Export limit exceeded: 363818 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (363818 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-1490 | 1 Netbsd | 1 Netbsd | 2026-04-16 | N/A |
| NetBSD 1.4 through 1.6 beta allows local users to cause a denial of service (kernel panic) via a series of calls to the TIOCSCTTY ioctl, which causes an integer overflow in a structure counter and sets the counter to zero, which frees memory that is still in use by other processes. | ||||
| CVE-2002-1486 | 1 Cerulean Studios | 1 Trillian | 2026-04-16 | N/A |
| Multiple buffer overflows in the IRC component of Trillian 0.73 and 0.74 allows remote malicious IRC servers to cause a denial of service and possibly execute arbitrary code via (1) a large response from the server, (2) a JOIN with a long channel name, (3) a long "raw 221" message, (4) a PRIVMSG with a long nickname, or (5) a long response from an IDENT server. | ||||
| CVE-2005-2157 | 1 Nabocorp | 1 Nabopoll | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in survey.inc.php for nabopoll 1.2 allows remote attackers to execute arbitrary PHP code via the path parameter. | ||||
| CVE-2005-2155 | 1 Easyphpcalendar | 1 Easyphpcalendar | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in EasyPHPCalendar 6.1.5 and earlier allows remote attackers to execute arbitrary code via the serverPath parameter. | ||||
| CVE-2002-1483 | 1 Db4web | 1 Db4web | 2026-04-16 | N/A |
| db4web_c and db4web_c.exe programs in DB4Web 3.4 and 3.6 allow remote attackers to read arbitrary files via an HTTP request whose argument is a filename of the form (1) C: (drive letter), (2) //absolute/path (double-slash), or (3) .. (dot-dot). | ||||
| CVE-2005-2154 | 1 Osticket | 1 Osticket Sts | 2026-04-16 | N/A |
| PHP local file inclusion vulnerability in (1) view.php and (2) open.php in osTicket 1.3.1 beta and earlier allows remote attackers to include and possibly execute arbitrary local files via the inc parameter. | ||||
| CVE-2002-1481 | 1 Phpgb | 1 Phpgb | 2026-04-16 | N/A |
| savesettings.php in phpGB 1.20 and earlier does not require authentication, which allows remote attackers to cause a denial of service or execute arbitrary PHP code by using savesettings.php to modify config.php. | ||||
| CVE-2005-2153 | 1 Osticket | 1 Osticket Sts | 2026-04-16 | N/A |
| SQL injection vulnerability in class.ticket.php in osTicket 1.3.1 beta and earlier allows remote attackers to execute arbitrary SQL commands via the ticket variable. | ||||
| CVE-2002-1480 | 1 Phpgb | 1 Phpgb | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in phpGB before 1.20 allows remote attackers to inject arbitrary HTML or script into guestbook pages, which is executed when the administrator deletes the entry. | ||||
| CVE-2002-1470 | 1 Nullsoft | 1 Shoutcast Server | 2026-04-16 | N/A |
| SHOUTcast 1.8.9 and earlier allows local users to obtain the cleartext administrative password via a GET request to port 8001, which causes the password to be logged in the world-readable sc_serv.log file. | ||||
| CVE-2002-1463 | 1 Symantec | 4 Enterprise Firewall, Gateway Security, Raptor Firewall and 1 more | 2026-04-16 | N/A |
| Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor Models 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 generate easily predictable initial sequence numbers (ISN), which allows remote attackers to spoof connections. | ||||
| CVE-2005-2151 | 1 Double Precision Incorporated | 1 Courier Mail Server | 2026-04-16 | N/A |
| spf.c in Courier Mail Server does not properly handle DNS failures when looking up Sender Policy Framework (SPF) records, which could allow attackers to cause memory corruption. | ||||
| CVE-2002-1460 | 1 Leszek Krupinski | 1 L-forum | 2026-04-16 | N/A |
| L-Forum 2.40 and earlier does not properly verify whether a file was uploaded or if the associated variables were set by POST (attachment, attachment_name, attachment_size and attachment_type), which allows remote attackers to read arbitrary files. | ||||
| CVE-2002-1451 | 1 Desiderata Software | 1 Blazix | 2026-04-16 | N/A |
| Blazix before 1.2.2 allows remote attackers to read source code of JSP scripts or list restricted web directories via an HTTP request that ends in a (1) "+" or (2) "\" (backslash) character. | ||||
| CVE-2000-0003 | 1 Sco | 1 Unixware | 2026-04-16 | N/A |
| Buffer overflow in UnixWare rtpm program allows local users to gain privileges via a long environmental variable. | ||||
| CVE-1999-0936 | 2026-04-16 | N/A | ||
| BNBSurvey survey.cgi program allows remote attackers to execute commands via shell metacharacters. | ||||
| CVE-2002-1444 | 2 Google, Microsoft | 2 Toolbar, Internet Explorer | 2026-04-16 | N/A |
| The Google toolbar 1.1.60, when running on Internet Explorer 5.5 and 6.0, allows remote attackers to cause a denial of service (crash with an exception in oleaut32.dll) via malicious HTML, possibly related to small width and height parameters or an incorrect call to the Google.Search() function. | ||||
| CVE-1999-0934 | 2026-04-16 | N/A | ||
| classifieds.cgi allows remote attackers to read arbitrary files via shell metacharacters. | ||||
| CVE-2000-0290 | 1 4d | 1 Webstar Http Server | 2026-04-16 | N/A |
| Buffer overflow in Webstar HTTP server allows remote attackers to cause a denial of service via a long GET request. | ||||
| CVE-2006-2868 | 1 Claroline | 1 Claroline | 2026-04-16 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Claroline 1.7.6 allow remote attackers to execute arbitrary PHP code via a URL in the includePath cookie to (1) auth/extauth/drivers/mambo.inc.php or (2) auth/extauth/drivers/postnuke.inc.php. | ||||