Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29948 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-2259 | 2 Beasts, Redhat | 2 Vsftpd, Enterprise Linux | 2026-04-16 | N/A |
| vsftpd before 1.2.2, when under heavy load, allows attackers to cause a denial of service (crash) via a SIGCHLD signal during a malloc or free call, which is not re-entrant. | ||||
| CVE-2001-1063 | 1 Caldera | 2 Openunix, Unixware | 2026-04-16 | N/A |
| Buffer overflow in uidadmin in Caldera Open Unix 8.0.0 and UnixWare 7 allows local users to gain root privileges via a long -S (scheme) command line argument. | ||||
| CVE-2003-0484 | 1 Phpbb Group | 1 Phpbb | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in viewtopic.php for phpBB allows remote attackers to insert arbitrary web script via the topic_id parameter. | ||||
| CVE-2004-1711 | 1 Moodle | 1 Moodle | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in post.php in Moodle before 1.3 allows remote attackers to inject arbitrary web script or HTML via the reply parameter. | ||||
| CVE-2004-2412 | 1 Virtual Programming | 1 Vp-asp | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in VP-ASP Shopping Cart 4.0 through 5.0 allow remote attackers to execute arbitrary SQL commands via the catalogid parameter in (1) shopreviewlist.asp and (2) shopreviewadd.asp. | ||||
| CVE-2001-1065 | 1 Cisco | 1 Cbos | 2026-04-16 | N/A |
| Web-based configuration utility in Cisco 600 series routers running CBOS 2.0.1 through 2.4.2ap binds itself to port 80 even when web-based configuration services are disabled, which could leave the router open to attack. | ||||
| CVE-2003-0485 | 1 Progress | 1 4gl Compiler | 2026-04-16 | N/A |
| Buffer overflow in Progress 4GL Compiler 9.1D06 and earlier allows attackers to execute arbitrary code via source code containing a long, invalid data type. | ||||
| CVE-2004-1712 | 1 Typepad | 1 Typepad | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in TypePad allows remote attackers to inject arbitrary Javascript via the name parameter. | ||||
| CVE-2001-1066 | 1 Sun | 1 Solaris | 2026-04-16 | N/A |
| ns6install installation script for Netscape 6.01 on Solaris, and other versions including 6.2.1 beta, allows local users to overwrite arbitrary files via a symlink attack. | ||||
| CVE-2003-0486 | 1 Phpbb Group | 1 Phpbb | 2026-04-16 | N/A |
| SQL injection vulnerability in viewtopic.php for phpBB 2.0.5 and earlier allows remote attackers to steal password hashes via the topic_id parameter. | ||||
| CVE-2004-1713 | 1 Hp | 2 Process Resource Manager, Workload Manager | 2026-04-16 | N/A |
| Unknown vulnerability in HP Process Resource Manager (PRM) C.02.01[.01] and earlier, as used by HP-UX Workload Manager (WLM), allows local users to corrupt data files. | ||||
| CVE-2001-1067 | 1 Aol | 1 Aol Server | 2026-04-16 | N/A |
| Buffer overflow in AOLserver 3.0 allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via an HTTP request with a long Authorization header. | ||||
| CVE-2003-0487 | 1 Kerio | 1 Kerio Mailserver | 2026-04-16 | N/A |
| Multiple buffer overflows in Kerio MailServer 5.6.3 allow remote authenticated users to cause a denial of service and possibly execute arbitrary code via (1) a long showuser parameter in the do_subscribe module, (2) a long folder parameter in the add_acl module, (3) a long folder parameter in the list module, and (4) a long user parameter in the do_map module. | ||||
| CVE-2001-1068 | 1 Qualcomm | 1 Qpopper | 2026-04-16 | N/A |
| qpopper 4.01 with PAM based authentication on Red Hat systems generates different error messages when an invalid username is provided instead of a valid name, which allows remote attackers to determine valid usernames on the system. | ||||
| CVE-2003-0488 | 1 Kerio | 1 Kerio Mailserver | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Kerio MailServer 5.6.3 allow remote attackers to insert arbitrary web script via (1) the add_name parameter in the add_acl module, or (2) the alias parameter in the do_map module. | ||||
| CVE-2001-1069 | 1 Adobe | 1 Acrobat Reader | 2026-04-16 | N/A |
| libCoolType library as used in Adobe Acrobat (acroread) on Linux creates the AdobeFnt.lst file with world-writable permissions, which allows local users to modify the file and possibly modify acroread's behavior. | ||||
| CVE-2006-4910 | 1 Cisco | 2 Ids Sensor Software, Ips Sensor Software | 2026-04-16 | N/A |
| The web administration interface (mainApp) to Cisco IDS before 4.1(5c), and IPS 5.0 before 5.0(6p1) and 5.1 before 5.1(2) allows remote attackers to cause a denial of service (unresponsive device) via a crafted SSLv2 Client Hello packet. | ||||
| CVE-2005-3469 | 1 News2net | 1 News2net | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php in News2Net 3.0.0.0 allows remote attackers to execute arbitrary SQL commands via the category parameter. | ||||
| CVE-2005-3470 | 1 Mailscanner | 1 Mailscanner | 2026-04-16 | N/A |
| SQL injection vulnerability in in the authenticate function in MailWatch for MailScanner 1.0.2 allows remote attackers to execute arbitrary SQL commands. | ||||
| CVE-2006-4911 | 1 Cisco | 1 Ips Sensor Software | 2026-04-16 | N/A |
| Unspecified vulnerability in Cisco IPS 5.0 before 5.0(6p2) and 5.1 before 5.1(2), when running in inline or promiscuous mode, allows remote attackers to bypass traffic inspection via a "crafted sequence of fragmented IP packets". | ||||