Search Results (363993 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2003-0039 2 Isc, Redhat 2 Dhcpd, Linux 2026-04-16 N/A
ISC dhcrelay (dhcp-relay) 3.0rc9 and earlier, and possibly other versions, allows remote attackers to cause a denial of service (packet storm) via a certain BOOTP packet that is forwarded to a broadcast MAC address, causing an infinite loop that is not restricted by a hop count.
CVE-2005-2333 1 Seo-board 1 Seo-board 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in smilies_popup.php in SEO-Board 1.0 allows remote attackers to inject arbitrary web script or HTML via the doc parameter.
CVE-2005-4393 1 E-publish 1 E-publish 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in show.cfm in e-publish CMS 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) obcatid and (2) comid parameters.
CVE-2003-0040 2 Double Precision Incorporated, Inter7 2 Courier Mta, Courier-imap 2026-04-16 N/A
SQL injection vulnerability in the PostgreSQL auth module for courier 0.40 and earlier allows remote attackers to execute SQL code via the user name.
CVE-2003-0042 1 Apache 1 Tomcat 2026-04-16 N/A
Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, allows remote attackers to list directories even with an index.html or other file present, or obtain unprocessed source code for a JSP file, via a URL containing a null character.
CVE-2005-2334 1 Y.sak 1 Y.sak 2026-04-16 N/A
Y.SAK allows remote attackers to execute arbitrary commands via shell metacharacters in the $no variable to (1) w_s3mbfm.cgi, (2) w_s3adix.cgi, or (3) w_s3sbfm.cgi.
CVE-2003-0043 1 Apache 1 Tomcat 2026-04-16 N/A
Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, uses trusted privileges when processing the web.xml file, which could allow remote attackers to read portions of some files through the web.xml file.
CVE-2000-0042 1 Csm 1 Mail Server 2026-04-16 N/A
Buffer overflow in CSM mail server allows remote attackers to cause a denial of service or execute commands via a long HELO command.
CVE-2000-0032 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Solaris dmi_cmd allows local users to crash the dmispd daemon by adding a malformed file to the /var/dmi/db database.
CVE-1999-0959 1 Sgi 1 Irix 2026-04-16 N/A
IRIX startmidi program allows local users to modify arbitrary files via a symlink attack.
CVE-2006-2908 1 Mybulletinboard 1 Mybulletinboard 2026-04-16 N/A
The domecode function in inc/functions_post.php in MyBulletinBoard (MyBB) 1.1.2, and possibly other versions, allows remote attackers to execute arbitrary PHP code via the username field, which is used in a preg_replace function call with a /e (executable) modifier.
CVE-2000-0367 1 Michael Jennings 1 Eterm 2026-04-16 N/A
Vulnerability in eterm 0.8.8 in Debian GNU/Linux allows an attacker to gain root privileges.
CVE-2000-0293 1 Suse 1 Suse Linux 2026-04-16 N/A
aaa_base in SuSE Linux 6.3, and cron.daily in earlier versions, allow local users to delete arbitrary files by creating files whose names include spaces, which are then incorrectly interpreted by aaa_base when it deletes expired files from the /tmp directory.
CVE-2000-0023 1 Lotus 1 Domino Server 2026-04-16 N/A
Buffer overflow in Lotus Domino HTTP server allows remote attackers to cause a denial of service via a long URL.
CVE-2002-2078 1 Floosietek 2 Ftgateoffice, Ftgatepro 2026-04-16 N/A
Heap-based buffer overflow in Floositek (1) FTGate Pro 1.05 and (2) FTGate Office 1.05 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long POP3 APOP USER command.
CVE-1999-0956 1 Next 1 Nextstep 2026-04-16 N/A
The NeXT NetInfo _writers property allows local users to gain root privileges or conduct a denial of service.
CVE-2002-2073 1 Microsoft 3 Site Server, Site Server Commerce, Windows Nt 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in the default ASP pages on Microsoft Site Server 3.0 on Windows NT 4.0 allows remote attackers to inject arbitrary web script or HTML via the (1) ctr parameter in Default.asp and (2) the query string to formslogin.asp.
CVE-2006-2902 1 Particle Soft 1 Particle Links 2026-04-16 N/A
Directory traversal vulnerability in Particle Links 1.2.2 might allow remote attackers to access arbitrary files via ".." sequences in an HTTP request. NOTE: it is not clear whether this issue is legitimate, as the original researcher seems unsure.
CVE-2000-0381 1 Gossamer Threads 1 Dbman 2026-04-16 N/A
The Gossamer Threads DBMan db.cgi CGI script allows remote attackers to view environmental variables and setup information by referencing a non-existing database in the db parameter.
CVE-2000-0357 1 Redhat 1 Linux 2026-04-16 N/A
ORBit and esound in Red Hat Linux 6.1 do not use sufficiently random numbers, which allows local users to guess the authentication keys.