Export limit exceeded: 364840 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-2704 1 Secure Elements 1 C5 Enterprise Vulnerability Management 2026-04-16 N/A
Secure Elements Class 5 AVR server and client (aka C5 EVM) before 2.8.1 send messages in cleartext, which allows remote attackers to read sensitive vulnerability information.
CVE-2003-1198 1 Cherokee 1 Cherokee Httpd 2026-04-16 N/A
connection.c in Cherokee web server before 0.4.6 allows remote attackers to cause a denial of service via an HTTP POST request without a Content-Length header field.
CVE-2002-1244 1 Pablo Software Solutions 1 Pablo Ftp Server 2026-04-16 N/A
Format string vulnerability in Pablo FTP Server 1.5, 1.3, and possibly other versions, allows remote attackers to cause a denial of service and possibly execute arbitrary code via format strings in the USER command.
CVE-2003-1204 1 Mambo 1 Mambo Site Server 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Mambo Site Server 4.0.12 BETA and earlier allow remote attackers to execute script on other clients via (1) the link parameter in sectionswindow.php, the directory parameter in (2) gallery.php, (3) navigation.php, or (4) uploadimage.php, the path parameter in (5) view.php, (6) the choice parameter in upload.php, (7) the sitename parameter in mambosimple.php, (8) the type parameter in upload.php, or the id parameter in (9) emailarticle.php, (10) emailfaq.php, or (11) emailnews.php.
CVE-2002-1245 1 Frank Mcingvale 1 Luxman 2026-04-16 N/A
Maped in LuxMan 0.41 uses the user-provided search path to find and execute the gzip program, which allows local users to modify /dev/mem and gain privileges via a modified PATH environment variable that points to a Trojan horse gzip program.
CVE-2006-2705 1 Secure Elements 1 C5 Enterprise Vulnerability Management 2026-04-16 N/A
Secure Elements Class 5 AVR server (aka C5 EVM) before 2.8.1 allows remote attackers to cause an unspecified denial of service via a large number of forged client registration messages.
CVE-2002-1247 3 Kde, Lisa, Redhat 5 Kde, Klisa, Lisa and 2 more 2026-04-16 N/A
Buffer overflow in LISa allows local users to gain access to a raw socket via a long LOGNAME environment variable for the resLISa daemon.
CVE-2003-1213 1 Maxwebportal 1 Maxwebportal 2026-04-16 N/A
The default installation of MaxWebPortal 1.30 stores the portal database under the web document root with insecure access control, which allows remote attackers to obtain sensitive information via a direct request to database/db2000.mdb.
CVE-2002-1248 1 Northern Solutions 1 Xeneo Web Server 2026-04-16 N/A
Northern Solutions Xeneo Web Server 2.1.0.0, 2.0.759.6, and other versions before 2.1.5 allows remote attackers to cause a denial of service (crash) via a GET request for a "%" URI.
CVE-2003-1216 1 Phpbb Group 1 Phpbb 2026-04-16 N/A
SQL injection vulnerability in search.php for phpBB 2.0.6 and earlier allows remote attackers to execute arbitrary SQL and gain privileges via the search_id parameter.
CVE-2002-1254 1 Microsoft 2 Ie, Internet Explorer 2026-04-16 N/A
Internet Explorer 5.5 and 6.0 allows remote attackers to bypass the cross-domain security model and access information on the local system or in other domains, and possibly execute code, via cached methods and objects, aka "Cross Domain Verification via Cached Methods."
CVE-1999-1431 1 Microsoft 1 Zero Administration Kit 2026-04-16 N/A
ZAK in Appstation mode allows users to bypass the "Run only allowed apps" policy by starting Explorer from Office 97 applications (such as Word), installing software into the TEMP directory, and changing the name to that for an allowed application, such as Winword.exe.
CVE-2002-1257 1 Microsoft 8 Windows 2000, Windows 2000 Terminal Services, Windows 95 and 5 more 2026-04-16 N/A
Microsoft Virtual Machine (VM) up to and including build 5.0.3805 allows remote attackers to execute arbitrary code by including a Java applet that invokes COM (Component Object Model) objects in a web site or an HTML mail.
CVE-2002-1260 1 Microsoft 8 Windows 2000, Windows 2000 Terminal Services, Windows 95 and 5 more 2026-04-16 N/A
The Java Database Connectivity (JDBC) APIs in Microsoft Virtual Machine (VM) 5.0.3805 and earlier allow remote attackers to bypass security checks and access database contents via an untrusted Java applet.
CVE-2000-0892 2 Caldera, U Win 2 Openlinux, U Win 2026-04-16 N/A
Some telnet clients allow remote telnet servers to request environment variables from the client that may contain sensitive information, or remote web servers to obtain the information via a telnet: URL.
CVE-2001-1229 3 Icecast, Libshout, Redhat 3 Icecast, Libshout, Powertools 2026-04-16 N/A
Buffer overflows in (1) Icecast before 1.3.9 and (2) libshout before 1.0.4 allow remote attackers to cause a denial of service (crash) and execute arbitrary code.
CVE-2000-1192 1 Btt Software 1 Snmp Trap Watcher 2026-04-16 N/A
Buffer overflow in BTT Software SNMP Trap Watcher 1.16 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long string trap.
CVE-2000-1194 1 Argosoft 1 Ftp Server 2026-04-16 N/A
Argosoft FRP server 1.0 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long string to the (1) USER or (2) CWD commands.
CVE-2001-0001 1 Francisco Burzi 1 Php-nuke 2026-04-16 N/A
cookiedecode function in PHP-Nuke 4.4 allows users to bypass authentication and gain access to other user accounts by extracting the authentication information from a cookie.
CVE-2002-1264 1 Oracle 1 Oracle9i 2026-04-16 N/A
Buffer overflow in Oracle iSQL*Plus web application of the Oracle 9 database server allows remote attackers to execute arbitrary code via a long USERID parameter in the isqlplus URL.