Search Results (359575 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-2106 1 Wikkitikkitavi 1 Wikkitikkitavi 2026-04-16 N/A
PHP remote file inclusion vulnerability in WikkiTikkiTavi before 0.21 allows remote attackers to execute arbitrary PHP code via the TemplateDir variable, as demonstrated using conflict.php.
CVE-2002-2115 1 Hns 2 Hns, Hns-lite 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Hyper NIKKI System (HNS) Lite before 0.9 and HNS before 2.10-pl2 allows remote attackers to inject arbitrary web script or HTML.
CVE-2002-2124 1 Nylon 1 Nylon 2026-04-16 N/A
The recvn and sendn functions in nylon 0.2 do not check when the recv function call returns 0, which allows remote attackers to cause a denial of service (infinite loop and CPU consumption) by closing the connection while recv is executing.
CVE-2005-4089 1 Microsoft 2 Ie, Internet Explorer 2026-04-16 N/A
Microsoft Internet Explorer allows remote attackers to bypass cross-domain security restrictions and obtain sensitive information by using the @import directive to download files from other domains that are not valid Cascading Style Sheets (CSS) files, as demonstrated using Google Desktop, aka "CSSXSS" and "CSS Cross-Domain Information Disclosure Vulnerability."
CVE-2005-3274 3 Debian, Linux, Redhat 3 Debian Linux, Linux Kernel, Enterprise Linux 2026-04-16 4.7 Medium
Race condition in ip_vs_conn_flush in Linux 2.6 before 2.6.13 and 2.4 before 2.4.32-pre2, when running on SMP systems, allows local users to cause a denial of service (null dereference) by causing a connection timer to expire while the connection table is being flushed before the appropriate lock is acquired.
CVE-2002-2137 5 Alloy, D-link, Eusso and 2 more 5 Gl-2422ap-s, Dwl-900ap\+, Gl2422 Ap and 2 more 2026-04-16 N/A
GlobalSunTech Wireless Access Points (1) WISECOM GL2422AP-0T, and possibly OEM products such as (2) D-Link DWL-900AP+ B1 2.1 and 2.2, (3) ALLOY GL-2422AP-S, (4) EUSSO GL2422-AP, and (5) LINKSYS WAP11-V2.2, allow remote attackers to obtain sensitive information like WEP keys, the administrator password, and the MAC filter via a "getsearch" request to UDP port 27155.
CVE-2005-2338 1 Xoops 1 Xoops 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in XOOPS 2.0.12 JP and earlier, XOOPS 2.0.13.1 and earlier, and 2.2.x up to 2.2.3 RC1 allow remote attackers to inject arbitrary web script or HTML via (1) modules that use "XOOPS Code" and (2) newbb in the forum module.
CVE-2002-2141 1 Bea 1 Weblogic Server 2026-04-16 N/A
BEA WebLogic Server and Express 7.0 and 7.0.0.1, when running Servlets and Enterprise JavaBeans (EJB) on more than one server, will remove the security constraints and roles on all servers for any Servlets or EJB that are used by an application that is undeployed on one server, which could allow remote attackers to conduct unauthorized activities in violation of the intended restrictions.
CVE-2005-2340 1 Apple 1 Quicktime 2026-04-16 N/A
Heap-based buffer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via a crafted (1) QuickTime Image File (QTIF), (2) PICT, or (3) JPEG format image with a long data field.
CVE-2005-3285 1 Comersus Open Technologies 1 Comersus Backoffice Plus 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in comersus_backoffice_searchItemForm.asp in Comersus BackOffice Plus allows remote attackers to inject arbitrary web script or HTML via the (1) forwardTo1, (2) forwardTo2, (3) nameFT1, or (4) nameFT2 parameters.
CVE-2002-2148 1 Lucent 3 Ascend Max Router, Ascend Pipeline Router, Dslterminator 2026-04-16 N/A
Lucent Ascend MAX Router 5.0 and earlier, Lucent Ascend Pipeline Router 6.0.2 and earlier and Lucent DSLTerminator allows remote attackers to obtain sensitive information such as hostname, MAC, and IP address of the Ethernet interface via a discard (UDP port 9) packet, which causes the device to leak the information in the response.
CVE-2005-2341 1 Rim 2 Blackberry Attachment Service, Blackberry Enterprise Server 2026-04-16 N/A
Heap-based buffer overflow in Research in Motion (RIM) BlackBerry Attachment Service allows remote attackers to cause a denial of service (hang) via an e-mail attachment with a crafted TIFF file.
CVE-2002-2149 1 Lucent 3 Access Point Service Router 1500, Access Point Service Router 300, Access Point Service Router 600 2026-04-16 N/A
Buffer overflow in Lucent Access Point 300, 600, and 1500 Service Routers allows remote attackers to cause a denial of service (reboot) via a long HTTP request to the administrative interface.
CVE-2005-2342 1 Rim 2 Blackberry Enterprise Server, Blackberry Router 2026-04-16 N/A
Research in Motion (RIM) BlackBerry Router allows remote attackers to cause a denial of service (communication disruption) via crafted Server Routing Protocol (SRP) packets.
CVE-2005-3294 1 Typsoft 1 Typsoft Ftp Server 2026-04-16 N/A
Typsoft FTP Server 1.11, with "Sub Directory Include" enabled, allows remote attackers to cause a denial of service (crash) by sending multiple RETR commands. NOTE: it was later reported that 1.10 is also affected.
CVE-2005-3673 1 Checkpoint 5 Check Point, Express, Firewall-1 and 2 more 2026-04-16 N/A
The Internet Key Exchange version 1 (IKEv1) implementation in Check Point products allows remote attackers to cause a denial of service via certain crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to.
CVE-2002-2159 1 Linksys 3 Befsr11, Befsr41, Befsru31 2026-04-16 N/A
Linksys EtherFast Cable/DSL BEFSR11, BEFSR41 and BEFSRU31 with the firmware 1.42.7 upgrade installed opens TCP port 5678 for remote administration even when the "Block WAN" and "Remote Admin" options are disabled, which allows remote attackers to gain access.
CVE-2005-2343 1 Rim 3 Blackberry, Blackberry Desktop Manager, Blackberry Device Software 2026-04-16 N/A
Research in Motion (RIM) BlackBerry Handheld web browser for BlackBerry Handheld before 4.0.2 allows remote attackers to cause a denial of service (hang) via a Java Application Description (JAD) file with a long application name and vendor string, which prevents a browser dialog from being properly dismissed.
CVE-2005-3298 1 Suse 1 Suse Linux 2026-04-16 N/A
Multiple buffer overflows in OpenWBEM on SuSE Linux 9 allow remote attackers to execute arbitrary code via unknown vectors.
CVE-2002-2161 1 Kerio 1 Personal Firewall 2026-04-16 N/A
Kerio Personal Firewall (KPF) 2.1.4 and earlier allows remote attackers to cause a denial of service (hang and CPU consumption) via a SYN packet flood.