Export limit exceeded: 364929 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (364929 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-3261 | 1 Versatilebulletinboard | 1 Versatilebulletinboard | 2026-04-16 | N/A |
| getversions.php in versatileBulletinBoard (vBB) 1.0.0 RC2 lists the versions of all installed scripts, which allows remote attackers to obtain sensitive information via a direct request. | ||||
| CVE-2004-2253 | 1 Netwin | 1 Surgeldap | 2026-04-16 | N/A |
| Directory traversal vulnerability in user.cgi in SurgeLDAP 1.0g and earlier allows remote attackers to read arbitrary files via a .. in the page parameter of the show command. | ||||
| CVE-2004-2254 | 1 Netwin | 1 Surgeldap | 2026-04-16 | N/A |
| SurgeLDAP 1.0g (Build 12), and possibly other versions before 1.0h, allows remote attackers to bypass authentication for the administration interface via a direct request to admin.cgi with a modified utoken parameter. | ||||
| CVE-2004-2255 | 1 Phpmyfaq | 1 Phpmyfaq | 2026-04-16 | N/A |
| Directory traversal vulnerability in phpMyFAQ 1.3.12 allows remote attackers to read arbitrary files, and possibly execute local PHP files, via the action variable, which is used as part of a template filename. | ||||
| CVE-2004-2257 | 1 Phpmyfaq | 1 Phpmyfaq | 2026-04-16 | 5.3 Medium |
| phpMyFAQ 1.4.0 allows remote attackers to access the Image Manager to upload or delete images without authorization via a direct request. | ||||
| CVE-2005-3262 | 1 Rarlab | 1 Winrar | 2026-04-16 | N/A |
| Format string vulnerability in RARLAB WinRAR 2.90 through 3.50 allows remote attackers to execute arbitrary code via format string specifiers in a UUE/XXE file, which are not properly handled when WinRAR displays diagnostic errors related to an invalid filename. | ||||
| CVE-2004-2258 | 1 Hummingbird | 1 Exceed | 2026-04-16 | N/A |
| Xconfig in Hummingbird Exceed before 9.0.0.1, when the Screen Definition is password-protected, allows local users to access certain options by switching to another tab, then switching back to the original tab. | ||||
| CVE-2004-2262 | 1 E107 | 1 E107 | 2026-04-16 | N/A |
| ImageManager in e107 before 0.617 does not properly check the types of uploaded files, which allows remote attackers to execute arbitrary code by uploading a PHP file via the upload parameter to images.php. | ||||
| CVE-2004-2264 | 1 Gnu | 1 Less | 2026-04-16 | N/A |
| Format string bug in the open_altfile function in filename.c for GNU less 382, 381, and 358 might allow local users to cause a denial of service or possibly execute arbitrary code via format strings in the LESSOPEN environment variable. NOTE: since less is not setuid or setgid, then this is not a vulnerability unless there are plausible scenarios under which privilege boundaries could be crossed | ||||
| CVE-2005-3263 | 1 Rarlab | 1 Winrar | 2026-04-16 | N/A |
| Stack-based buffer overflow in UNACEV2.DLL for RARLAB WinRAR 2.90 through 3.50 allows remote attackers to execute arbitrary code via an ACE archive containing a file with a long name. | ||||
| CVE-2004-2266 | 1 Ansel | 1 Ansel | 2026-04-16 | N/A |
| SQL injection vulnerability in Ansel 2.1 and earlier allows remote attackers to modify SQL statements via the image parameter. | ||||
| CVE-2005-3264 | 1 Zeroblog | 1 Zeroblog | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in thread.php for Zeroblog 1.1f and 1.2a allows remote attackers to inject arbitrary web script or HTML via the threadID parameter. | ||||
| CVE-2004-2269 | 1 Matt Shelton | 1 Pads | 2026-04-16 | N/A |
| Stack-based buffer overflow in pads.c in Passive Asset Detection System (Pads) might allow local users to execute arbitrary code via a long report file name argument. NOTE: since Pads is not normally installed setuid, this may not be a vulnerability. | ||||
| CVE-1999-0022 | 6 Bsdi, Freebsd, Hp and 3 more | 7 Bsd Os, Freebsd, Hp-ux and 4 more | 2026-04-16 | 7.8 High |
| Local user gains root privileges via buffer overflow in rdist, via expstr() function. | ||||
| CVE-2004-2276 | 1 F-secure | 1 F-secure Anti-virus | 2026-04-16 | N/A |
| F-Secure Anti-Virus 5.41 and 5.42 on Windows, Client Security 5.50 and 5.52, 4.60 for Samba Servers, and 4.52 and earlier for Linux does not properly detect certain viruses in a PKZip archive, which allows viruses such as Sober.D and Sober.G to bypass initial detection. | ||||
| CVE-2005-3265 | 1 Skype Technologies | 1 Skype | 2026-04-16 | N/A |
| Buffer overflow in Skype for Windows 1.1.x.0 through 1.4.x.83 allows remote attackers to execute arbitrary code via (1) callto:// and (2) skype:// links, or (3) a non-standard VCARD, possibly due to an underlying error in the SysUtils.WideFmtStr Delphi routine. | ||||
| CVE-2004-2286 | 2 Activestate, Larry Wall | 2 Activeperl, Perl | 2026-04-16 | N/A |
| Integer overflow in the duplication operator in ActivePerl allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large multiplier, which may trigger a buffer overflow. | ||||
| CVE-2004-2294 | 1 Francisco Burzi | 1 Php-nuke | 2026-04-16 | N/A |
| Canonicalize-before-filter error in the send_review function in the Reviews module for PHP-Nuke 6.0 to 7.3 allows remote attackers to inject arbitrary web script or HTML via hex-encoded XSS sequences in the text parameter, which is checked for dangerous sequences before it is canonicalized, leading to a cross-site scripting (XSS) vulnerability. | ||||
| CVE-2005-3268 | 1 Raphael Bossek | 1 Yiff Server | 2026-04-16 | N/A |
| yiff server (yiff-server) 2.14.2 on Debian GNU/Linux runs as root and does not properly verify ownership of files that it opens, which allows local users to read arbitrary files. | ||||
| CVE-2004-2302 | 1 Linux | 1 Linux Kernel | 2026-04-16 | N/A |
| Race condition in the sysfs_read_file and sysfs_write_file functions in Linux kernel before 2.6.10 allows local users to read kernel memory and cause a denial of service (crash) via large offsets in sysfs files. | ||||