Export limit exceeded: 359219 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 29946 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29946 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-0281 | 1 Jowood Productions | 1 Soldner Secret Wars | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the web interface in Soldner Secret Wars 30830 allows remote attackers to inject arbitrary web script or HTML via a user message, which is not filtered or quoted when the administrator views the server logs. | ||||
| CVE-2005-0284 | 1 Woltlab | 1 Burning Book | 2026-04-16 | N/A |
| SQL injection vulnerability in addentry.php in Woltlab Burning Book 1.0 Gold, 1.1.1e, and possibly other versions, allows remote attackers to execute arbitrary SQL commands via the user-agent parameter. | ||||
| CVE-2002-0546 | 1 Nullsoft | 1 Winamp | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in the mini-browser for Winamp 2.78 and 2.79 allows remote attackers to execute script via an ID3v1 or ID3v2 tag in an MP3 file. | ||||
| CVE-2005-0287 | 1 Bottomline | 1 Webseries Payment Application | 2026-04-16 | N/A |
| Bottomline Webseries Payment Application allows remote attackers to read arbitrary files on the network via a report template with modified ReportPath or ReportName values. | ||||
| CVE-2005-0289 | 1 Apple | 2 Airport Express, Airport Extreme | 2026-04-16 | N/A |
| Apple AirPort Express prior to 6.1.1 and Extreme prior to 5.5.1, configured as a Wireless Data Service (WDS), allows remote attackers to cause a denial of service (device freeze) by connecting to UDP port 161 and before link-state change occurs. | ||||
| CVE-2005-0290 | 1 Netgear | 1 Fvs318 | 2026-04-16 | N/A |
| NETGEAR FVS318 running firmware 2.4, and possibly other versions, allows remote attackers to bypass the filters using hex encoded URLs, as demonstrated using a hex encoded file extension. | ||||
| CVE-2002-0568 | 1 Oracle | 3 Application Server, Oracle8i, Oracle9i | 2026-04-16 | N/A |
| Oracle 9i Application Server stores XSQL and SOAP configuration files insecurely, which allows local users to obtain sensitive information including usernames and passwords by requesting (1) XSQLConfig.xml or (2) soapConfig.xml through a virtual directory. | ||||
| CVE-2002-0588 | 1 Steve Korbett | 1 Pvote | 2026-04-16 | N/A |
| PVote before 1.9 does not authenticate users for restricted operations, which allows remote attackers to add or delete polls by modifying parameters to (1) add.php or (2) del.php. | ||||
| CVE-2002-2392 | 1 Nullsoft | 1 Winamp | 2026-04-16 | N/A |
| Winamp 2.65 through 3.0 stores skin files in a predictable file location, which allows remote attackers to execute arbitrary code via a URL reference to (1) wsz and (2) wal files that contain embedded code. | ||||
| CVE-2002-0608 | 1 Matu | 1 Matu Ftp | 2026-04-16 | N/A |
| Buffer overflow in Matu FTP client 1.74 allows remote FTP servers to execute arbitrary code via a long "220" banner. | ||||
| CVE-2005-0292 | 1 Php Gift Registry | 1 Phpgiftreg | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in index.php in PHP Gift Registry (phpGiftReg) 1.4.0, and possibly other versions before 1.5.0b1, allow remote attackers to execute arbitrary SQL commands via the (1) messageid, (2) shopper, (3) shopfor, or (4) itemid parameters. | ||||
| CVE-2005-0293 | 1 Minis | 1 Minis | 2026-04-16 | N/A |
| Directory traversal vulnerability in minis.php in Minis 0.2.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the month parameter. | ||||
| CVE-2005-0295 | 1 Inca | 1 Nprotect Gameguard | 2026-04-16 | N/A |
| npptnt2.sys in nProtect Gameguard provides unrestricted I/O to any process that calls it, which allows local users to gain privileges. | ||||
| CVE-2003-0012 | 1 Mozilla | 1 Bugzilla | 2026-04-16 | N/A |
| The data collection script for Bugzilla 2.14.x before 2.14.5, 2.16.x before 2.16.2, and 2.17.x before 2.17.3 sets world-writable permissions for the data/mining directory when it runs, which allows local users to modify or delete the data. | ||||
| CVE-2002-2408 | 1 Gordano | 1 Ntmail | 2026-04-16 | N/A |
| Gordano Messaging Server (GMS) Mail 8 (a.k.a. NTMail) only filters email messages for the first recipient, which allows remote attackers to bypass JUCE filters by sending a message to more than one user on the GMS server. | ||||
| CVE-2003-0014 | 1 Bmv | 1 Bmv | 2026-04-16 | N/A |
| gsinterf.c in bmv 1.2 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files. | ||||
| CVE-2003-0016 | 1 Apache | 1 Http Server | 2026-04-16 | N/A |
| Apache before 2.0.44, when running on unpatched Windows 9x and Me operating systems, allows remote attackers to cause a denial of service or execute arbitrary code via an HTTP request containing MS-DOS device names. | ||||
| CVE-2002-2414 | 2 Opera Software, Squid | 2 Opera, Squid | 2026-04-16 | N/A |
| Opera 6.0.3, when using Squid 2.4 for HTTPS proxying, does not properly handle when accepting a non-global certificate authority (CA) certificate from a site and establishing a subsequent HTTPS connection, which allows remote attackers to cause a denial of service (crash). | ||||
| CVE-2003-0018 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Linux | 2026-04-16 | N/A |
| Linux kernel 2.4.10 through 2.4.21-pre4 does not properly handle the O_DIRECT feature, which allows local attackers with write privileges to read portions of previously deleted files, or cause file system corruption. | ||||
| CVE-2005-0296 | 1 Novell | 2 Groupwise, Groupwise Webaccess | 2026-04-16 | N/A |
| NOTE: this issue has been disputed by the vendor. The error module in Novell GroupWise WebAccess allows remote attackers who have not authenticated to read potentially sensitive information, such as the version, via an incorrect login and a modified (1) error or (2) modify parameter that returns template files or the "about" information page. NOTE: the vendor has disputed this issue | ||||