Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29948 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-4567 | 1 Floosietek | 1 Ftgate | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in FTGate Technology (formerly known as Floosietek) FTGate 4.4 (Build 4.4.000 Oct 26 2005) allow remote attackers to inject arbitrary web script or HTML by sending (1) the href parameter to index.fts, or the param1 parameter to (2) /domains/index.fts, (3) /config/licence.fts, or (4) /config/systemacl.fts. | ||||
| CVE-2001-0544 | 1 Microsoft | 1 Internet Information Services | 2026-04-16 | N/A |
| IIS 5.0 allows local users to cause a denial of service (hang) via by installing content that produces a certain invalid MIME Content-Type header, which corrupts the File Type table. | ||||
| CVE-2006-3408 | 1 Tor | 1 Tor | 2026-04-16 | N/A |
| Unspecified vulnerability in the directory server (dirserver) in Tor before 0.1.1.20 allows remote attackers to cause an unspecified denial of service via unknown vectors. | ||||
| CVE-2005-4568 | 1 Floosietek | 1 Ftgate | 2026-04-16 | N/A |
| Multiple format string vulnerabilities in FTGate Technology (formerly known as Floosietek) FTGate 4.4 (aka Build 4.4.000 Oct 26 2005) allow remote attackers to execute arbitrary code via format string specifiers in the (1) USER, (2) PASS, and (3) TOP commands to the POP3 server; and the (4) LIST and (5) AUTHENTICATE commands to the IMAP server. | ||||
| CVE-2006-3409 | 1 Tor | 1 Tor | 2026-04-16 | N/A |
| Integer overflow in Tor before 0.1.1.20 allows remote attackers to execute arbitrary code via crafted large inputs, which result in a buffer overflow when elements are added to smartlists. | ||||
| CVE-2005-4569 | 1 Floosietek | 1 Ftgate | 2026-04-16 | N/A |
| Stack-based buffer overflow in index.fts in FTGate Technology (formerly known as Floosietek) FTGate 4.4 (aka Build 4.4.000 Oct 26 2005) allows remote attackers to execute arbitrary code via a long tzoffset value. | ||||
| CVE-2006-3410 | 1 Tor | 1 Tor | 2026-04-16 | N/A |
| Tor before 0.1.1.20 creates "internal circuits" primarily consisting of nodes with "useful exit nodes," which allows remote attackers to conduct unspecified statistical attacks. | ||||
| CVE-2001-0545 | 1 Microsoft | 1 Internet Information Server | 2026-04-16 | N/A |
| IIS 4.0 with URL redirection enabled allows remote attackers to cause a denial of service (crash) via a malformed request that specifies a length that is different than the actual length. | ||||
| CVE-2001-0547 | 1 Microsoft | 1 Isa Server | 2026-04-16 | N/A |
| Memory leak in the proxy service in Microsoft Internet Security and Acceleration (ISA) Server 2000 allows local attackers to cause a denial of service (resource exhaustion). | ||||
| CVE-2006-3411 | 1 Tor | 1 Tor | 2026-04-16 | N/A |
| TLS handshakes in Tor before 0.1.1.20 generate public-private keys based on TLS context rather than the connection, which makes it easier for remote attackers to conduct brute force attacks on the encryption keys. | ||||
| CVE-2001-0660 | 1 Microsoft | 1 Exchange Server | 2026-04-16 | N/A |
| Outlook Web Access (OWA) in Microsoft Exchange 5.5, SP4 and earlier, allows remote attackers to identify valid user email addresses by directly accessing a back-end function that processes the global address list (GAL). | ||||
| CVE-2005-4570 | 1 Fortinet | 3 Forticlient, Fortimanager, Fortios | 2026-04-16 | N/A |
| The Internet Key Exchange version 1 (IKEv1) implementations in Fortinet FortiOS 2.50, 2.80 and 3.0, FortiClient 2.0,; and FortiManager 2.80 and 3.0 allow remote attackers to cause a denial of service (termination of a process that is automatically restarted) via IKE packets with invalid values of certain IPSec attributes, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the vendor advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to. | ||||
| CVE-2005-4571 | 1 Myezshop | 1 Myezshop Shopping Cart | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in myEZshop Shopping Cart allows remote attackers to inject arbitrary web script or HTML via the Keyword parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2005-4572 | 1 Myezshop | 1 Myezshop Shopping Cart | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in myEZshop Shopping Cart allow remote attackers to execute arbitrary SQL commands via the (1) GroupsId and (2) ItemsId parameters in admin.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2001-0663 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2026-04-16 | N/A |
| Terminal Server in Windows NT and Windows 2000 allows remote attackers to cause a denial of service via a sequence of invalid Remote Desktop Protocol (RDP) packets. | ||||
| CVE-2006-3414 | 1 Tor | 1 Tor | 2026-04-16 | N/A |
| Tor before 0.1.1.20 supports server descriptors that contain hostnames instead of IP addresses, which allows remote attackers to arbitrarily group users by providing preferential address resolution. | ||||
| CVE-2005-4574 | 1 Paperthin | 1 Commonspot Content Server | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in loader.cfm in PaperThin CommonSpot Content Server 4.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the bNewWindow parameter. | ||||
| CVE-2005-4575 | 1 Paperthin | 1 Commonspot Content Server | 2026-04-16 | N/A |
| PaperThin CommonSpot Content Server 4.5 and earlier allow remote attackers to obtain sensitive information via an invalid errmsg parameter to loader.cfm with a url parameter set to email-login-info.cfm, which leaks the full pathname in the resulting error message. | ||||
| CVE-2005-4576 | 1 Fatwire | 1 Updateengine | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the UpdateEngine program in Fatwire UpdateEngine 6.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) COUNTRYNAME, (2) EMAIL, and (3) FUELAP_TEMPLATENAME parameters. | ||||
| CVE-2003-1146 | 1 John Beatty | 1 Easy Php Photo Album | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in John Beatty Easy PHP Photo Album 1.0 allows remote attackers to inject arbitrary web script or HTML via the dir parameter. | ||||