-04-16 | N/A |
| Buffer overflow in mIRC 6.0.2 and earlier allows remote attackers to execute arbitrary code via a long $asctime value. | ||||
| CVE-2002-1457 | 1 Leszek Krupinski | 1 L-forum | 2026-04-16 | N/A |
| SQL injection vulnerability in search.php for L-Forum 2.40 allows remote attackers to execute arbitrary SQL statements via the search parameter. | ||||
| CVE-2002-0807 | 2 Mozilla, Redhat | 2 Bugzilla, Powertools | 2026-04-16 | N/A |
| Cross-site scripting vulnerabilities in Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, could allow remote attackers to execute script as other Bugzilla users via the full name (real name) field, which is not properly quoted by editusers.cgi. | ||||
| CVE-2005-1053 | 1 Moderngigabyte | 1 Modernbill | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in orderwiz.php in ModernBill 4.3.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) c_code or (2) aid parameters. | ||||
| CVE-2005-1058 | 1 Cisco | 1 Ios | 2026-04-16 | N/A |
| Cisco IOS 12.2T, 12.3 and 12.3T, when processing an ISAKMP profile that specifies XAUTH authentication after Phase 1 negotiation, may not process certain attributes in the ISAKMP profile that specifies XAUTH, which allows remote attackers to bypass XAUTH and move to Phase 2 negotiations. | ||||
| CVE-2003-0494 | 1 Snitz Communications | 1 Snitz Forums 2000 | 2026-04-16 | N/A |
| password.asp in Snitz Forums 3.4.03 and earlier allows remote attackers to reset passwords and gain privileges as other users by via a direct request to password.asp with a modified member id. | ||||
| CVE-2005-1059 | 1 Linksys | 1 Wet11 | 2026-04-16 | N/A |
| Linksys WET11 1.5.4 allows remote attackers to change the password without providing the original password via the data parameter to changepw.html. | ||||
| CVE-2005-1060 | 1 Novell | 1 Netware | 2026-04-16 | N/A |
| Unknown vulnerability in the TCP/IP functionality (TCPIP.NLM) in Novell Netware 6.x allows remote attackers to cause a denial of service (ABEND by Page Fault Processor Exception) via certain packets. | ||||