Export limit exceeded: 363124 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 363124 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 29946 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29946 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2003-1278 1 Infopop 1 Opentopic 2026-04-16 N/A
Cross-site scripting vulnerability (XSS) in OpenTopic 2.3.1 allows remote attackers to execute arbitrary script as other users and possibly steal authentication information via cookies by injecting arbitrary HTML or script into IMG tags.
CVE-2004-0946 2 Nfs, Redhat 3 Nfs-utils, Enterprise Linux, Enterprise Linux Desktop 2026-04-16 N/A
rquotad in nfs-utils (rquota_server.c) before 1.0.6-r6 on 64-bit architectures does not properly perform an integer conversion, which leads to a stack-based buffer overflow and allows remote attackers to execute arbitrary code via a crafted NFS request.
CVE-2004-0947 4 Arj Software Inc., Gentoo, Redhat and 1 more 4 Unarj, Linux, Enterprise Linux and 1 more 2026-04-16 N/A
Buffer overflow in unarj before 2.63a-r2 allows remote attackers to execute arbitrary code via an arj archive that contains long filenames.
CVE-2003-1284 1 Sambar 1 Sambar Server 2026-04-16 N/A
Sambar Server before 6.0 beta 6 allows remote attackers to obtain sensitive information via direct requests to the default scripts (1) environ.pl and (2) testcgi.exe.
CVE-2004-0953 1 Jabber Software Foundation 1 Jabber Server 2026-04-16 N/A
Buffer overflow in the C2S module in the open source Jabber 2.x server (Jabberd) allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long username.
CVE-2005-1450 1 S9y 1 Serendipity 2026-04-16 N/A
Unknown vulnerability in "the function used to validate path-names for uploading media" in Serendipity before 0.8 has unknown impact.
CVE-2004-0956 3 Oracle, Suse, Ubuntu 3 Mysql, Suse Linux, Ubuntu Linux 2026-04-16 N/A
MySQL before 4.0.20 allows remote attackers to cause a denial of service (application crash) via a MATCH AGAINST query with an opening double quote but no closing double quote.
CVE-2004-2185 1 Mediawiki 1 Mediawiki 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in MediaWiki 1.3.5 allow remote attackers to execute arbitrary scripts and/or SQL queries via (1) the UnicodeConverter extension, (2) raw page views, (3) SpecialIpblocklist, (4) SpecialEmailuser, (5) SpecialMaintenance, and (6) ImagePage.
CVE-2005-1451 1 S9y 1 Serendipity 2026-04-16 N/A
The media manager in Serendipity before 0.8 allows remote attackers to upload and execute arbitrary (1) .php or (2) .shtml files.
CVE-2005-2416 1 Astalavista It Engineering 1 Contrexx 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Contrexx before 1.0.5 allow remote attackers to inject arbitrary web script or HTML via the (1) term parameter to the search module or (2) title in the blog aggregation module.
CVE-2005-2879 1 Advansysperu Software 1 Usb Lock Auto-protect 2026-04-16 N/A
Advansysperu Software USB Lock Auto-Protect (AP) 1.5 uses a weak encryption scheme to encrypt passwords, which allows local users to gain sensitive information and bypass USB interface protection.
CVE-2004-0963 1 Microsoft 1 Word 2026-04-16 N/A
Buffer overflow in Microsoft Word 2002 (10.6612.6714) SP3, and possibly other versions, allows remote attackers to cause a denial of service (application exception) and possibly execute arbitrary code in winword.exe via certain unexpected values in a .doc file, including (1) an offset that triggers an out-of-bounds memory access, (2) a certain value that causes a large memory copy as triggered by an integer conversion error, and other values.
CVE-2005-1458 2 Ethereal Group, Redhat 2 Ethereal, Enterprise Linux 2026-04-16 N/A
Multiple unknown "other problems" in the KINK dissector in Ethereal before 0.10.11 have unknown impact and attack vectors.
CVE-2004-0968 2 Gnu, Redhat 3 Glibc, Enterprise Linux, Enterprise Linux Desktop 2026-04-16 N/A
The catchsegv script in glibc 2.3.2 and earlier allows local users to overwrite files via a symlink attack on temporary files.
CVE-2005-1460 2 Ethereal Group, Redhat 2 Ethereal, Enterprise Linux 2026-04-16 N/A
Multiple unknown dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (assert error) via an invalid protocol tree item length.
CVE-2003-1293 1 Nukedweb 1 Guestbookhost 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in NukedWeb GuestBookHost allow remote attackers to inject arbitrary web script or HTML via the (1) Name, (2) Email and (3) Message fields when signing the guestbook.
CVE-2004-0971 2 Mit, Redhat 2 Kerberos 5, Enterprise Linux 2026-04-16 N/A
The krb5-send-pr script in the kerberos5 (krb5) package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files.
CVE-2005-1463 2 Ethereal Group, Redhat 2 Ethereal, Enterprise Linux 2026-04-16 N/A
Multiple format string vulnerabilities in the (1) DHCP and (2) ANSI A dissectors in Ethereal before 0.10.11 may allow remote attackers to execute arbitrary code.
CVE-2004-0972 3 Gentoo, Lvm, Redhat 3 Linux, Logical Volume Management Utilities, Enterprise Linux 2026-04-16 N/A
The lvmcreate_initrd script in the lvm package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files.
CVE-2005-2421 1 Beehive Forum 1 Beehive Forum 2026-04-16 N/A
Multiple SQL injection vulnerabilities in index.php and other pages in Beehive Forum allow remote attackers to execute arbitrary SQL commands via the webtag parameter.