Export limit exceeded: 363818 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (363818 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-1490 1 Netbsd 1 Netbsd 2026-04-16 N/A
NetBSD 1.4 through 1.6 beta allows local users to cause a denial of service (kernel panic) via a series of calls to the TIOCSCTTY ioctl, which causes an integer overflow in a structure counter and sets the counter to zero, which frees memory that is still in use by other processes.
CVE-2002-1486 1 Cerulean Studios 1 Trillian 2026-04-16 N/A
Multiple buffer overflows in the IRC component of Trillian 0.73 and 0.74 allows remote malicious IRC servers to cause a denial of service and possibly execute arbitrary code via (1) a large response from the server, (2) a JOIN with a long channel name, (3) a long "raw 221" message, (4) a PRIVMSG with a long nickname, or (5) a long response from an IDENT server.
CVE-2005-2157 1 Nabocorp 1 Nabopoll 2026-04-16 N/A
PHP remote file inclusion vulnerability in survey.inc.php for nabopoll 1.2 allows remote attackers to execute arbitrary PHP code via the path parameter.
CVE-2005-2155 1 Easyphpcalendar 1 Easyphpcalendar 2026-04-16 N/A
PHP remote file inclusion vulnerability in EasyPHPCalendar 6.1.5 and earlier allows remote attackers to execute arbitrary code via the serverPath parameter.
CVE-2002-1483 1 Db4web 1 Db4web 2026-04-16 N/A
db4web_c and db4web_c.exe programs in DB4Web 3.4 and 3.6 allow remote attackers to read arbitrary files via an HTTP request whose argument is a filename of the form (1) C: (drive letter), (2) //absolute/path (double-slash), or (3) .. (dot-dot).
CVE-2005-2154 1 Osticket 1 Osticket Sts 2026-04-16 N/A
PHP local file inclusion vulnerability in (1) view.php and (2) open.php in osTicket 1.3.1 beta and earlier allows remote attackers to include and possibly execute arbitrary local files via the inc parameter.
CVE-2002-1481 1 Phpgb 1 Phpgb 2026-04-16 N/A
savesettings.php in phpGB 1.20 and earlier does not require authentication, which allows remote attackers to cause a denial of service or execute arbitrary PHP code by using savesettings.php to modify config.php.
CVE-2005-2153 1 Osticket 1 Osticket Sts 2026-04-16 N/A
SQL injection vulnerability in class.ticket.php in osTicket 1.3.1 beta and earlier allows remote attackers to execute arbitrary SQL commands via the ticket variable.
CVE-2002-1480 1 Phpgb 1 Phpgb 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in phpGB before 1.20 allows remote attackers to inject arbitrary HTML or script into guestbook pages, which is executed when the administrator deletes the entry.
CVE-2002-1470 1 Nullsoft 1 Shoutcast Server 2026-04-16 N/A
SHOUTcast 1.8.9 and earlier allows local users to obtain the cleartext administrative password via a GET request to port 8001, which causes the password to be logged in the world-readable sc_serv.log file.
CVE-2002-1463 1 Symantec 4 Enterprise Firewall, Gateway Security, Raptor Firewall and 1 more 2026-04-16 N/A
Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor Models 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 generate easily predictable initial sequence numbers (ISN), which allows remote attackers to spoof connections.
CVE-2005-2151 1 Double Precision Incorporated 1 Courier Mail Server 2026-04-16 N/A
spf.c in Courier Mail Server does not properly handle DNS failures when looking up Sender Policy Framework (SPF) records, which could allow attackers to cause memory corruption.
CVE-2002-1460 1 Leszek Krupinski 1 L-forum 2026-04-16 N/A
L-Forum 2.40 and earlier does not properly verify whether a file was uploaded or if the associated variables were set by POST (attachment, attachment_name, attachment_size and attachment_type), which allows remote attackers to read arbitrary files.
CVE-2002-1451 1 Desiderata Software 1 Blazix 2026-04-16 N/A
Blazix before 1.2.2 allows remote attackers to read source code of JSP scripts or list restricted web directories via an HTTP request that ends in a (1) "+" or (2) "\" (backslash) character.
CVE-2000-0003 1 Sco 1 Unixware 2026-04-16 N/A
Buffer overflow in UnixWare rtpm program allows local users to gain privileges via a long environmental variable.
CVE-1999-0936 2026-04-16 N/A
BNBSurvey survey.cgi program allows remote attackers to execute commands via shell metacharacters.
CVE-2002-1444 2 Google, Microsoft 2 Toolbar, Internet Explorer 2026-04-16 N/A
The Google toolbar 1.1.60, when running on Internet Explorer 5.5 and 6.0, allows remote attackers to cause a denial of service (crash with an exception in oleaut32.dll) via malicious HTML, possibly related to small width and height parameters or an incorrect call to the Google.Search() function.
CVE-1999-0934 2026-04-16 N/A
classifieds.cgi allows remote attackers to read arbitrary files via shell metacharacters.
CVE-2000-0290 1 4d 1 Webstar Http Server 2026-04-16 N/A
Buffer overflow in Webstar HTTP server allows remote attackers to cause a denial of service via a long GET request.
CVE-2006-2868 1 Claroline 1 Claroline 2026-04-16 N/A
Multiple PHP remote file inclusion vulnerabilities in Claroline 1.7.6 allow remote attackers to execute arbitrary PHP code via a URL in the includePath cookie to (1) auth/extauth/drivers/mambo.inc.php or (2) auth/extauth/drivers/postnuke.inc.php.