Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-1625 1 Macromedia 1 Flash Player 2026-04-16 N/A
Macromedia Flash Player 6 does not terminate connections when the user leaves the web page, which allows remote attackers to cause a denial of service (bandwidth, resource, and CPU consumption) via the (1) loadMovie or (2) loadSound commands, which continue to execute until the browser is closed.
CVE-2004-0475 1 Microsoft 1 Ie 2026-04-16 N/A
The showHelp function in Internet Explorer 6 on Windows XP Pro allows remote attackers to execute arbitrary local .CHM files via a double backward slash ("\\") before the target CHM file, as demonstrated using an "ms-its" URL to ntshared.chm. NOTE: this bug may overlap CVE-2003-1041.
CVE-2004-1455 1 Xine 1 Xine-lib 2026-04-16 N/A
Stack-based buffer overflow in Xine-lib-rc5 in xine-lib 1_rc5-r2 and earlier allows remote attackers to execute arbitrary code via crafted playlists that result in a long vcd:// URL.
CVE-2004-2107 1 Finjan Software 1 Surfingate 2026-04-16 N/A
Finjan SurfinGate 6.0 and 7.0, when running in proxy mode, does not authenticate FHTTP commands on TCP port 3141, which allows remote attackers to use the finjan-parameter-type header to (1) restart the service, (2) use the getlastmsg command to view log information, or (3) use the online command to force a policy update from the database server.
CVE-2000-0050 1 Allaire 1 Spectra 2026-04-16 N/A
The Allaire Spectra Webtop allows authenticated users to access other Webtop sections by specifying explicit URLs.
CVE-2002-1634 1 Novell 1 Netware 2026-04-16 N/A
Novell NetWare 5.1 installs sample applications that allow remote attackers to obtain sensitive information via (1) ndsobj.nlm, (2) allfield.jse, (3) websinfo.bas, (4) ndslogin.pl, (5) volscgi.pl, (6) lancgi.pl, (7) test.jse, or (8) env.pl.
CVE-2000-0051 1 Allaire 1 Spectra 2026-04-16 N/A
The Allaire Spectra Configuration Wizard allows remote attackers to cause a denial of service by repeatedly resubmitting data collections for indexing via a URL.
CVE-2000-1227 1 Microsoft 2 Windows 2000, Windows Nt 2026-04-16 N/A
Windows NT 4.0 and Windows 2000 hosts allow remote attackers to cause a denial of service (unavailable connections) by sending multiple SMB SMBnegprots requests but not reading the response that is sent back.
CVE-2000-0052 3 Mandrakesoft, Redhat, Turbolinux 3 Mandrake Linux, Linux, Turbolinux 2026-04-16 N/A
Red Hat userhelper program in the usermode package allows local users to gain root access via PAM and a .. (dot dot) attack.
CVE-2000-1230 1 Phorum 1 Phorum 2026-04-16 N/A
Backdoor in auth.php3 in Phorum 3.0.7 allows remote attackers to access restricted web pages via an HTTP request with the PHP_AUTH_USER parameter set to "boogieman".
CVE-2000-0054 1 Solution Scripts 1 Home Free 2026-04-16 N/A
search.cgi in the SolutionScripts Home Free package allows remote attackers to view directories via a .. (dot dot) attack.
CVE-2000-0055 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Buffer overflow in Solaris chkperm command allows local users to gain root access via a long -n option.
CVE-2002-1635 1 Oracle 1 Application Server 2026-04-16 N/A
The Apache configuration file (httpd.conf) in Oracle 9i Application Server (9iAS) uses a Location alias for /perl directory instead of a ScriptAlias, which allows remote attackers to read the source code of arbitrary CGI files via a URL containing the /perl directory instead of /cgi-bin.
CVE-2004-0477 1 3com 1 3cp4144 2026-04-16 N/A
Unknown vulnerability in 3Com OfficeConnect Remote 812 ADSL Router allows remote attackers to bypass authentication via repeated attempts using any username and password. NOTE: this identifier was inadvertently re-used for another issue due to a typo; that issue was assigned CVE-2004-0447. This candidate is ONLY for the ADSL router bypass.
CVE-2000-0056 1 Ipswitch 1 Imail 2026-04-16 N/A
IMail IMONITOR status.cgi CGI script allows remote attackers to cause a denial of service with many calls to status.cgi.
CVE-2002-1643 1 Realnetworks 1 Helix Universal Server 2026-04-16 N/A
Multiple buffer overflows in RealNetworks Helix Universal Server 9.0 (9.0.2.768) allow remote attackers to execute arbitrary code via (1) a long Transport field in a SETUP RTSP request, (2) a DESCRIBE RTSP request with a long URL argument, or (3) two simultaneous HTTP GET requests with long arguments.
CVE-2004-0484 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
mshtml.dll in Microsoft Internet Explorer 6.0.2800 allows remote attackers to cause a denial of service (crash) via a table containing a form that crosses multiple td elements, and whose "float: left" class is defined in a link to a CSS stylesheet after the end of the table, which may trigger a null dereference.
CVE-2000-0057 1 Allaire 1 Coldfusion Server 2026-04-16 N/A
Cold Fusion CFCACHE tag places temporary cache files within the web document root, allowing remote attackers to obtain sensitive system information.
CVE-2002-1652 1 Mit 1 Cgiemail 2026-04-16 N/A
Buffer overflow in cgicso.c for cgiemail 1.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long query parameter.
CVE-2000-0058 1 Handspring 1 Visor Network Hotsync 2026-04-16 N/A
Network HotSync program in Handspring Visor does not have authentication, which allows remote attackers to retrieve email and files.