Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-2087 1 Borland Software 1 Interbase 2026-04-16 N/A
Buffer overflow in Borland InterBase 6.0 allows local users to execute arbitrary code via a long INTERBASE environment variable when calling (1) gds_drop, (2) gds_lock_mgr, or (3) gds_inet_server.
CVE-2000-0402 1 Microsoft 1 Sql Server 2026-04-16 N/A
The Mixed Mode authentication capability in Microsoft SQL Server 7.0 stores the System Administrator (sa) account in plaintext in a log file which is readable by any user, aka the "SQL Server 7.0 Service Pack Password" vulnerability.
CVE-2002-2096 1 Novell 1 Netware 2026-04-16 N/A
Buffer overflow in Novell Remote Manager module, httpstk.nlm, in NetWare 5.1 and NetWare 6 allows remote attackers to execute arbitrary code via a long (1) username or (2) password.
CVE-2004-1546 1 Alt-n 1 Mdaemon 2026-04-16 N/A
Multiple buffer overflows in MDaemon 6.5.1 allow remote attackers to cause a denial of service (application crash) via a long (1) SAML, SOML, SEND, or MAIL command to the SMTP server or (2) LIST command to the IMAP server.
CVE-2004-2159 1 Xmlstarlet 1 Command Line Xml Toolkit 2026-04-16 N/A
Multiple buffer overflows in XMLStarlet Command Line XML Toolkit 0.9.3 have unknown impact and attack vectors via (1) xml_elem.c and (2) xml_select.c.
CVE-2005-3015 1 Ibm 2 Lotus Domino, Lotus Domino Enterprise Server 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in IBM Lotus Domino 6.5.2 allows remote attackers to inject arbitrary web script or HTML via the (1) BaseTarget or (2) Src parameters.
CVE-2000-0403 1 Microsoft 1 Windows Nt 2026-04-16 N/A
The CIFS Computer Browser service on Windows NT 4.0 allows a remote attacker to cause a denial of service by sending a large number of host announcement requests to the master browse tables, aka the "HostAnnouncement Flooding" or "HostAnnouncement Frame" vulnerability.
CVE-2002-2106 1 Wikkitikkitavi 1 Wikkitikkitavi 2026-04-16 N/A
PHP remote file inclusion vulnerability in WikkiTikkiTavi before 0.21 allows remote attackers to execute arbitrary PHP code via the TemplateDir variable, as demonstrated using conflict.php.
CVE-2004-1547 1 Onnuri Infotek 1 Activepost Standard 2026-04-16 N/A
The file server in ActivePost Standard 3.1 and earlier allows remote authenticated users to cause a denial of service (application crash) via a long filename, possibly triggering a buffer overflow.
CVE-2000-0404 1 Microsoft 5 Terminal Server, Windows 2000, Windows 95 and 2 more 2026-04-16 N/A
The CIFS Computer Browser service allows remote attackers to cause a denial of service by sending a ResetBrowser frame to the Master Browser, aka the "ResetBrowser Frame" vulnerability.
CVE-2002-2115 1 Hns 2 Hns, Hns-lite 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Hyper NIKKI System (HNS) Lite before 0.9 and HNS before 2.10-pl2 allows remote attackers to inject arbitrary web script or HTML.
CVE-2004-0639 3 Open Webmail, Sgi, Squirrelmail 3 Open Webmail, Propack, Squirrelmail 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Squirrelmail 1.2.10 and earlier allow remote attackers to inject arbitrary HTML or script via (1) the $mailer variable in read_body.php, (2) the $senderNames_part variable in mailbox_display.php, and possibly other vectors including (3) the $event_title variable or (4) the $event_text variable.
CVE-2004-1548 1 Onnuri Infotek 1 Activepost Standard 2026-04-16 N/A
Directory traversal vulnerability in the file server in ActivePost Standard 3.1 allows remote authenticated users to upload arbitrary files via a .. (dot dot) in the filename.
CVE-2000-0405 1 Atstake 1 Antisniff 2026-04-16 N/A
Buffer overflow in L0pht AntiSniff allows remote attackers to execute arbitrary commands via a malformed DNS response packet.
CVE-2002-2124 1 Nylon 1 Nylon 2026-04-16 N/A
The recvn and sendn functions in nylon 0.2 do not check when the recv function call returns 0, which allows remote attackers to cause a denial of service (infinite loop and CPU consumption) by closing the connection while recv is executing.
CVE-2004-0640 2 Netkit, Ssltelnetd 2 Linux Netkit, Secure Telnet 2026-04-16 N/A
Format string vulnerability in the SSL_set_verify function in telnetd.c for SSLtelnet daemon (SSLtelnetd) 0.13 allows remote attackers to execute arbitrary code.
CVE-2004-1549 1 Onnuri Infotek 1 Activepost Standard 2026-04-16 N/A
The conference menu in ActivePost Standard 3.1 sends passwords of password-protected rooms in cleartext, which could allow remote attackers to gain sensitive information by sniffing the network connection.
CVE-2004-2160 1 Xmlstarlet 1 Command Line Xml Toolkit 2026-04-16 N/A
Format string vulnerability in xml_elem.c for XMLStarlet Command Line XML Toolkit 0.9.3 may allow attackers to cause a denial of service or execute arbitrary code.
CVE-2004-2383 1 Microsoft 2 Ie, Internet Explorer 2026-04-16 N/A
Microsoft Internet Explorer 5.0 through 6.0 allows remote attackers to bypass cross-frame scripting restrictions and capture keyboard events from other domains via an HTML document with Javascript that is outside a frameset that includes the target domain, then forcing the frameset to maintain focus. NOTE: the discloser claimed that the vendor does not categorize this as a vulnerability, but it can be used in a spoofing scenario; the discloser provides alternate scenarios. Spoofing scenarios are currently included in CVE.
CVE-2004-2434 1 Microsoft 1 Ie 2026-04-16 N/A
Microsoft Internet Explorer 6.0 SP1 allows remote attackers to cause a denial of service (browser crash) via a link with "::{" (colon colon left brace), which triggers a null dereference when the user attempts to save the link using "Save As" and Internet Explorer prepares an error message with an attacker-controlled format string.