Export limit exceeded: 367123 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 367123 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (367123 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-2271 | 1 Bigfun | 1 Bigfun | 2026-04-16 | N/A |
| Buffer overflow in BigFun 1.51b IRC client, when the Direct Client Connection (DCC) option is used, allows remote attackers to cause a denial of service (crash) via a long string. | ||||
| CVE-2002-2274 | 1 Akfingerd | 1 Akfingerd | 2026-04-16 | N/A |
| akfingerd 0.5 allows local users to read arbitrary files as the akfingerd user (nobody) via a symlink attack on the .plan file. | ||||
| CVE-2002-2275 | 1 Fortres Grand Corporation | 1 Fortres | 2026-04-16 | N/A |
| Fortres 101 4.1 allows local users to bypass Fortres by pressing the Windows and "F" key together for 30 seconds, which opens multiple windows and eventually causes explorer.exe to crash, which then opens an unrestricted explorer.exe. | ||||
| CVE-2002-2276 | 1 Ultimate Php Board | 1 Ultimate Php Board | 2026-04-16 | N/A |
| Ultimate PHP Board (UPB) 1.0 allows remote attackers to view the physical path of the message board via a direct request to add.php, which leaks the path in an error message. | ||||
| CVE-2001-1038 | 1 Cisco | 1 Sn 5420 Storage Router Firmware | 2026-04-16 | N/A |
| Cisco SN 5420 Storage Router 1.1(3) and earlier allows remote attackers to cause a denial of service (reboot) via a series of connections to TCP port 8023. | ||||
| CVE-2002-2282 | 1 Mcafee | 1 Virusscan | 2026-04-16 | N/A |
| McAfee VirusScan 4.5.1, when the WebScanX.exe module is enabled, searches for particular DLLs from the user's home directory, even when browsing the local hard drive, which allows local users to run arbitrary code via malicious versions of those DLLs. | ||||
| CVE-2002-2292 | 1 Halycon Software | 1 Iasp | 2026-04-16 | N/A |
| Directory traversal vulnerability in Remote Console Applet in Halycon Software iASP 1.0.9 allows remote attackers to read arbitrary files via a .. (dot dot) in the HTTP request to port 9095. | ||||
| CVE-2003-0423 | 1 Apple | 1 Darwin Streaming Server | 2026-04-16 | N/A |
| parse_xml.cgi in Apple QuickTime / Darwin Streaming Server before 4.1.3g allows remote attackers to obtain the source code for parseable files via the filename parameter. | ||||
| CVE-2003-0460 | 1 Apache | 1 Http Server | 2026-04-16 | N/A |
| The rotatelogs program on Apache before 1.3.28, for Windows and OS/2 systems, does not properly ignore certain control characters that are received over the pipe, which could allow remote attackers to cause a denial of service. | ||||
| CVE-2004-1871 | 1 Photopost | 1 Photopost Php Pro | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in PhotoPost PHP Pro 4.6.x and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) ppuser, (2) password, (3) stype, (4) perpage, (5) sort, (6) page, (7) si, or (8) cat parameters to showmembers.php, or the (9) photo name, (10) photo description, (11) album name, or (12) album description fields. | ||||
| CVE-2004-2158 | 1 S9y | 1 Serendipity | 2026-04-16 | N/A |
| SQL injection vulnerability in Serendipity 0.7-beta1 allows remote attackers to execute arbitrary SQL commands via the entry_id parameter to (1) exit.php or (2) comment.php. | ||||
| CVE-2006-3538 | 1 Beatificfaith | 1 Eprayer | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in demo.php in BeatificFaith Eprayer Alpha allow remote attackers to inject arbitrary web script or HTML via the SRC attribute of a SCRIPT element in the (1) "Your name" field and (2) "Enter Prayer Request here" field. | ||||
| CVE-2006-4379 | 1 Ipswitch | 3 Imail Plus, Imail Secure Server, Ipswitch Collaboration Suite | 2026-04-16 | N/A |
| Stack-based buffer overflow in the SMTP Daemon in Ipswitch Collaboration 2006 Suite Premium and Standard Editions, IMail, IMail Plus, and IMail Secure allows remote attackers to execute arbitrary code via a long string located after an '@' character and before a ':' character. | ||||
| CVE-2001-1047 | 1 Openbsd | 1 Openbsd | 2026-04-16 | N/A |
| Race condition in OpenBSD VFS allows local users to cause a denial of service (kernel panic) by (1) creating a pipe in one thread and causing another thread to set one of the file descriptors to NULL via a close, or (2) calling dup2 on a file descriptor in one process, then setting the descriptor to NULL via a close in another process that is created via rfork. | ||||
| CVE-2000-0836 | 1 Broadgun Software | 1 Camshot Webcam | 2026-04-16 | N/A |
| Buffer overflow in CamShot WebCam Trial2.6 allows remote attackers to execute arbitrary commands via a long Authorization header. | ||||
| CVE-2001-0114 | 1 Omnicron | 1 Omnihttpd | 2026-04-16 | N/A |
| statsconfig.pl in OmniHTTPd 2.07 allows remote attackers to overwrite arbitrary files via the cgidir parameter. | ||||
| CVE-2002-2306 | 1 Kazaa | 1 Kazaa Media Desktop | 2026-04-16 | N/A |
| Sharman Networks KaZaA Media Desktop 1.7.1 allows remote attackers to cause a denial of service (CPU consumption) by sending several large messages. | ||||
| CVE-2004-2730 | 1 Microsoft | 11 Psexec, Psgetsid, Psinfo and 8 more | 2026-04-16 | N/A |
| Sysinternals PsTools before 2.05, including (1) PsExec before 1.54, (2) PsGetsid before 1.41, (3) PsInfo before 1.61, (4) PsKill before 1.03, (5) PsList before 1.26, (6) PsLoglist before 2.51, (7) PsPasswd before 1.21, (8) PsService before 2.12, (9) PsSuspend before 1.05, and (10) PsShutdown before 2.32, does not properly disconnect from remote IPC$ and ADMIN$ shares, which allows local users to access the shares with elevated privileges by using the existing share mapping. | ||||
| CVE-2004-2731 | 1 Linux | 1 Linux Kernel | 2026-04-16 | N/A |
| Multiple integer overflows in Sbus PROM driver (drivers/sbus/char/openprom.c) for the Linux kernel 2.4.x up to 2.4.27, 2.6.x up to 2.6.7, and possibly later versions, allow local users to execute arbitrary code by specifying (1) a small buffer size to the copyin_string function or (2) a negative buffer size to the copyin function. | ||||
| CVE-2004-2733 | 1 Webwiz | 1 Web Wiz Forums | 2026-04-16 | N/A |
| Web Wiz Forums 7.7a uses invalid logic to determine user privileges, which allows remote attackers to (1) block arbitrary IP addresses via pop_up_ip_blocking.asp or (2) modify topics via pop_up_topic_admin.asp. | ||||