Export limit exceeded: 364251 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (364251 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2003-0169 1 Hp 1 Instant Toptools 2026-04-16 N/A
hpnst.exe in the GoAhead-Webs webserver for HP Instant TopTools before 5.55 allows remote attackers to cause a denial of service (CPU consumption) via a request to hpnst.exe that calls itself, which causes an infinite loop.
CVE-2005-0367 1 Argosoft 1 Argosoft Mail Server 2026-04-16 N/A
Multiple directory traversal vulnerabilities in ArGoSoft Mail Server 1.8.7.3 allow remote authenticated users to read, delete, or upload arbitrary files via a .. (dot dot) in (1) the filename of an e-mail attachment, (2) the _msgatt.rec file, (3) and the /msg, /delete, /folderadd, and /folderdelete operations for the Folder parameter.
CVE-2005-0381 1 Forumkit 1 Forumkit 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in f.aspx in forumKIT 1.0 allows remote attackers to inject arbitrary web script or HTML via the members parameter.
CVE-2005-0392 1 Debian 1 Ppxp 2026-04-16 N/A
ppxp does not drop root privileges before opening log files, which allows local users to execute arbitrary commands.
CVE-2003-0170 1 Ibm 1 Aix 2026-04-16 N/A
Unknown vulnerability in ftpd in IBM AIX 5.2, when configured to use Kerberos 5 for authentication, allows remote attackers to gain privileges via unknown attack vectors.
CVE-2004-0052 3 Clearswift, F-secure, Paul L Daniels 3 Mailsweeper, Internet Gatekeeper, Ripmime 2026-04-16 N/A
Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use non-standard separator characters, or use standard separators incorrectly, within MIME headers, fields, parameters, or values, which may be interpreted differently by mail clients.
CVE-1999-1238 1 Hp 1 Hp-ux 2026-04-16 N/A
Vulnerability in CORE-DIAG fileset in HP message catalog in HP-UX 9.05 and earlier allows local users to gain privileges.
CVE-2003-0171 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
DirectoryServices in MacOS X trusts the PATH environment variable to locate and execute the touch command, which allows local users to execute arbitrary commands by modifying the PATH to point to a directory containing a malicious touch program.
CVE-2003-0161 5 Compaq, Hp, Redhat and 2 more 11 Tru64, Hp-ux, Hp-ux Series 700 and 8 more 2026-04-16 N/A
The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special "NOCHAR" control value, allowing attackers to cause a denial of service and possibly execute arbitrary code via a buffer overflow attack using messages, a different vulnerability than CVE-2002-1337.
CVE-2003-0172 1 Php 1 Php 2026-04-16 N/A
Buffer overflow in openlog function for PHP 4.3.1 on Windows operating system, and possibly other OSes, allows remote attackers to cause a crash and possibly execute arbitrary code via a long filename argument.
CVE-2005-0411 1 Citrusdb 1 Citrusdb 2026-04-16 N/A
Directory traversal vulnerability in index.php for CitrusDB 0.3.6 and earlier allows remote attackers and local users to include arbitrary PHP files via .. (dot dot) sequences in the load parameter.
CVE-2005-0433 1 Francisco Burzi 1 Php-nuke 2026-04-16 N/A
Php-Nuke 7.5 allows remote attackers to determine the full path of the web server via invalid or missing arguments to (1) db.php, (2) mainfile.php, (3) Downloads/index.php, or (4) Web_Links/index.php, which lists the path in a PHP error message.
CVE-1999-1247 1 Hp 1 Hp-ux 2026-04-16 N/A
Vulnerability in HP Camera component of HP DCE/9000 in HP-UX 9.x allows attackers to gain root privileges.
CVE-2003-0173 2 Sgi, Xfsdump 2 Irix, Xfsdump 2026-04-16 N/A
xfsdq in xfsdump does not create quota information files securely, which allows local users to gain root privileges.
CVE-2005-0453 1 Lighttpd 1 Lighttpd 2026-04-16 N/A
The buffer_urldecode function in Lighttpd 1.3.7 and earlier does not properly handle control characters, which allows remote attackers to obtain the source code for CGI and FastCGI scripts via a URL with a %00 (null) character after the file extension.
CVE-2002-0682 1 Apache 1 Tomcat 2026-04-16 N/A
Cross-site scripting vulnerability in Apache Tomcat 4.0.3 allows remote attackers to execute script as other web users via script in a URL with the /servlet/ mapping, which does not filter the script when an exception is thrown by the servlet.
CVE-2005-0462 1 Mercuryboard 1 Mercuryboard 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in MercuryBoard 1.0.x and 1.1.x allows remote attackers to inject arbitrary HTML and web script via the f parameter.
CVE-2003-0175 1 Sgi 1 Irix 2026-04-16 N/A
SGI IRIX before 6.5.21 allows local users to cause a denial of service (kernel panic) via a certain call to the PIOCSWATCH ioctl.
CVE-2003-0177 1 Sgi 1 Irix 2026-04-16 N/A
SGI IRIX 6.5.x through 6.5.20f, and possibly earlier versions, does not follow "-" entries in the /etc/group file, which may cause subsequent group membership entries to be processed inadvertently.
CVE-2003-0179 1 Ibm 2 Lotus Domino Web Server, Lotus Notes Client 2026-04-16 N/A
Buffer overflow in the COM Object Control Handler for Lotus Domino 6.0.1 and earlier allows remote attackers to execute arbitrary code via multiple attack vectors, as demonstrated using the InitializeUsingNotesUserName method in the iNotes ActiveX control.