Export limit exceeded: 29946 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29946 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-0723 | 1 Microsoft | 1 Java Virtual Machine | 2026-04-16 | N/A |
| Microsoft Java virtual machine (VM) 5.0.0.3810 allows remote attackers to bypass sandbox restrictions to read or write certain data between applets from different domains via the "GET/Key" and "PUT/Key/Value" commands, aka "cross-site Java." | ||||
| CVE-2005-3756 | 1 Google | 2 Mini Search Appliance, Search Appliance | 2026-04-16 | N/A |
| Google Mini Search Appliance, and possibly Google Search Appliance, allows remote attackers to port scan arbitrary hosts via URLs with modified targets and ports, then comparing the resulting error messages to determine open and closed ports. | ||||
| CVE-2004-0726 | 1 Microsoft | 1 Windows 2000 | 2026-04-16 | N/A |
| The Windows Media Player control in Microsoft Windows 2000 allows remote attackers to execute arbitrary script in the local computer zone via an ASX filename that contains javascript, which is executed in the local context in a preview panel. | ||||
| CVE-2004-2308 | 1 Cpanel | 1 Cpanel | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in cPanel 9.1.0 and possibly earlier allows remote attackers to inject arbitrary web script or HTML via the dir parameter in dohtaccess.html. | ||||
| CVE-2004-0729 | 1 Phpbb Group | 1 Phpbb | 2026-04-16 | N/A |
| PhpBB 2.0.8 allows remote attackers to gain sensitive information via an invalid (1) category_rows parameter to index.php, (2) faq parameter to faq.php, or (3) ranksrow parameter to profile.php, which reveal the full path in an error message. | ||||
| CVE-2004-2318 | 1 Netwin | 1 Surgeftp | 2026-04-16 | N/A |
| The administrative interface (surgeftpmgr.cgi) for SurgeFTP Server 1.0b through 2.2k1 allows remote attackers to cause a temporary denial of service (crash) via requests with two percent (%) signs in the CMD parameter. | ||||
| CVE-2002-1250 | 1 Abuse | 1 Abuse | 2026-04-16 | N/A |
| Buffer overflow in Abuse 2.00 and earlier allows local users to gain root privileges via a long -net command line argument. | ||||
| CVE-2004-0736 | 1 Francisco Burzi | 1 Php-nuke | 2026-04-16 | N/A |
| The search module in Php-Nuke allows remote attackers to gain sensitive information via the (1) "**" or (2) "+" search patterns, which reveals the path in an error message. | ||||
| CVE-2002-1251 | 1 Log2mail | 1 Log2mail | 2026-04-16 | N/A |
| Buffer overflow in log2mail before 0.2.5.1 allows remote attackers to execute arbitrary code via a long log message. | ||||
| CVE-2002-2005 | 1 Sun | 1 Java Web Start | 2026-04-16 | N/A |
| Unknown vulnerability in Java web start 1.0.1_01, 1.0.1, 1.0 and 1.0.1.01 (HP-UX 11.x only) allows attackers to gain access to restricted resources via unknown attack vectors. | ||||
| CVE-2004-2385 | 1 Emumail | 1 Emu Webmail | 2026-04-16 | N/A |
| EMU Webmail 5.2.7 allows remote attackers to obtain sensitive path information (home directory) via an HTTP request for init.emu. | ||||
| CVE-2005-3763 | 1 Exponent | 1 Exponent | 2026-04-16 | N/A |
| Exponent CMS 0.96.3 and later versions includes the full installation path in the base parameter to thumb.php, which allows remote attackers to obtain sensitive information. NOTE: this might be resultant from an absolute path traversal vulnerability. | ||||
| CVE-2005-3765 | 1 Exponent | 1 Exponent | 2026-04-16 | N/A |
| Exponent CMS 0.96.3 and later versions performs a chmod on uploaded files to give them execute permissions, which allows remote attackers to execute arbitrary code. | ||||
| CVE-2005-3767 | 1 Exponent | 1 Exponent | 2026-04-16 | N/A |
| Exponent CMS 0.96.3 and later versions does not properly restrict the types of uploaded files, which allows remote attackers to upload and execute PHP files. | ||||
| CVE-2004-2493 | 1 Hitachi | 2 Groupmax World Wide Web, Groupmax World Wide Web Desktop | 2026-04-16 | N/A |
| Directory traversal vulnerability in Groupmax World Wide Web (GmaxWWW) 2 and 3, and Desktop 5, 6, and Desktop for Jichitai allows remote authenticated users to read arbitrary .html files via the template name parameter. | ||||
| CVE-2004-2500 | 1 Ilohamail | 1 Ilohamail | 2026-04-16 | N/A |
| Unknown vulnerability in IlohaMail before 0.8.14-rc1 has unknown impact and attack vectors. | ||||
| CVE-2005-3521 | 1 E107 | 1 E107 | 2026-04-16 | N/A |
| SQL injection vulnerability in resetcore.php in e107 0.617 through 0.6173 allows remote attackers to execute arbitrary SQL commands, bypass authentication, and inject HTML or script via the (1) a_name parameter or (2) user field of the login page. | ||||
| CVE-2005-3846 | 1 Fscripts | 1 Fantastic News | 2026-04-16 | N/A |
| SQL injection vulnerability in news.php in Fantastic News 2.1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the category parameter. | ||||
| CVE-2004-2501 | 1 Mailenable | 2 Mailenable Enterprise, Mailenable Professional | 2026-04-16 | N/A |
| Buffer overflow in the IMAP service of MailEnable Professional Edition 1.52 and Enterprise Edition 1.01 allows remote attackers to execute arbitrary code via (1) a long command string or (2) a long string to the MEIMAP service and then terminating the connection. | ||||
| CVE-2005-2681 | 1 Cisco | 1 Ips Sensor Software | 2026-04-16 | N/A |
| Unspecified vulnerability in the command line processing (CLI) logic in Cisco Intrusion Prevention System 5.0(1) and 5.0(2) allows local users with OPERATOR or VIEWER privileges to gain additional privileges via unknown vectors. | ||||