Export limit exceeded: 364938 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (364938 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2003-1049 1 Ibm 1 Db2 Universal Database 2026-04-16 N/A
IBM DB2 Universal Database 7 before FixPak 12 creates certain DMS directories with insecure permissions (777), which allows local users to modify or delete certain DB2 files.
CVE-2005-2644 1 Isemarket 1 Jaguarcontrol 2026-04-16 N/A
Buffer overflow in JaguarEditControl.dll in Isemarket JaguarControl allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long Jtext field.
CVE-2003-1077 1 Sun 1 Solaris 2026-04-16 N/A
Unknown vulnerability in UFS for Solaris 9 for SPARC, with logging enabled, allows local users to cause a denial of service (UFS file system hang).
CVE-2003-1347 1 Geeklog 1 Geeklog 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Geeklog 1.3.7 allow remote attackers to inject arbitrary web script or HTML via the (1) cid parameter to comment.php, (2) uid parameter to profiles.php, (3) uid to users.php, and (4) homepage field.
CVE-2003-1146 1 John Beatty 1 Easy Php Photo Album 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in John Beatty Easy PHP Photo Album 1.0 allows remote attackers to inject arbitrary web script or HTML via the dir parameter.
CVE-2003-1199 1 Myproxy 1 Myproxy 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in MyProxy 20030629 allows remote attackers to inject arbitrary web script or HTML via the URL.
CVE-2005-2648 1 W-agora 1 W-agora 2026-04-16 N/A
Directory traversal vulnerability in index.php in W-Agora 4.2.0 and earlier allows remote attackers to read arbitrary files via the site parameter.
CVE-2005-2649 1 Adaptive Technology Resource Centre 1 Atutor 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in ATutor 1.5.1 allows remote attackers to inject arbitrary web script or HTML via (1) course parameter in login.php or (2) words parameter in search.php.
CVE-2005-3726 1 Interspire 1 Articlelive Nx 2026-04-16 N/A
SQL injection vulnerability in Interspire ArticleLive NX 0.3 allows remote attackers to execute arbitrary SQL commands via the Query parameter.
CVE-2005-2651 1 Phpoutsourcing 1 Zorum 2026-04-16 N/A
gorum/prod.php in Zorum 3.5 allows remote attackers to execute arbitrary code via shell metacharacters in the argv parameter.
CVE-2005-2652 1 Phpoutsourcing 1 Zorum 2026-04-16 N/A
Zorum 3.5 allows remote attackers to obtain the full installation path via direct requests to (1) gorum/notification.php, (2) user.php, (3) attach.php, (4) blacklist.php, (5) zorum/forum.php, (6) globalstat.php, (7) gorum/trace.php, (8) gorum/badwords.php, or (9) gorum/flood.php.
CVE-2005-2653 1 Bbcaffe 1 Bbcaffe 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in BBCaffe 2.0 allows remote attackers to inject arbitrary web script or HTML via e-mail data in a message.
CVE-2005-3384 1 Techno Dreams 1 Techno Dreams Guest Book 2026-04-16 N/A
SQL injection vulnerability in Techno Dreams Guest Book script allows remote attackers to execute arbitrary SQL commands and bypass authentication via the userid parameter in admin/login.asp.
CVE-2004-0054 1 Cisco 1 Ios 2026-04-16 N/A
Multiple vulnerabilities in the H.323 protocol implementation for Cisco IOS 11.3T through 12.2T allow remote attackers to cause a denial of service and possibly execute arbitrary code, as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 protocol.
CVE-2004-0062 1 Fishnet 1 Fishcart 2026-04-16 N/A
Integer overflow in the rnd arithmetic rounding function for various versions of FishCart before 3.1 allows remote attackers to "cause negative totals" via an order with a large quantity.
CVE-2004-0067 1 Phpgedview 1 Phpgedview 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in phpGedView before 2.65 allow remote attackers to inject arbitrary HTML or web script via (1) descendancy.php, (2) index.php, (3) individual.php, (4) login.php, (5) relationship.php, (6) source.php, (7) imageview.php, (8) calendar.php, (9) gedrecord.php, (10) login.php, and (11) gdbi_interface.php. NOTE: some aspects of vector 10 were later reported to affect 4.1.
CVE-2004-0084 3 Openbsd, Redhat, Xfree86 Project 4 Openbsd, Enterprise Linux, Linux and 1 more 2026-04-16 N/A
Buffer overflow in the ReadFontAlias function in XFree86 4.1.0 to 4.3.0, when using the CopyISOLatin1Lowered function, allows local or remote authenticated users to execute arbitrary code via a malformed entry in the font alias (font.alias) file, a different vulnerability than CVE-2004-0083 and CVE-2004-0106.
CVE-2004-0085 1 Apple 1 Mac Os X 2026-04-16 N/A
Unknown vulnerability in the Mail application for Mac OS X 10.1.5 and 10.2.8 with unknown impact, a different vulnerability than CVE-2004-0086.
CVE-2004-0092 1 Apple 1 Mac Os X 2026-04-16 N/A
Unknown vulnerability in Safari web browser in Mac OS X 10.2.8 and 10.3.2, with unknown impact.
CVE-2004-0094 2 Redhat, Xfree86 Project 2 Enterprise Linux, X11r6 2026-04-16 N/A
Integer signedness errors in XFree86 4.1.0 allow remote attackers to cause a denial of service and possibly execute arbitrary code when using the GLX extension and Direct Rendering Infrastructure (DRI).