Export limit exceeded: 364491 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-2174 1 Early Impact 1 Productcart 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Custva.asp in EarlyImpact ProductCart allows remote attackers to inject arbitrary Javascript via the redirectUrl parameter.
CVE-2004-0385 1 Oracle 2 Application Server Web Cache, E-business Suite 2026-04-16 N/A
Heap-based buffer overflow in Oracle 9i Application Server Web Cache 9.0.4.0.0, 9.0.3.1.0, 9.0.2.3.0, and 9.0.0.4.0 allows remote attackers to execute arbitrary code via a long HTTP request method header to the Web Cache listener. NOTE: due to the vagueness of the Oracle advisory, it is not clear whether there are additional issues besides this overflow, although the advisory alludes to multiple "vulnerabilities."
CVE-2001-0007 1 Netscreen 1 Screen Os 2026-04-16 N/A
Buffer overflow in NetScreen Firewall WebUI allows remote attackers to cause a denial of service via a long URL request to the web administration interface.
CVE-2001-0010 2 Isc, Redhat 2 Bind, Linux 2026-04-16 N/A
Buffer overflow in transaction signature (TSIG) handling code in BIND 8 allows remote attackers to gain root privileges.
CVE-2001-0022 1 Leif M. Wright 1 Simplestguest.cgi 2026-04-16 N/A
simplestguest.cgi CGI program by Leif Wright allows remote attackers to execute arbitrary commands via shell metacharacters in the guestbook parameter.
CVE-2004-2206 1 Natterchat 1 Natterchat 2026-04-16 N/A
SQL injection vulnerability in NatterChat 1.12 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
CVE-2001-0140 3 Immunix, Mandrakesoft, Redhat 3 Immunix, Mandrake Linux, Linux 2026-04-16 N/A
arpwatch 2.1a4 allows local users to overwrite arbitrary files via a symlink attack in some configurations.
CVE-2001-0151 1 Microsoft 1 Internet Information Services 2026-04-16 N/A
IIS 5.0 allows remote attackers to cause a denial of service via a series of malformed WebDAV requests.
CVE-2004-1018 3 Canonical, Php, Redhat 5 Ubuntu Linux, Php, Enterprise Linux and 2 more 2026-04-16 N/A
Multiple integer handling errors in PHP before 4.3.10 allow attackers to bypass safe mode restrictions, cause a denial of service, or execute arbitrary code via (1) a negative offset value to the shmop_write function, (2) an "integer overflow/underflow" in the pack function, or (3) an "integer overflow/underflow" in the unpack function. NOTE: this issue was originally REJECTed by its CNA before publication, but that decision is in active dispute. This candidate may change significantly in the future as a result of further discussion.
CVE-2001-0157 1 Palm 1 Palm Os 2026-04-16 N/A
Debugging utility in the backdoor mode of Palm OS 3.5.2 and earlier allows attackers with physical access to a Palm device to bypass access restrictions and obtain passwords, even if the system lockout mechanism is enabled.
CVE-2004-2242 1 Phorum 1 Phorum 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in search.php in Phorum, possibly 5.0.7 beta and earlier, allows remote attackers to inject arbitrary HTML or web script via the subject parameter.
CVE-2001-0172 2 Hans Reiser, Suse 2 Reiserfs, Suse Linux 2026-04-16 N/A
Buffer overflow in ReiserFS 3.5.28 in SuSE Linux allows local users to cause a denial of service and possibly execute arbitrary commands by via a long directory name.
CVE-2001-0181 1 Caldera 3 Openlinux Desktop, Openlinux Edesktop, Openlinux Eserver 2026-04-16 N/A
Format string vulnerability in the error logging code of DHCP server and client in Caldera Linux allows remote attackers to execute arbitrary commands.
CVE-2001-0183 1 Freebsd 1 Freebsd 2026-04-16 N/A
ipfw and ip6fw in FreeBSD 4.2 and earlier allows remote attackers to bypass access restrictions by setting the ECE flag in a TCP packet, which makes the packet appear to be part of an established connection.
CVE-2001-0189 1 Intranet-server 1 Localweb2000 2026-04-16 N/A
Directory traversal vulnerability in LocalWEB2000 HTTP server allows remote attackers to read arbitrary commands via a .. (dot dot) attack in an HTTP GET request.
CVE-2001-0197 2 Icecast, Redhat 3 Icecast, Linux, Powertools 2026-04-16 N/A
Format string vulnerability in print_client in icecast 1.3.8beta2 and earlier allows remote attackers to execute arbitrary commands.
CVE-2004-2253 1 Netwin 1 Surgeldap 2026-04-16 N/A
Directory traversal vulnerability in user.cgi in SurgeLDAP 1.0g and earlier allows remote attackers to read arbitrary files via a .. in the page parameter of the show command.
CVE-2000-0834 1 Microsoft 1 Windows 2000 2026-04-16 N/A
The Windows 2000 telnet client attempts to perform NTLM authentication by default, which allows remote attackers to capture and replay the NTLM challenge/response via a telnet:// URL that points to the malicious server, aka the "Windows 2000 Telnet Client NTLM Authentication" vulnerability.
CVE-2000-0933 1 Microsoft 1 Windows 2000 2026-04-16 N/A
The Input Method Editor (IME) in the Simplified Chinese version of Windows 2000 does not disable access to privileged functionality that should normally be restricted, which allows local users to gain privileges, aka the "Simplified Chinese IME State Recognition" vulnerability.
CVE-2004-2269 1 Matt Shelton 1 Pads 2026-04-16 N/A
Stack-based buffer overflow in pads.c in Passive Asset Detection System (Pads) might allow local users to execute arbitrary code via a long report file name argument. NOTE: since Pads is not normally installed setuid, this may not be a vulnerability.