Export limit exceeded: 29946 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29946 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-0723 1 Microsoft 1 Java Virtual Machine 2026-04-16 N/A
Microsoft Java virtual machine (VM) 5.0.0.3810 allows remote attackers to bypass sandbox restrictions to read or write certain data between applets from different domains via the "GET/Key" and "PUT/Key/Value" commands, aka "cross-site Java."
CVE-2005-3756 1 Google 2 Mini Search Appliance, Search Appliance 2026-04-16 N/A
Google Mini Search Appliance, and possibly Google Search Appliance, allows remote attackers to port scan arbitrary hosts via URLs with modified targets and ports, then comparing the resulting error messages to determine open and closed ports.
CVE-2004-0726 1 Microsoft 1 Windows 2000 2026-04-16 N/A
The Windows Media Player control in Microsoft Windows 2000 allows remote attackers to execute arbitrary script in the local computer zone via an ASX filename that contains javascript, which is executed in the local context in a preview panel.
CVE-2004-2308 1 Cpanel 1 Cpanel 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in cPanel 9.1.0 and possibly earlier allows remote attackers to inject arbitrary web script or HTML via the dir parameter in dohtaccess.html.
CVE-2004-0729 1 Phpbb Group 1 Phpbb 2026-04-16 N/A
PhpBB 2.0.8 allows remote attackers to gain sensitive information via an invalid (1) category_rows parameter to index.php, (2) faq parameter to faq.php, or (3) ranksrow parameter to profile.php, which reveal the full path in an error message.
CVE-2004-2318 1 Netwin 1 Surgeftp 2026-04-16 N/A
The administrative interface (surgeftpmgr.cgi) for SurgeFTP Server 1.0b through 2.2k1 allows remote attackers to cause a temporary denial of service (crash) via requests with two percent (%) signs in the CMD parameter.
CVE-2002-1250 1 Abuse 1 Abuse 2026-04-16 N/A
Buffer overflow in Abuse 2.00 and earlier allows local users to gain root privileges via a long -net command line argument.
CVE-2004-0736 1 Francisco Burzi 1 Php-nuke 2026-04-16 N/A
The search module in Php-Nuke allows remote attackers to gain sensitive information via the (1) "**" or (2) "+" search patterns, which reveals the path in an error message.
CVE-2002-1251 1 Log2mail 1 Log2mail 2026-04-16 N/A
Buffer overflow in log2mail before 0.2.5.1 allows remote attackers to execute arbitrary code via a long log message.
CVE-2002-2005 1 Sun 1 Java Web Start 2026-04-16 N/A
Unknown vulnerability in Java web start 1.0.1_01, 1.0.1, 1.0 and 1.0.1.01 (HP-UX 11.x only) allows attackers to gain access to restricted resources via unknown attack vectors.
CVE-2004-2385 1 Emumail 1 Emu Webmail 2026-04-16 N/A
EMU Webmail 5.2.7 allows remote attackers to obtain sensitive path information (home directory) via an HTTP request for init.emu.
CVE-2005-3763 1 Exponent 1 Exponent 2026-04-16 N/A
Exponent CMS 0.96.3 and later versions includes the full installation path in the base parameter to thumb.php, which allows remote attackers to obtain sensitive information. NOTE: this might be resultant from an absolute path traversal vulnerability.
CVE-2005-3765 1 Exponent 1 Exponent 2026-04-16 N/A
Exponent CMS 0.96.3 and later versions performs a chmod on uploaded files to give them execute permissions, which allows remote attackers to execute arbitrary code.
CVE-2005-3767 1 Exponent 1 Exponent 2026-04-16 N/A
Exponent CMS 0.96.3 and later versions does not properly restrict the types of uploaded files, which allows remote attackers to upload and execute PHP files.
CVE-2004-2493 1 Hitachi 2 Groupmax World Wide Web, Groupmax World Wide Web Desktop 2026-04-16 N/A
Directory traversal vulnerability in Groupmax World Wide Web (GmaxWWW) 2 and 3, and Desktop 5, 6, and Desktop for Jichitai allows remote authenticated users to read arbitrary .html files via the template name parameter.
CVE-2004-2500 1 Ilohamail 1 Ilohamail 2026-04-16 N/A
Unknown vulnerability in IlohaMail before 0.8.14-rc1 has unknown impact and attack vectors.
CVE-2005-3521 1 E107 1 E107 2026-04-16 N/A
SQL injection vulnerability in resetcore.php in e107 0.617 through 0.6173 allows remote attackers to execute arbitrary SQL commands, bypass authentication, and inject HTML or script via the (1) a_name parameter or (2) user field of the login page.
CVE-2005-3846 1 Fscripts 1 Fantastic News 2026-04-16 N/A
SQL injection vulnerability in news.php in Fantastic News 2.1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the category parameter.
CVE-2004-2501 1 Mailenable 2 Mailenable Enterprise, Mailenable Professional 2026-04-16 N/A
Buffer overflow in the IMAP service of MailEnable Professional Edition 1.52 and Enterprise Edition 1.01 allows remote attackers to execute arbitrary code via (1) a long command string or (2) a long string to the MEIMAP service and then terminating the connection.
CVE-2005-2681 1 Cisco 1 Ips Sensor Software 2026-04-16 N/A
Unspecified vulnerability in the command line processing (CLI) logic in Cisco Intrusion Prevention System 5.0(1) and 5.0(2) allows local users with OPERATOR or VIEWER privileges to gain additional privileges via unknown vectors.