Export limit exceeded: 361388 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (361388 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-2693 | 1 Nivisec | 1 Hacks List | 2026-04-16 | N/A |
| Directory traversal vulnerability in admin/admin_hacks_list.php in Nivisec Hacks List 1.20 and earlier for phpBB, when register_globals is enabled, allows remote attackers to read arbitrary files via a ".." in the phpEx parameter. | ||||
| CVE-2005-3578 | 1 Walla Telesite | 1 Walla Telesite | 2026-04-16 | N/A |
| SQL injection vulnerability in ts.exe (aka ts.cgi) in Walla TeleSite 3.0 and earlier allows remote attackers to inject arbitrary SQL commands via the sug parameter. | ||||
| CVE-2005-3579 | 1 Walla Telesite | 1 Walla Telesite | 2026-04-16 | N/A |
| ts.exe (aka ts.cgi) in Walla TeleSite 3.0 and earlier allows remote attackers to access arbitrary local files via the querystring. | ||||
| CVE-2006-2694 | 1 Scriptscenter | 1 Ezupload Pro | 2026-04-16 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in EzUpload Pro 2.10 allow remote attackers to execute arbitrary PHP code via a URL in the path parameter to (1) form.php, (2) customize.php, and (3) initialize.php. | ||||
| CVE-2005-3595 | 1 Microsoft | 1 Windows Xp | 2026-04-16 | N/A |
| By default Microsoft Windows XP Home Edition installs with a blank password for the Administrator account, which allows remote attackers to gain control of the computer. | ||||
| CVE-2005-3596 | 1 Iisworks | 1 Aspknowledgebase | 2026-04-16 | N/A |
| SQL injection vulnerability in ASPKnowledgebase allows remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) username and (2) password fields in adminlogin.asp. | ||||
| CVE-2005-3619 | 1 Vmware | 1 Esx | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the management interface for VMware ESX 2.5.x before 2.5.2 upgrade patch 2, 2.1.x before 2.1.2 upgrade patch 6, and 2.0.x before 2.0.1 upgrade patch 6 allows remote attackers to inject arbitrary web script or HTML via messages that are not sanitized when viewing syslog log files. | ||||
| CVE-2005-3623 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2026-04-16 | N/A |
| nfs2acl.c in the Linux kernel 2.6.14.4 does not check for MAY_SATTR privilege before setting access controls (ACL) on files on exported NFS filesystems, which allows remote attackers to bypass ACLs for readonly mounted NFS filesystems. | ||||
| CVE-2005-3681 | 1 Xoops | 1 Wf-downloads | 2026-04-16 | N/A |
| SQL injection vulnerability in viewcat.php in XOOPS WF-Downloads module 2.05 allows remote attackers to execute arbitrary SQL commands via the list parameter. | ||||
| CVE-2006-2697 | 1 Easy-content Forums | 1 Easy-content Forums | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Easy-Content Forums 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) startletter parameter in userview.asp and the (2) forumname parameter in topics.asp. | ||||
| CVE-2004-1120 | 1 Prozilla | 1 Prozilla Download Accelerator | 2026-04-16 | N/A |
| Multiple buffer overflows in (1) http.c, (2) http-retr.c, (3) main.c and other code that handles network protocols in ProZilla 1.3.6-r2 and earlier allow remote servers to execute arbitrary code via a long Location header. | ||||
| CVE-2004-1128 | 1 Youngzsoft | 1 Cmailserver | 2026-04-16 | N/A |
| Buffer overflow in CMailCOM.dll in CMailServer 5.2 allows remote attackers to execute arbitrary code via an attachment with a long filename. | ||||
| CVE-2005-3631 | 1 Redhat | 2 Enterprise Linux, Enterprise Linux Desktop | 2026-04-16 | N/A |
| udev does not properly set permissions on certain files in /dev/input, which allows local users to obtain sensitive data that is entered at the console, such as user passwords. | ||||
| CVE-2005-3632 | 2 Netpbm, Redhat | 2 Netpbm, Enterprise Linux | 2026-04-16 | N/A |
| Multiple buffer overflows in pnmtopng in netpbm 10.0 and earlier allow attackers to execute arbitrary code via a crafted PNM file. | ||||
| CVE-2005-3633 | 1 Sap | 1 Sap Web Application Server | 2026-04-16 | N/A |
| HTTP response splitting vulnerability in frameset.htm in SAP Web Application Server (WAS) 6.10 through 7.00 allows remote attackers to inject arbitrary HTML headers via the sap-exiturl parameter. | ||||
| CVE-2006-2703 | 1 Suse | 1 Suse Linux | 2026-04-16 | N/A |
| The RedCarpet command-line client (rug) does not verify SSL certificates from a server, which allows remote attackers to read network traffic and execute commands via a man-in-the-middle (MITM) attack. | ||||
| CVE-2006-0351 | 1 Don Moore | 1 Mydns | 2026-04-16 | N/A |
| Unspecified "critical denial-of-service vulnerability" in MyDNS before 1.1.0 has unknown impact and attack vectors. | ||||
| CVE-2006-2706 | 1 Secure Elements | 1 Class 5 Enterprise Vulnerability Management | 2026-04-16 | N/A |
| Secure Elements Class 5 AVR server (aka C5 EVM) before 2.8.1 allows remote attackers to cause a denial of service via forged "session start" messages that cause AVR to connect to arbitrary hosts. | ||||
| CVE-2004-1193 | 1 Prevx | 1 Prevx Home | 2026-04-16 | N/A |
| Prevx Home 1.0 allows local users with administrator privileges to bypass the intrusion prevention features by directly writing to \device\physicalmemory, which restores the running kernel's original SDT ServiceTable. | ||||
| CVE-2005-3684 | 1 Freeftpd | 1 Freeftpd | 2026-04-16 | N/A |
| Multiple buffer overflows in freeFTPd 1.0.8, without logging enabled, allow remote authenticated attackers to cause a denial of service (application crash), and possibly execute arbitrary code, via long (1) MKD and (2) DELE commands. | ||||