Export limit exceeded: 29946 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29946 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-0055 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| The ispell_op function in ee on FreeBSD 4.10 to 6.0 uses predictable filenames and does not confirm which file is being written, which allows local users to overwrite arbitrary files via a symlink attack when ee invokes ispell. | ||||
| CVE-2006-0066 | 1 Phpjournaler | 1 Phpjournaler | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php in PHPjournaler 1.0 allows remote attackers to execute arbitrary SQL commands via the readold parameter. | ||||
| CVE-2004-1708 | 1 Shawn Webb | 1 Webbsyte Chat | 2026-04-16 | N/A |
| Webbsyte Chat 0.9.0 allows remote attackers to cause a denial of service (crash) via a large number of connections. | ||||
| CVE-2006-1001 | 1 Lansuite | 1 Lanparty Intranet System | 2026-04-16 | N/A |
| SQL injection vulnerability in the board module in LanSuite LanParty Intranet System 2.0.6 and 2.1.0 beta allows remote attackers to execute arbitrary SQL commands via the fid parameter. | ||||
| CVE-2004-1725 | 1 John Bradley | 1 Xv | 2026-04-16 | N/A |
| Stack-based buffer overflow in xvbmp.c in XV allows remote attackers to execute arbitrary code via a crafted image file. | ||||
| CVE-2003-0648 | 2 Debian, Fte | 2 Debian Linux, Fte Text Editor | 2026-04-16 | N/A |
| Multiple buffer overflows in vfte, based on FTE, before 0.50, allow local users to execute arbitrary code. | ||||
| CVE-2002-1889 | 1 Logsurfer | 1 Logsurfer | 2026-04-16 | N/A |
| Off-by-one buffer overflow in the context_action function in context.c of Logsurfer 1.41 through 1.5a allows remote attackers to cause a denial of service (crash) via a malformed log entry. | ||||
| CVE-2002-1939 | 1 Flashfxp | 1 Flashfxp | 2026-04-16 | N/A |
| FlashFXP 1.4 prints FTP passwords in plaintext when there are transfers in the queue, which allows attackers to obtain FTP passwords of other users by editing the queue properties. | ||||
| CVE-2002-1948 | 1 Gringotts | 1 Gringotts | 2026-04-16 | N/A |
| Multiple buffer overflows in Gringotts 0.5.9 allows local users to execute arbitrary commands via unknown attack vectors. | ||||
| CVE-2002-1956 | 1 Rox | 1 Filer | 2026-04-16 | N/A |
| ROX Filer 1.1.9 and 1.2 is installed with world writable permissions, which allows local users to write to arbitrary files. | ||||
| CVE-2005-2572 | 1 Oracle | 1 Mysql | 2026-04-16 | N/A |
| MySQL, when running on Windows, allows remote authenticated users with insert privileges on the mysql.func table to cause a denial of service (server hang) and possibly execute arbitrary code via (1) a request for a non-library file, which causes the Windows LoadLibraryEx function to block, or (2) a request for a function in a library that has the XXX_deinit or XXX_init functions defined but is not tailored for mySQL, such as jpeg1x32.dll and jpeg2x32.dll. | ||||
| CVE-2002-1536 | 1 Hans Persson | 1 Molly | 2026-04-16 | N/A |
| Molly IRC bot 0.5 allows remote attackers to execute arbitrary commands via shell metacharacters in (1) the $host variable for nslookup.pl, (2) the $to, $from, or $message variables in pop.pl, (3) the $words or $text variables in sms.pl, or (4) the $server or $printer variables in hpled.pl. | ||||
| CVE-2004-1764 | 1 Hp | 1 Hp-ux | 2026-04-16 | N/A |
| Buffer overflow in CDE libDtSvc on HP-UX B.11.00, B.11.04, B.11.11, and B.11.22 allows local users to gain root privileges via unknown vectors. | ||||
| CVE-2006-1564 | 1 Debian | 1 Debian Linux | 2026-04-16 | N/A |
| Untrusted search path vulnerability in libapache2-svn 1.3.0-4 for Subversion in Debian GNU/Linux includes RPATH values under the /tmp/svn directory for the (1) mod_authz_svn.so and (2) mod_dav_svn.so modules, which might allow local users to gain privileges by installing malicious libraries in that directory. | ||||
| CVE-2001-1419 | 2 Aol, Cerulean Studios | 2 Instant Messenger, Trillian | 2026-04-16 | N/A |
| AOL Instant Messenger (AIM) 4.7.2480 and earlier allows remote attackers to cause a denial of service (application crash) via an instant message that contains a large amount of "<!--" HTML comments. | ||||
| CVE-2006-1582 | 1 Blanknberg | 1 Blanknberg | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Blank'N'Berg 0.2 allows remote attackers to inject arbitrary web script or HTML via the _path parameter. NOTE: this might be resultant from the directory traversal issue. | ||||
| CVE-2006-3259 | 1 E107 | 1 E107 | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in e107 0.7.5 allow remote attackers to inject arbitrary web script or HTML via the (1) ep parameter to search.php and the (2) subject parameter in comment.php (aka the Subject field when posting a comment). | ||||
| CVE-2005-4548 | 1 Rws | 1 Statistics Counter | 2026-04-16 | N/A |
| SQL injection vulnerability in the "user area" in RWS Statistics Counter before 2.4.1 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | ||||
| CVE-2004-0621 | 1 Zaireweb Solutions | 1 Newsletter Zws | 2026-04-16 | N/A |
| admin.php in Newsletter ZWS allows remote attackers to gain administrative privileges via a list_user operation with the ulevel parameter set to 1 (administrator level), which lists all users and their passwords. | ||||
| CVE-2005-4047 | 1 Iisworks | 1 Aspknowledgebase | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in kb.asp in IISWorks ASPKnowledgeBase 2.0 allows remote attackers to inject arbitrary web script or HTML via the a parameter. | ||||