Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29948 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-1829 | 1 Openbb | 1 Openbb | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in codeparse.php in Open Bulletin Board (OpenBB) 1.0.0 RC3 allows remote attackers to inject arbitrary web script or HTML via (1) myhome.php, (2) an onerror attribute in an IMG tag (a variant of CVE-2002-0330), or (3) a glow tag. | ||||
| CVE-2004-2459 | 1 Gnu | 1 Gnubiff | 2026-04-16 | N/A |
| Unknown vulnerability in gnubiff 1.2.0 and earlier allows local users to obtain passwords, related to the password table. | ||||
| CVE-2000-0249 | 1 Ibm | 1 Aix | 2026-04-16 | N/A |
| The AIX Fast Response Cache Accelerator (FRCA) allows local users to modify arbitrary files via the configuration capability in the frcactrl program. | ||||
| CVE-2000-0250 | 1 Qnx | 1 Qnx | 2026-04-16 | N/A |
| The crypt function in QNX uses weak encryption, which allows local users to decrypt passwords. | ||||
| CVE-2005-0613 | 1 Fckeditor | 1 Fckeditor | 2026-04-16 | N/A |
| Unknown vulnerability in FCKeditor 2.0 RC2, when used with PHP-Nuke, allows remote attackers to upload arbitrary files. | ||||
| CVE-2000-0251 | 1 Hp | 2 Hp-ux, Vvos | 2026-04-16 | N/A |
| HP-UX 11.04 VirtualVault (VVOS) sends data to unprivileged processes via an interface that has multiple aliased IP addresses. | ||||
| CVE-2002-1830 | 1 Openbb | 1 Openbb | 2026-04-16 | N/A |
| Open Bulletin Board (OpenBB) 1.0.0 RC3 allows remote attackers to bypass authentication and access modifier options via a direct request to moderator.php with the action and ismod parameters. | ||||
| CVE-2004-1484 | 1 Socat | 1 Socat | 2026-04-16 | N/A |
| Format string vulnerability in the _msg function in error.c in socat 1.4.0.3 and earlier, when used as an HTTP proxy client and run with the -ly option, allows remote attackers or local users to execute arbitrary code via format string specifiers in a syslog message. | ||||
| CVE-2004-2131 | 1 Ibm | 2 Informix Dynamic Server, Informix Extended Parallel Server | 2026-04-16 | N/A |
| Stack-based buffer overflow in ontape for IBM Informix Dynamic Server (IDS) 9.40.xC3 and earlier allows local users, with DSA privileges, to execute arbitrary code via a long ONCONFIG environment variable. | ||||
| CVE-2000-0252 | 1 Craig Dansie | 1 Dansie Shopping Cart | 2026-04-16 | N/A |
| The dansie shopping cart application cart.pl allows remote attackers to execute commands via a shell metacharacters in a form variable. | ||||
| CVE-2004-1485 | 2 Gnu, Tftp | 2 Inetutils, Tftp | 2026-04-16 | N/A |
| Buffer overflow in the TFTP client in InetUtils 1.4.2 allows remote malicious DNS servers to execute arbitrary code via a large DNS response that is handled by the gethostbyname function. | ||||
| CVE-2000-0253 | 1 Craig Dansie | 1 Dansie Shopping Cart | 2026-04-16 | N/A |
| The dansie shopping cart application cart.pl allows remote attackers to modify sensitive purchase information via hidden form fields. | ||||
| CVE-2002-1832 | 1 Scaramanga | 1 Firestorm Ids | 2026-04-16 | N/A |
| Unknown vulnerability in the "ipopts decode" functionality in Firestorm IDS 0.4.0 through 0.4.2 allows remote attackers to cause a denial of service (crash) via certain IP options. | ||||
| CVE-2004-0551 | 1 Cisco | 24 Catalyst 2901, Catalyst 2902, Catalyst 2926 and 21 more | 2026-04-16 | N/A |
| Cisco CatOS 5.x before 5.5(20) through 8.x before 8.2(2) and 8.3(2)GLX, as used in Catalyst switches, allows remote attackers to cause a denial of service (system crash and reload) by sending invalid packets instead of the final ACK portion of the three-way handshake to the (1) Telnet, (2) HTTP, or (3) SSH services, aka "TCP-ACK DoS attack." | ||||
| CVE-2000-0254 | 1 Craig Dansie | 1 Dansie Shopping Cart | 2026-04-16 | N/A |
| The dansie shopping cart application cart.pl allows remote attackers to obtain the shopping cart database and configuration information via a URL that references either the env, db, or vars form variables. | ||||
| CVE-2002-1833 | 1 Xerox | 2 Docutech 6110, Docutech 6115 | 2026-04-16 | N/A |
| The default configurations for DocuTech 6110 and DocuTech 6115 have a default administrative password of (1) "service!" on Solaris 8.0 or (2) "administ" on Windows NT, which allows remote attackers to gain privileges. | ||||
| CVE-2004-0552 | 1 Sophos | 1 Small Business Suite | 2026-04-16 | N/A |
| Sophos Small Business Suite 1.00 on Windows does not properly handle files whose names contain reserved MS-DOS device names such as (1) LPT1, (2) COM1, (3) AUX, (4) CON, or (5) PRN, which can allow malicious code to bypass detection when it is installed, copied, or executed. | ||||
| CVE-2004-1486 | 1 Hp | 2 Cluster Object Manager, Serviceguard | 2026-04-16 | N/A |
| Unknown vulnerability in Serviceguard A.11.13 through A.11.16.00 and Cluster Object Manager A.01.03 and B.01.04 through B.03.00.01 on HP-UX, Serviceguard A.11.14.04 and A.11.15.04 and Cluster Object Manager B.02.01.02 and B.02.02.02 on HP Linux, allow remote attackers to gain privileges via unknown attack vectors. | ||||
| CVE-2004-2132 | 1 Pj Cgi Neo Review | 1 Pj Cgi Neo Review | 2026-04-16 | N/A |
| Directory traversal vulnerability in PJreview_Neo.cgi in PJ CGI Neo review allows remote attackers to read arbitrary files via a .. (dot dot) in the p parameter. | ||||
| CVE-2004-2373 | 1 Aol | 1 Instant Messenger | 2026-04-16 | N/A |
| The Buddy icon file for AOL Instant Messenger (AIM) 4.3 through 5.5 is created in a predictable location, which may allow remote attackers to use a shell: URI to exploit other vulnerabilities that involve predictable locations. | ||||