Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-1702 1 Deltascripts 1 Php Classifieds 2026-04-16 N/A
Cross-site scripting vulnerability (XSS) in DeltaScripts PHP Classifieds 6.0.5 allows remote attackers to execute arbitrary script as other users via the URL parameter.
CVE-2004-0496 5 Gentoo, Linux, Mandrakesoft and 2 more 13 Linux, Linux Kernel, Mandrake Linux and 10 more 2026-04-16 N/A
Multiple unknown vulnerabilities in Linux kernel 2.6 allow local users to gain privileges or access kernel memory, a different set of vulnerabilities than those identified in CVE-2004-0495, as found by the Sparse source code checking tool.
CVE-2000-0133 1 H. Nomura 1 Tiny Ftpdaemon 2026-04-16 N/A
Buffer overflows in Tiny FTPd 0.52 beta3 FTP server allows users to execute commands via the STOR, RNTO, MKD, XMKD, RMD, XRMD, APPE, SIZE, and RNFR commands.
CVE-2002-2079 2 Mosix Project, Openmosix Project 2 Mosix, Openmosix 2026-04-16 N/A
mosix-protocol-stack in Multicomputer Operating System for UnIX (MOSIX) 1.5.7 allows remote attackers to cause a denial of service via malformed packets.
CVE-2000-0138 2026-04-16 N/A
A system has a distributed denial of service (DDOS) attack master, agent, or zombie installed, such as (1) Trinoo, (2) Tribe Flood Network (TFN), (3) Tribe Flood Network 2000 (TFN2K), (4) stacheldraht, (5) mstream, or (6) shaft.
CVE-2002-1703 1 Mewsoft 1 Netauction 2026-04-16 N/A
Cross-site scripting vulnerability (XSS) in auction.cgi for Mewsoft NetAuction 3.0 allows remote attackers to execute arbitrary script as other users via the Term parameter.
CVE-2000-0143 2 Openbsd, Ssh 2 Openssh, Ssh 2026-04-16 N/A
The SSH protocol server sshd allows local users without shell access to redirect a TCP connection through a service that uses the standard system password database for authentication, such as POP or FTP.
CVE-2002-1704 1 Zeroboard 1 Zeroboard 2026-04-16 N/A
Zeroboard 4.1, when the "allow_url_fopen" and "register_globals" variables are enabled, allows remote attackers to execute arbitrary PHP code by modifying the _zb_path parameter to reference a URL on a remote web server that contains the code.
CVE-2000-0147 1 Sco 1 Openserver 2026-04-16 N/A
snmpd in SCO OpenServer has an SNMP community string that is writable by default, which allows local attackers to modify the host's configuration.
CVE-2004-1465 1 Winzip 1 Winzip 2026-04-16 N/A
Multiple buffer overflows in WinZip 9.0 and earlier may allow attackers to execute arbitrary code via multiple vectors, including the command line.
CVE-2000-0149 1 Zeus Technologies 1 Zeus Web Server 2026-04-16 N/A
Zeus web server allows remote attackers to view the source code for CGI programs via a null character (%00) at the end of a URL.
CVE-2004-0497 7 Conectiva, Gentoo, Linux and 4 more 9 Linux, Linux, Linux Kernel and 6 more 2026-04-16 N/A
Unknown vulnerability in Linux kernel 2.x may allow local users to modify the group ID of files, such as NFS exported files in kernel 2.4.
CVE-2002-2088 1 Mosix Project 1 Clump Os 2026-04-16 N/A
The MOSIX Project clump/os 5.4 creates a default VNC account without a password, which allows remote attackers to gain root access.
CVE-2000-0225 1 Deti Fliegl 1 Poc32 2026-04-16 N/A
The Pocsag POC32 program does not properly prevent remote users from accessing its server port, even if the option has been disabled.
CVE-2002-1782 1 University Of Washington 1 Uw-imap 2026-04-16 N/A
The default configuration of University of Washington IMAP daemon (wu-imapd), when running on a system that does not allow shell access, allows a local user with a valid IMAP account to read arbitrary files as that user.
CVE-2004-0538 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
LaunchServices in Mac OS X 10.3.4 and 10.2.8 automatically registers and executes new applications, which could allow attackers to execute arbitrary code without warning the user.
CVE-2004-1474 1 Symantec 12 Firewall Vpn Appliance 100, Firewall Vpn Appliance 200, Firewall Vpn Appliance 200r and 9 more 2026-04-16 N/A
Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 and Gateway Security 320, 360, and 360R running firmware before 622 uses a default read/write SNMP community string, which allows remote attackers to alter the firewall's configuration file.
CVE-2000-0226 1 Microsoft 1 Internet Information Server 2026-04-16 N/A
IIS 4.0 allows attackers to cause a denial of service by requesting a large buffer in a POST or PUT command which consumes memory, aka the "Chunked Transfer Encoding Buffer Overflow Vulnerability."
CVE-2002-1783 1 Php 1 Php 2026-04-16 N/A
CRLF injection vulnerability in PHP 4.2.1 through 4.2.3, when allow_url_fopen is enabled, allows remote attackers to modify HTTP headers for outgoing requests by causing CRLF sequences to be injected into arguments that are passed to the (1) fopen or (2) file functions.
CVE-2004-0539 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
The "Show in Finder" button in the Safari web browser in Mac OS X 10.3.4 and 10.2.8 may execute downloaded applications, which could allow remote attackers to execute arbitrary code.