Export limit exceeded: 345093 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (345093 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-3933 | 1 88script | 1 88script Event Calendar | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php in 88Script's Event Calendar 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the m parameter. | ||||
| CVE-2005-4833 | 1 Ibm | 1 Websphere Application Server | 2026-04-16 | N/A |
| IBM WebSphere Application Server (WAS) 6.0 before 20050201, when serving pages in an Application WAR or an Extended Document Root, allows remote attackers to obtain the JSP source code and other sensitive information via "a specific JSP URL," related to lack of normalization of the URL format. | ||||
| CVE-2006-0681 | 1 Power Daemon | 1 Power Daemon | 2026-04-16 | N/A |
| Format string vulnerability in powerd.c in Power Daemon (powerd) 2.0.2 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the WHATIDO variable. | ||||
| CVE-2006-1463 | 1 Apple | 1 Quicktime | 2026-04-16 | N/A |
| Heap-based buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a H.264 (M4V) video format file with a certain modified size value. | ||||
| CVE-2001-0958 | 1 Trend Micro | 2 Interscan Emanager, Interscan Viruswall | 2026-04-16 | N/A |
| Buffer overflows in eManager plugin for Trend Micro InterScan VirusWall for NT 3.51 and 3.51J allow remote attackers to execute arbitrary code via long arguments to the CGI programs (1) register.dll, (2) ContentFilter.dll, (3) SFNofitication.dll, (4) register.dll, (5) TOP10.dll, (6) SpamExcp.dll, and (7) spamrule.dll. | ||||
| CVE-2001-0959 | 2 Broadcom, Ca | 3 Arcserve Backup, Arcserve Backup 2000, Arcserve Backup 2000 | 2026-04-16 | N/A |
| Computer Associates ARCserve for NT 6.61 SP2a and ARCserve 2000 7.0 creates a hidden share named ARCSERVE$, which allows remote attackers to obtain sensitive information and overwrite critical files. | ||||
| CVE-2001-0968 | 1 Knox Software | 1 Arkeia | 2026-04-16 | N/A |
| Knox Arkeia server 4.2, and possibly other versions, installs its root user with a null password by default, which allows local and remote users to gain privileges. | ||||
| CVE-2001-0985 | 1 Hassan Consulting | 1 Shopping Cart | 2026-04-16 | N/A |
| shop.pl in Hassan Consulting Shopping Cart 1.23 allows remote attackers to execute arbitrary commands via shell metacharacters in the "page" parameter. | ||||
| CVE-2001-0986 | 1 Microsoft | 1 Index Server | 2026-04-16 | N/A |
| SQLQHit.asp sample file in Microsoft Index Server 2.0 allows remote attackers to obtain sensitive information such as the physical path, file attributes, or portions of source code by directly calling sqlqhit.asp with a CiScope parameter set to (1) webinfo, (2) extended_fileinfo, (3) extended_webinfo, or (4) fileinfo. | ||||
| CVE-2003-0971 | 2 Gnu, Redhat | 3 Privacy Guard, Enterprise Linux, Linux | 2026-04-16 | N/A |
| GnuPG (GPG) 1.0.2, and other versions up to 1.2.3, creates ElGamal type 20 (sign+encrypt) keys using the same key component for encryption as for signing, which allows attackers to determine the private key from a signature. | ||||
| CVE-2003-0972 | 1 Gnu | 1 Screen | 2026-04-16 | N/A |
| Integer signedness error in ansi.c for GNU screen 4.0.1 and earlier, and 3.9.15 and earlier, allows local users to execute arbitrary code via a large number of ";" (semicolon) characters in escape sequences, which leads to a buffer overflow. | ||||
| CVE-2003-0973 | 2 Apache, Redhat | 3 Mod Python, Enterprise Linux, Linux | 2026-04-16 | N/A |
| Unknown vulnerability in mod_python 3.0.x before 3.0.4, and 2.7.x before 2.7.9, allows remote attackers to cause a denial of service (httpd crash) via a certain query string. | ||||
| CVE-2003-0974 | 1 Applied Watch Technologies | 1 Applied Watch Command Center | 2026-04-16 | N/A |
| Applied Watch Command Center allows remote attackers to conduct unauthorized activities without authentication, such as (1) add new users to a console, as demonstrated using appliedsnatch.c, or (2) add spurious IDS rules to sensors, as demonstrated using addrule.c. | ||||
| CVE-2003-0975 | 1 Apple | 3 Mac Os X, Mac Os X Server, Safari | 2026-04-16 | N/A |
| Apple Safari 1.0 through 1.1 on Mac OS X 10.3.1 and Mac OS X 10.2.8 allows remote attackers to steal user cookies from another domain via a link with a hex-encoded null character (%00) followed by the target domain. | ||||
| CVE-2003-0976 | 1 Novell | 1 Netware | 2026-04-16 | N/A |
| NFS Server (XNFS.NLM) for Novell NetWare 6.5 does not properly enforce sys:\etc\exports when hostname aliases from sys:etc\hosts file are used, which could allow users to mount file systems when XNFS should deny the host. | ||||
| CVE-2003-0977 | 3 Cvs, Redhat, Slackware | 4 Cvs, Enterprise Linux, Linux and 1 more | 2026-04-16 | N/A |
| CVS server before 1.11.10 may allow attackers to cause the CVS server to create directories and files in the file system root directory via malformed module requests. | ||||
| CVE-2003-0978 | 1 Gnu | 1 Privacy Guard | 2026-04-16 | N/A |
| Format string vulnerability in gpgkeys_hkp (experimental HKP interface) for the GnuPG (gpg) client 1.2.3 and earlier, and 1.3.3 and earlier, allows remote attackers or a malicious keyserver to cause a denial of service (crash) and possibly execute arbitrary code during key retrieval. | ||||
| CVE-2003-0981 | 1 Freescripts | 1 Visitorbook Le | 2026-04-16 | 6.1 Medium |
| FreeScripts VisitorBook LE (visitorbook.pl) logs the reverse DNS name of a visiting host, which allows remote attackers to spoof the origin of their incoming requests and facilitate cross-site scripting (XSS) attacks. | ||||
| CVE-2003-0726 | 1 Realnetworks | 3 Realone Desktop Manager, Realone Enterprise Desktop, Realone Player | 2026-04-16 | N/A |
| RealOne player allows remote attackers to execute arbitrary script in the "My Computer" zone via a SMIL presentation with a URL that references a scripting protocol, which is executed in the security context of the previously loaded URL, as demonstrated using a "javascript:" URL in the area tag. | ||||
| CVE-2003-0730 | 3 Netbsd, Redhat, Xfree86 Project | 4 Netbsd, Enterprise Linux, Linux and 1 more | 2026-04-16 | N/A |
| Multiple integer overflows in the font libraries for XFree86 4.3.0 allow local or remote attackers to cause a denial of service or execute arbitrary code via heap-based and stack-based buffer overflow attacks. | ||||