Export limit exceeded: 29946 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29946 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-4638 | 1 Kayako | 1 Supportsuite | 2026-04-16 | N/A |
| index.php in Kayako SupportSuite 3.00.26 and earlier allow remote attackers to obtain the full path via (1) _a and (2) newsid parameters in the news module, (3) downloaditemid parameter in the downloads module, and (4) kbarticleid parameter in the knowledgebase module. | ||||
| CVE-2005-1888 | 1 Mediawiki | 1 Mediawiki | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in MediaWiki before 1.4.5 allows remote attackers to inject arbitrary web script via HTML attributes in page templates. | ||||
| CVE-1999-0568 | 1 Sun | 1 Solaris | 2026-04-16 | N/A |
| rpc.admind in Solaris is not running in a secure mode. | ||||
| CVE-1999-0571 | 2026-04-16 | N/A | ||
| A router's configuration service or management interface (such as a web server or telnet) is configured to allow connections from arbitrary hosts. | ||||
| CVE-2005-0271 | 1 Photopost | 1 Reviewpost Php Pro | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in ReviewPost PHP Pro before 2.84 allow remote attackers to execute arbitrary SQL commands via the (1) cat parameter to showcat.php or (2) product parameter to addfav.php. | ||||
| CVE-1999-0638 | 2026-04-16 | N/A | ||
| The daytime service is running. | ||||
| CVE-2005-1117 | 1 All4www | 1 All4www-homepagecreator | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in index.php in All4WWW-Homepagecreator 1.0a allows remote attackers to execute arbitrary PHP code by modifying the site parameter to reference a URL on a remote web server that contains the code. | ||||
| CVE-2005-2379 | 1 Oracle | 1 Reports | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Oracle Reports 9.0.2 allow remote attackers to inject arbitrary web script or HTML via the (1) debug parameter to showenv, (2) test parameter to parsequery, or (3) delimiter or (4) CELLWRAPPER parameter to rwservlet. | ||||
| CVE-2005-2471 | 2 Netpbm, Redhat | 2 Netpbm, Enterprise Linux | 2026-04-16 | N/A |
| pstopnm in netpbm does not properly use the "-dSAFER" option when calling Ghostscript to convert a PostScript file into a (1) PBM, (2) PGM, or (3) PNM file, which allows external user-assisted attackers to execute arbitrary commands. | ||||
| CVE-2005-4646 | 1 Pearlinger | 1 Pearl Forums | 2026-04-16 | N/A |
| Unspecified vulnerability in index.php in PEARLINGER Pearl Forums 2.4 allows remote attackers to include arbitrary files via the mode parameter, possibly due to a directory traversal vulnerability. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2001-0439 | 5 Conectiva, Freebsd, Licq and 2 more | 7 Linux, Freebsd, Licq and 4 more | 2026-04-16 | N/A |
| licq before 1.0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in a URL. | ||||
| CVE-1999-0650 | 2026-04-16 | N/A | ||
| The netstat service is running, which provides sensitive information to remote attackers. | ||||
| CVE-1999-0676 | 1 Sun | 2 Solaris, Sunos | 2026-04-16 | N/A |
| sdtcm_convert in Solaris 2.6 allows a local user to overwrite sensitive files via a symlink attack. | ||||
| CVE-2006-3006 | 1 Ifoto | 1 Ifoto | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in iFoto 0.20, and possibly other versions before 0.50, allows remote attackers to inject arbitrary HTML or web script via a base64-encoded file parameter. | ||||
| CVE-2005-4167 | 1 Efiction Project | 1 Efiction | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in eFiction 1.0 and 1.1 allows remote attackers to inject arbitrary web script or HTML via the let parameter in a viewlist action to titles.php. | ||||
| CVE-1999-0679 | 1 Hybrid Network | 1 Hybrid Ircd | 2026-04-16 | N/A |
| Buffer overflow in hybrid-6 IRC server commonly used on EFnet allows remote attackers to execute commands via m_invite invite option. | ||||
| CVE-2005-2563 | 1 Gravity Board X Development Team | 1 Gravity Board X | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Gravity Board X (GBX) 1.1 allow remote attackers to inject arbitrary web script or HTML via (1) the board_id parameter to deletethread.php or (2) the template. | ||||
| CVE-1999-0686 | 2 Hp, Netscape | 2 Hp-ux, Enterprise Server | 2026-04-16 | N/A |
| Denial of service in Netscape Enterprise Server (NES) in HP Virtual Vault (VVOS) via a long URL. | ||||
| CVE-1999-0687 | 4 Cde, Digital, Ibm and 1 more | 5 Cde, Unix, Aix and 2 more | 2026-04-16 | N/A |
| The ToolTalk ttsession daemon uses weak RPC authentication, which allows a remote attacker to execute commands. | ||||
| CVE-1999-0693 | 3 Hp, Ibm, Sco | 3 Hp-ux, Aix, Unixware | 2026-04-16 | N/A |
| Buffer overflow in TT_SESSION environment variable in ToolTalk shared library allows local users to gain root privileges. | ||||