Export limit exceeded: 361128 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (361128 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2003-1009 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| Directory Services in Apple Mac OS X 10.0.2, 10.0.3, 10.2.8, 10.3.2 and Apple Mac OS X Server 10.2 through 10.3.2 accepts authentication server information from unknown LDAP or NetInfo sources as provided by a malicious DHCP server, which allows remote attackers to gain privileges. | ||||
| CVE-2005-3944 | 1 Faq System | 1 Faq System | 2026-04-16 | N/A |
| SQL injection vulnerability in survey.php in ilyav Survey System 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the SURVEY_ID parameter. | ||||
| CVE-2003-1014 | 3 Clearswift, F-secure, Paul L Daniels | 3 Mailsweeper, Internet Gatekeeper, Ripmime | 2026-04-16 | N/A |
| Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use multiple MIME fields with the same name, which may be interpreted differently by mail clients. | ||||
| CVE-2003-1029 | 1 Lbl | 1 Tcpdump | 2026-04-16 | N/A |
| The L2TP protocol parser in tcpdump 3.8.1 and earlier allows remote attackers to cause a denial of service (infinite loop and memory consumption) via a packet with invalid data to UDP port 1701, which causes l2tp_avp_print to use a bad length value when calling print_octets. | ||||
| CVE-2003-1031 | 1 Jelsoft | 1 Vbulletin | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in register.php for vBulletin 3.0 Beta 2 allows remote attackers to inject arbitrary HTML or web script via optional fields such as (1) "Interests-Hobbies", (2) "Biography", or (3) "Occupation." | ||||
| CVE-2003-1049 | 1 Ibm | 1 Db2 Universal Database | 2026-04-16 | N/A |
| IBM DB2 Universal Database 7 before FixPak 12 creates certain DMS directories with insecure permissions (777), which allows local users to modify or delete certain DB2 files. | ||||
| CVE-2005-2644 | 1 Isemarket | 1 Jaguarcontrol | 2026-04-16 | N/A |
| Buffer overflow in JaguarEditControl.dll in Isemarket JaguarControl allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long Jtext field. | ||||
| CVE-2003-1077 | 1 Sun | 1 Solaris | 2026-04-16 | N/A |
| Unknown vulnerability in UFS for Solaris 9 for SPARC, with logging enabled, allows local users to cause a denial of service (UFS file system hang). | ||||
| CVE-2003-1347 | 1 Geeklog | 1 Geeklog | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Geeklog 1.3.7 allow remote attackers to inject arbitrary web script or HTML via the (1) cid parameter to comment.php, (2) uid parameter to profiles.php, (3) uid to users.php, and (4) homepage field. | ||||
| CVE-2003-1146 | 1 John Beatty | 1 Easy Php Photo Album | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in John Beatty Easy PHP Photo Album 1.0 allows remote attackers to inject arbitrary web script or HTML via the dir parameter. | ||||
| CVE-2003-1199 | 1 Myproxy | 1 Myproxy | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in MyProxy 20030629 allows remote attackers to inject arbitrary web script or HTML via the URL. | ||||
| CVE-2005-2648 | 1 W-agora | 1 W-agora | 2026-04-16 | N/A |
| Directory traversal vulnerability in index.php in W-Agora 4.2.0 and earlier allows remote attackers to read arbitrary files via the site parameter. | ||||
| CVE-2005-2649 | 1 Adaptive Technology Resource Centre | 1 Atutor | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in ATutor 1.5.1 allows remote attackers to inject arbitrary web script or HTML via (1) course parameter in login.php or (2) words parameter in search.php. | ||||
| CVE-2005-3726 | 1 Interspire | 1 Articlelive Nx | 2026-04-16 | N/A |
| SQL injection vulnerability in Interspire ArticleLive NX 0.3 allows remote attackers to execute arbitrary SQL commands via the Query parameter. | ||||
| CVE-2005-2651 | 1 Phpoutsourcing | 1 Zorum | 2026-04-16 | N/A |
| gorum/prod.php in Zorum 3.5 allows remote attackers to execute arbitrary code via shell metacharacters in the argv parameter. | ||||
| CVE-2005-2652 | 1 Phpoutsourcing | 1 Zorum | 2026-04-16 | N/A |
| Zorum 3.5 allows remote attackers to obtain the full installation path via direct requests to (1) gorum/notification.php, (2) user.php, (3) attach.php, (4) blacklist.php, (5) zorum/forum.php, (6) globalstat.php, (7) gorum/trace.php, (8) gorum/badwords.php, or (9) gorum/flood.php. | ||||
| CVE-2005-2653 | 1 Bbcaffe | 1 Bbcaffe | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in BBCaffe 2.0 allows remote attackers to inject arbitrary web script or HTML via e-mail data in a message. | ||||
| CVE-2005-3384 | 1 Techno Dreams | 1 Techno Dreams Guest Book | 2026-04-16 | N/A |
| SQL injection vulnerability in Techno Dreams Guest Book script allows remote attackers to execute arbitrary SQL commands and bypass authentication via the userid parameter in admin/login.asp. | ||||
| CVE-2004-0054 | 1 Cisco | 1 Ios | 2026-04-16 | N/A |
| Multiple vulnerabilities in the H.323 protocol implementation for Cisco IOS 11.3T through 12.2T allow remote attackers to cause a denial of service and possibly execute arbitrary code, as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 protocol. | ||||
| CVE-2004-0062 | 1 Fishnet | 1 Fishcart | 2026-04-16 | N/A |
| Integer overflow in the rnd arithmetic rounding function for various versions of FishCart before 3.1 allows remote attackers to "cause negative totals" via an order with a large quantity. | ||||