Export limit exceeded: 363820 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (363820 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-2165 1 Globalnotescript 1 Globalnotescript 2026-04-16 N/A
read.cgi in GlobalNoteScript allows remote attackers to execute arbitrary commands via shell metacharacters in the file parameters.
CVE-1999-0940 1 Mutt 1 Mutt Mail Client 2026-04-16 N/A
Buffer overflow in mutt mail client allows remote attackers to execute commands via malformed MIME messages.
CVE-2005-2164 1 Covide Groupware-crm 1 Covide 2026-04-16 N/A
SQL injection vulnerability in Covide Groupware-CRM allows remote attackers to execute arbitrary SQL commands via unknown attack vectors.
CVE-2002-1541 1 Working Resources Inc. 1 Badblue 2026-04-16 N/A
BadBlue 1.7 allows remote attackers to bypass password protections for directories and files via an HTTP request containing an extra / (slash).
CVE-2005-4266 1 Alt-n 2 Mdaemon, Worldclient 2026-04-16 N/A
WorldClient.dll in Alt-N MDaemon and WorldClient 8.1.3 trusts a Session parameter that contains a randomly generated session ID that is associated with a username, which allows remote attackers to perform actions as other users by guessing or sniffing the random value.
CVE-2005-2163 1 Autoindex 1 Php Script 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in index.php in AutoIndex PHP Script 1.5.2 allows remote attackers to inject arbitrary web script or HTML via the search parameter.
CVE-2002-1531 1 Surfcontrol 1 Superscout Email Filter 2026-04-16 N/A
The administrative web interface (STEMWADM) for SurfControl SuperScout Email Filter allows remote attackers to cause a denial of service (crash) via an HTTP request without a Content-Length parameter.
CVE-2006-2876 1 Deltascripts 1 Php Pro Publish 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in cat.php in PHP Pro Publish 2.0 allows remote attackers to inject arbitrary web script or HTML via the catname parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2002-1522 1 Cooolsoft 1 Powerftp 2026-04-16 N/A
Buffer overflow in PowerFTP FTP server 2.24, and possibly other versions, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long USER argument.
CVE-2005-2162 1 Levcgi.com 1 Myguestbook 2026-04-16 N/A
PHP remote file inclusion vulnerability in form.inc.php3 in MyGuestbook 0.6.1 allows remote attackers to execute arbitrary PHP code via the lang parameter.
CVE-2002-1520 2 Rapidstream, Watchguard 2 Rapidstream, Firebox 2026-04-16 N/A
The CLI interface for WatchGuard Firebox Vclass 3.2 and earlier, and RSSA Appliance 3.0.2, does not properly close the SSH connection when a -N option is provided during authentication, which allows remote attackers to access CLI with administrator privileges.
CVE-2002-1510 2 Redhat, Xfree86 Project 3 Enterprise Linux, Linux, X11r6 2026-04-16 N/A
xdm, with the authComplain variable set to false, allows arbitrary attackers to connect to the X server if the xdm auth directory does not exist.
CVE-2005-2161 1 Phpbb Group 1 Phpbb 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in phpBB 2.0.16 allows remote attackers to inject arbitrary web script or HTML via nested [url] tags.
CVE-2002-1509 1 Redhat 2 Enterprise Linux, Linux 2026-04-16 N/A
A patch for shadow-utils 20000902 causes the useradd command to create a mail spool files with read/write privileges of the new user's group (mode 660), which allows other users in the same group to read or modify the new user's incoming email.
CVE-1999-0938 1 University College London 1 Sdr 2026-04-16 N/A
MBone SDR Package allows remote attackers to execute commands via shell metacharacters in Session Initiation Protocol (SIP) messages.
CVE-1999-0937 2026-04-16 N/A
BNBForm allows remote attackers to read arbitrary files via the automessage hidden form variable.
CVE-2002-1507 1 Epic Games 1 Unreal Tournament Server 2026-04-16 N/A
Unreal Tournament 2003 (ut2003) clients and servers allow remote attackers to cause a denial of service via malformed messages containing a small number of characters to UDP ports 7778 or 10777.
CVE-2005-2159 1 Planetdns 1 Planetfileserver 2026-04-16 N/A
mshftp.dll in PlanetDNS PlanetFileServer 2.0.1.3 allows remote attackers to cause a denial of service (application crash) via a long request.
CVE-2002-1504 1 Radiobird Software 1 Webserver 4 Everyone 2026-04-16 N/A
Directory traversal vulnerability in WebServer 4 Everyone 1.22 allows remote attackers to read arbitrary files via "..\" (dot-dot backslash) sequences in a URL.
CVE-2005-2158 1 Jboss 1 Jbpm 2026-04-16 N/A
A regression error in the embedded HSQLDB in JBoss jBPM 2.0 allows remote attackers to execute arbitrary comands, a re-introduction of a vulnerability that was originally identified by CVE-2003-0845.