Export limit exceeded: 362808 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (362808 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-0232 1 Ibrow 1 News Desk 2026-04-16 N/A
newsdesk.cgi in News Desk 1.2 allows remote attackers to read arbitrary files via shell metacharacters.
CVE-2004-2253 1 Netwin 1 Surgeldap 2026-04-16 N/A
Directory traversal vulnerability in user.cgi in SurgeLDAP 1.0g and earlier allows remote attackers to read arbitrary files via a .. in the page parameter of the show command.
CVE-2001-0197 2 Icecast, Redhat 3 Icecast, Linux, Powertools 2026-04-16 N/A
Format string vulnerability in print_client in icecast 1.3.8beta2 and earlier allows remote attackers to execute arbitrary commands.
CVE-2001-0189 1 Intranet-server 1 Localweb2000 2026-04-16 N/A
Directory traversal vulnerability in LocalWEB2000 HTTP server allows remote attackers to read arbitrary commands via a .. (dot dot) attack in an HTTP GET request.
CVE-2001-0183 1 Freebsd 1 Freebsd 2026-04-16 N/A
ipfw and ip6fw in FreeBSD 4.2 and earlier allows remote attackers to bypass access restrictions by setting the ECE flag in a TCP packet, which makes the packet appear to be part of an established connection.
CVE-2001-0181 1 Caldera 3 Openlinux Desktop, Openlinux Edesktop, Openlinux Eserver 2026-04-16 N/A
Format string vulnerability in the error logging code of DHCP server and client in Caldera Linux allows remote attackers to execute arbitrary commands.
CVE-2000-0818 1 Oracle 1 Listener 2026-04-16 N/A
The default installation for the Oracle listener program 7.3.4, 8.0.6, and 8.1.6 allows an attacker to cause logging information to be appended to arbitrary files and execute commands via the SET TRC_FILE or SET LOG_FILE commands.
CVE-2000-0835 1 Sambar 1 Sambar Server 2026-04-16 N/A
search.dll Sambar ISAPI Search utility in Sambar Server 4.4 Beta 3 allows remote attackers to read arbitrary directories by specifying the directory in the query parameter.
CVE-2004-0820 1 Nullsoft 1 Winamp 2026-04-16 N/A
Winamp before 5.0.4 allows remote attackers to execute arbitrary script in the Local computer zone via script in HTML files that are referenced from XML files contained in a .wsz skin file.
CVE-2004-2138 1 Allwebscripts 1 Mysqlguest 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in AWSguest.php in AllWebScripts MySQLGuest allows remote attackers to inject arbitrary HTML and PHP code via the (1) Name, (2) Email, (3) Homepage or (4) Comments field.
CVE-2000-0846 1 Ashley Montanaro 1 Darxite 2026-04-16 N/A
Buffer overflow in Darxite 0.4 and earlier allows a remote attacker to execute arbitrary commands via a long username or password.
CVE-2000-0751 3 Netbsd, Openbsd, Redhat 3 Netbsd, Openbsd, Linux 2026-04-16 N/A
mopd (Maintenance Operations Protocol loader daemon) does not properly cleanse user-injected format strings, which allows remote attackers to execute arbitrary commands.
CVE-2004-2140 1 Yabb 1 Yabb 2026-04-16 N/A
CRLF injection vulnerability in YaBB 1 Gold before 1.3.2 allows remote attackers to modify text file contents via the subject variable.
CVE-2000-0853 1 Yabb 1 Yabb 2026-04-16 N/A
YaBB Bulletin Board 9.1.2000 allows remote attackers to read arbitrary files via a .. (dot dot) attack.
CVE-2000-0860 1 Php 1 Php 2026-04-16 N/A
The file upload capability in PHP versions 3 and 4 allows remote attackers to read arbitrary files by setting hidden form fields whose names match the names of internal PHP script variables.
CVE-2004-0831 1 Mcafee 1 Virusscan 2026-04-16 N/A
McAfee VirusScan 4.5.1 does not drop SYSTEM privileges before allowing users to browse for files via the "System Scan" properties of the System Tray applet, which could allow local users to gain privileges.
CVE-2000-0871 1 Khamil Landross And Zack Jones 1 Eftp 2026-04-16 N/A
Buffer overflow in EFTP allows remote attackers to cause a denial of service by sending a string that does not contain a newline, then disconnecting from the server.
CVE-2003-1400 1 Francisco Burzi 1 Php-nuke 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in the Your_Account module for PHP-Nuke 5.0 through 6.0 allows remote attackers to inject arbitrary web script or HTML via the user_avatar parameter.
CVE-2004-0832 2 Redhat, Squid 2 Enterprise Linux, Squid 2026-04-16 N/A
The (1) ntlm_fetch_string and (2) ntlm_get_string functions in Squid 2.5.6 and earlier, with NTLM authentication enabled, allow remote attackers to cause a denial of service (application crash) via an NTLMSSP packet that causes a negative value to be passed to memcpy.
CVE-2000-0897 1 Max Feoktistov 1 Small Http Server 2026-04-16 N/A
Small HTTP Server 2.03 and earlier allows remote attackers to cause a denial of service by repeatedly requesting a URL that references a directory that does not contain an index.html file, which consumes memory that is not released after the request is completed.