Export limit exceeded: 363854 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (363854 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-4293 1 Kryptronic 1 Clickcartpro 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in cp-app.cgi in ClickCartPro (CCP) 5.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the affl parameter.
CVE-2002-1871 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
pkgadd in Sun Solaris 2.5.1 through 8 installs files setuid/setgid root if the pkgmap file contains a "?" (question mark) in the (1) mode, (2) owner, or (3) group fields, which allows attackers to elevate privileges.
CVE-2005-2207 1 Elemental Software 1 Cartwiz 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in store/login.asp in CartWIZ allows remote attackers to inject arbitrary web script or HTML via the message parameter.
CVE-2002-1872 1 Microsoft 1 Sql Server 2026-04-16 7.5 High
Microsoft SQL Server 6.0 through 2000, with SQL Authentication enabled, uses weak password encryption (XOR), which allows remote attackers to sniff and decrypt the password.
CVE-2002-1873 1 Microsoft 1 Exchange Server 2026-04-16 N/A
Microsoft Exchange 2000, when used with Microsoft Remote Procedure Call (MSRPC), allows remote attackers to cause a denial of service (crash or memory consumption) via malformed MSRPC calls.
CVE-2005-2208 1 Privashare 1 Privashare 2026-04-16 N/A
PrivaShare 1.1b allows remote attackers to cause a denial of service (crash) via a malformed message.
CVE-2005-4294 1 Alkacon 1 Opencms 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Alkacon OpenCms before 6.0.3 allows remote attackers to inject arbitrary web script or HTML via the username in the login page.
CVE-2002-1881 1 Macromedia 1 Flash Player 2026-04-16 N/A
Macromedia Flash Player 4.0 r12 through 6.0.47.0 allows remote attackers to cause a denial of service (web browser crash) via malformed content in a Flash Shockwave (.SWF) file, as demonstrated by by ROT13 encoding the body of the file but not the headers.
CVE-2005-2210 1 Tonec Inc. 1 Internet Download Manager 2026-04-16 N/A
Stack-based buffer overflow in Internet Download Manager 4.05 allows remote attackers to execute arbitrary code via a long URL.
CVE-2005-4295 1 Xigla 1 Absolute Image Gallery Xe 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Absolute Image Gallery XE 2.x allows remote attackers to inject arbitrary web script or HTML via the text parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2002-1882 1 Oracle 1 E-business Suite 2026-04-16 N/A
Unknown vulnerability in AolSecurityPrivate.class in Oracle E-Business Suite 11i 11.1 through 11.6 allows remote attackers to bypass user authentication checks via unknown attack vectors.
CVE-2005-2211 1 Sukria 1 Backup Manager 2026-04-16 N/A
Backup Manager 0.5.8a creates temporary files insecurely, which allows local users to conduct unauthorized file operations when a user is burning a CDR.
CVE-2002-1891 1 Ayman Akt 1 Ircit 2026-04-16 N/A
Buffer overflow in IRCIT 0.3.1 IRC client allows remote attackers to execute arbitrary code via a long invite request.
CVE-2002-1892 1 Netgear 1 Fvs318 2026-04-16 N/A
NETGEAR FVS318 running firmware 1.1 stores the username and password in a readable format when a backup of the configuration file is made, which allows local users to obtain sensitive information.
CVE-2002-1895 1 Apache 1 Tomcat 2026-04-16 N/A
The servlet engine in Jakarta Apache Tomcat 3.3 and 4.0.4, when using IIS and the ajp1.3 connector, allows remote attackers to cause a denial of service (crash) via a large number of HTTP GET requests for an MS-DOS device such as AUX, LPT1, CON, or PRN.
CVE-2005-2212 1 Sukria 1 Backup Manager 2026-04-16 N/A
Backup Manager 0.5.8a creates an archive repository with world readable and writable permissions, which allows attackers to modify or read the repository.
CVE-2002-1898 1 Apple 2 Mac Os X, Terminal 2026-04-16 N/A
Terminal 1.3 in Apple Mac OS X 10.2 allows remote attackers to execute arbitrary commands via shell metacharacters in a telnet:// link, which is executed by Terminal.app window.
CVE-2005-4296 1 Appserv Open Project 1 Appserv 2026-04-16 N/A
AppServ Open Project 2.5.3 allows remote attackers to cause a denial of service via a large HTTP request.
CVE-2002-1900 1 Pinboard 1 Pinboard 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Pinboard 1.0 allows remote attackers to inject arbitrary web script or HTML via tasklists.
CVE-2005-2215 1 Mediawiki 1 Mediawiki 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in MediaWiki before 1.4.x before 1.4.6 and 1.5 before 1.5beta3 allows remote attackers to inject arbitrary web script or HTML via a parameter in the page move template, a different vulnerability than CVE-2005-1888.