Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29948 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-2157 | 1 S9y | 1 Serendipity | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Comment.php in Serendipity 0.7 beta1, and possibly other versions before 0.7-beta3, allows remote attackers to inject arbitrary HTML and PHP code via the (1) email or (2) username field. | ||||
| CVE-2000-0397 | 1 Seattle Lab Software | 1 Emurl | 2026-04-16 | N/A |
| The EMURL web-based email account software encodes predictable identifiers in user session URLs, which allows a remote attacker to access a user's email account. | ||||
| CVE-2000-0398 | 1 Rockliffe | 1 Mailsite | 2026-04-16 | N/A |
| Buffer overflow in wconsole.dll in Rockliffe MailSite Management Agent allows remote attackers to execute arbitrary commands via a long query_string parameter in the HTTP GET request. | ||||
| CVE-2002-2075 | 1 Mirabilis | 1 Icq | 2026-04-16 | N/A |
| ICQ 2001a and 2002b allows remote attackers to cause a denial of service (memory consumption and hang) via a contact message with a large contacts number. | ||||
| CVE-2004-1543 | 1 Korweblog | 1 Korweblog | 2026-04-16 | N/A |
| Directory traversal vulnerability in viewimg.php in KorWeblog 1.6.2-cvs and earlier allows remote attackers to list arbitrary directories via a .. (dot dot) in the path parameter. | ||||
| CVE-2000-0399 | 1 Alt-n | 1 Mdaemon | 2026-04-16 | N/A |
| Buffer overflow in MDaemon POP server allows remote attackers to cause a denial of service via a long user name. | ||||
| CVE-2002-2076 | 1 Summit Computer Networks | 1 Lil Http | 2026-04-16 | N/A |
| Directory traversal vulnerability in Lil' HTTP server 2.1 and 2.2 allows remote attackers to read arbitrary files via a .. (dot dot) in an HTTP GET request. | ||||
| CVE-2004-0635 | 4 Ethereal Group, Gentoo, Mandrakesoft and 1 more | 5 Ethereal, Linux, Mandrake Linux and 2 more | 2026-04-16 | N/A |
| The SNMP dissector in Ethereal 0.8.15 through 0.10.4 allows remote attackers to cause a denial of service (process crash) via a (1) malformed or (2) missing community string, which causes an out-of-bounds read. | ||||
| CVE-2004-1544 | 1 Jspwiki | 1 Jspwiki | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Search.jsp in JSPWiki 2.1.120-cvs and earlier allows remote attackers to execute arbitrary web script as other users via the query parameter. | ||||
| CVE-2002-2080 | 1 Floosietek | 1 Ftgatepro | 2026-04-16 | N/A |
| Floositek FTGate PRO 1.05 allows remote attackers to cause a denial of service (memory and CPU consumption) via a large number of RCPT TO: messages during an SMTP session. | ||||
| CVE-2000-0401 | 1 Pdgsoft | 1 Pdg Shopping Cart | 2026-04-16 | N/A |
| Buffer overflows in redirect.exe and changepw.exe in PDGSoft shopping cart allow remote attackers to execute arbitrary commands via a long query string. | ||||
| CVE-2002-2087 | 1 Borland Software | 1 Interbase | 2026-04-16 | N/A |
| Buffer overflow in Borland InterBase 6.0 allows local users to execute arbitrary code via a long INTERBASE environment variable when calling (1) gds_drop, (2) gds_lock_mgr, or (3) gds_inet_server. | ||||
| CVE-2004-0636 | 1 Aol | 1 Instant Messenger | 2026-04-16 | N/A |
| Buffer overflow in the goaway function in the aim:goaway URI handler for AOL Instant Messenger (AIM) 5.5, including 5.5.3595, allows remote attackers to execute arbitrary code via a long Away message. | ||||
| CVE-2004-1545 | 1 Moniwiki | 1 Moniwiki | 2026-04-16 | N/A |
| UploadFile.php in MoniWiki 1.0.9.2 and earlier, when used with Apache mod_mime, does not properly handle files with two file extensions, such as .php.hwp, which allows remote attackers to upload and execute arbitrary code. | ||||
| CVE-2004-2158 | 1 S9y | 1 Serendipity | 2026-04-16 | N/A |
| SQL injection vulnerability in Serendipity 0.7-beta1 allows remote attackers to execute arbitrary SQL commands via the entry_id parameter to (1) exit.php or (2) comment.php. | ||||
| CVE-2000-0402 | 1 Microsoft | 1 Sql Server | 2026-04-16 | N/A |
| The Mixed Mode authentication capability in Microsoft SQL Server 7.0 stores the System Administrator (sa) account in plaintext in a log file which is readable by any user, aka the "SQL Server 7.0 Service Pack Password" vulnerability. | ||||
| CVE-2002-2096 | 1 Novell | 1 Netware | 2026-04-16 | N/A |
| Buffer overflow in Novell Remote Manager module, httpstk.nlm, in NetWare 5.1 and NetWare 6 allows remote attackers to execute arbitrary code via a long (1) username or (2) password. | ||||
| CVE-2004-1546 | 1 Alt-n | 1 Mdaemon | 2026-04-16 | N/A |
| Multiple buffer overflows in MDaemon 6.5.1 allow remote attackers to cause a denial of service (application crash) via a long (1) SAML, SOML, SEND, or MAIL command to the SMTP server or (2) LIST command to the IMAP server. | ||||
| CVE-2004-2159 | 1 Xmlstarlet | 1 Command Line Xml Toolkit | 2026-04-16 | N/A |
| Multiple buffer overflows in XMLStarlet Command Line XML Toolkit 0.9.3 have unknown impact and attack vectors via (1) xml_elem.c and (2) xml_select.c. | ||||
| CVE-2000-0403 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| The CIFS Computer Browser service on Windows NT 4.0 allows a remote attacker to cause a denial of service by sending a large number of host announcement requests to the master browse tables, aka the "HostAnnouncement Flooding" or "HostAnnouncement Frame" vulnerability. | ||||