Export limit exceeded: 29946 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29946 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-3008 1 Amar Sagoo 1 Tofu 2026-04-16 N/A
Tofu 0.2 allows remote attackers to execute arbitrary Python code via crafted pickled objects, which Tofu unpickles and executes.
CVE-2002-0621 1 Microsoft 1 Commerce Server 2026-04-16 N/A
Buffer overflow in the Office Web Components (OWC) package installer used by Microsoft Commerce Server 2000 allows remote attackers to cause the process to fail or run arbitrary code in the LocalSystem security context via certain input to the OWC package installer.
CVE-2002-1928 1 Software602 1 602pro Lan Suite 2026-04-16 N/A
602Pro LAN SUITE 2002 allows remote attackers to view the directory tree via an HTTP GET request with a trailing "~" (tilde) or ".bak" extension.
CVE-2005-3648 1 Moodle 1 Moodle 2026-04-16 N/A
Multiple SQL injection vulnerabilities in the get_record function in datalib.php in Moodle 1.5.2 allow remote attackers to execute arbitrary SQL commands via the id parameter in (1) category.php and (2) info.php.
CVE-2005-0521 1 Sendlink 1 Sendlink 2026-04-16 N/A
SendLink 1.5 stores sensitive information, possibly including passwords, in plaintext in the data.eat file, which allows local users to gain privileges.
CVE-2005-3010 1 Cutephp 1 Cutenews 2026-04-16 N/A
Direct static code injection vulnerability in the flood protection feature in inc/shows.inc.php in CuteNews 1.4.0 and earlier allows remote attackers to execute arbitrary PHP code via the HTTP_CLIENT_IP header (Client-Ip), which is injected into data/flood.db.php.
CVE-2005-0526 1 Pblang 1 Pblang 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in PBLang 4.65 allow remote attackers to inject arbitrary web script or HTML via (1) the search string to search.php, (2) the subject of a PM, which is processed by pm.php, or (3) the body of a PM, which is processed by pmpshow.php.
CVE-2005-3018 1 Apple 1 Safari 2026-04-16 N/A
Apple Safari allows remote attackers to cause a denial of service (application crash) via a crafted data:// URL.
CVE-2002-1262 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Internet Explorer 5.5 and 6.0 does not perform complete security checks on external caching, which allows remote attackers to read arbitrary files.
CVE-2002-1442 1 Google 1 Toolbar 2026-04-16 N/A
The Google toolbar 1.1.58 and earlier allows remote web sites to perform unauthorized toolbar operations including script execution and file reading in other zones such as "My Computer" by opening a window to tools.google.com or the res: protocol, then using script to modify the window's location to the toolbar's configuration URL, which bypasses the origin verification check.
CVE-2005-0573 1 Rob Flynn 1 Gaim 2026-04-16 N/A
Gaim 1.1.3 on Windows systems allows remote attackers to cause a denial of service (client crash) via a file transfer in which the filename contains "(" or ")" (parenthesis) characters.
CVE-2002-1351 1 Melange 1 Melange Chat System 2026-04-16 N/A
Buffer overflow in Melange Chat System 1.10 allows remote attackers to cause a denial of service (chat server crash) and possibly execute arbitrary code via the msgText buffer in the chat_InterpretData function, as demonstrated via a long Nick (nickname) request.
CVE-2002-1448 1 Avaya 3 Cajun M770-atm, Cajun P130, Cajun P330 2026-04-16 N/A
An undocumented SNMP read/write community string ('NoGaH$@!') in Avaya P330, P130, and M770-ATM Cajun products allows remote attackers to gain administrative privileges.
CVE-2002-1449 1 Frederic Tyndiuk 1 Eupload 2026-04-16 N/A
eUpload 1.0 stores the password.txt password file in plaintext under the web document root, which allows remote attackers to overwrite arbitrary files by reading password.txt.
CVE-2002-1369 3 Apple, Easy Software Products, Redhat 3 Mac Os X, Cups, Linux 2026-04-16 N/A
jobs.c in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly use the strncat function call when processing the options string, which allows remote attackers to execute arbitrary code via a buffer overflow attack.
CVE-2002-1450 1 Ibm 1 U2 Universe 2026-04-16 N/A
IBM UniVerse with UV/ODBC allows attackers to cause a denial of service (client crash or server CPU consumption) via a query with an invalid link between tables, possibly via a buffer overflow.
CVE-2006-4642 1 Auditwizard 1 Auditwizard 2026-04-16 N/A
AuditWizard 6.3.2, when using "Remote Audit," logs the administrator password in plaintext to LaytonCmdSvc.log, which allows local users to obtain sensitive information by reading the file.
CVE-2002-1955 1 Iomega 1 Nas 2026-04-16 N/A
Iomega NAS A300U uses cleartext LANMAN authentication when mounting CIFS/SMB drives, which allows remote attackers to perform a man-in-the-middle attack.
CVE-2005-0595 1 Working Resources Inc. 1 Badblue 2026-04-16 N/A
Buffer overflow in ext.dll in BadBlue 2.55 allows remote attackers to execute arbitrary code via a long mfcisapicommand parameter.
CVE-2006-4593 1 Softbb 1 Softbb 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in index.php in SoftBB 0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the page parameter.