Export limit exceeded: 359062 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (359062 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-0623 | 1 Raidenhttpd | 1 Raidenhttpd | 2026-04-16 | N/A |
| Buffer overflow in RaidenHTTPD 1.1.32, and possibly other versions before 1.1.34, allows remote attackers to execute arbitrary code via a long URL. | ||||
| CVE-2006-1268 | 1 Funkwerk | 1 X2300 | 2026-04-16 | N/A |
| The Internet Key Exchange implementation in Funkwerk X2300 7.2.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite. NOTE: due to the lack of details in the advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to. | ||||
| CVE-2001-1335 | 1 Aclogic | 1 Cesarftp | 2026-04-16 | N/A |
| Directory traversal vulnerability in CesarFTP 0.98b and earlier allows remote authenticated users (such as anonymous) to read arbitrary files via a GET with a filename that contains a ...%5c (modified dot dot). | ||||
| CVE-2001-1336 | 1 Aclogic | 1 Cesarftp | 2026-04-16 | N/A |
| CesarFTP 0.98b and earlier stores usernames and passwords in plaintext in the settings.ini file, which allows attackers to gain privileges. | ||||
| CVE-2001-1337 | 1 Beck Ipc Gmbh | 1 Ipc At Chip Embedded-webserver | 2026-04-16 | N/A |
| Beck IPC GmbH IPC@CHIP Embedded-Webserver allows remote attackers to cause a denial of service via a long HTTP request. | ||||
| CVE-2001-1338 | 1 Beck Ipc Gmbh | 1 Ipc At Chip Telnetd Server | 2026-04-16 | N/A |
| Beck IPC GmbH IPC@CHIP TelnetD server generates different responses when given valid and invalid login names, which allows remote attackers to determine accounts on the system. | ||||
| CVE-2005-0624 | 1 Debian | 1 Reportbug | 2026-04-16 | N/A |
| reportbug before 2.62 creates the .reportbugrc configuration file with world-readable permissions, which allows local users to obtain email smarthost passwords. | ||||
| CVE-2001-1344 | 1 Cgicentral | 2 Webstore 400, Webstore 400cs | 2026-04-16 | N/A |
| WSSecurity.pl in WebStore allows remote attackers to bypass authentication by providing the program with a filename that exists, which is made easier by (1) inserting a null character or (2) .. (dot dot). | ||||
| CVE-2001-1345 | 1 Jetico | 1 Bestcrypt | 2026-04-16 | N/A |
| bctool in Jetico BestCrypt 0.7 and earlier trusts the user-supplied PATH to find and execute an fsck utility program, which allows local users to gain privileges by modifying the PATH to point to a Trojan horse program. | ||||
| CVE-2001-1346 | 2 Broadcom, Ca | 2 Arcserve Backup, Arcserve Backup | 2026-04-16 | N/A |
| Computer Associates ARCserveIT 6.61 and 6.63 (also called ARCservIT) allows local users to overwrite arbitrary files via a symlink attack on the temporary files (1) asagent.tmp or (2) inetd.tmp. | ||||
| CVE-2002-0817 | 1 William Deich | 1 Super | 2026-04-16 | N/A |
| Format string vulnerability in super for Linux allows local users to gain root privileges via a long command line argument. | ||||
| CVE-2005-0625 | 1 Debian | 1 Reportbug | 2026-04-16 | N/A |
| reportbug 3.2 includes settings from .reportbugrc in bug reports, which exposes sensitive information such as smtpuser and smtppasswd. | ||||
| CVE-2006-1272 | 1 Mybulletinboard | 1 Mybulletinboard | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in member.php in MyBulletin Board (MyBB) 1.0.3 allow remote attackers to inject arbitrary web script or HTML via the (1) aim, (2) yahoo, (3) msn, or (4) website field. | ||||
| CVE-2001-1352 | 2 Namazu, Redhat | 2 Namazu, Linux | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in Namazu 2.0.9 and earlier allows remote attackers to execute arbitrary Javascript as other web users via an error message that is returned when an invalid index file is specified in the idxname parameter. | ||||
| CVE-2001-1354 | 1 Netwin | 2 Dmail, Surgeftp | 2026-04-16 | N/A |
| NetWin Authentication module (NWAuth) 2.0 and 3.0b, as implemented in SurgeFTP, DMail, and possibly other packages, uses weak password hashing, which could allow local users to decrypt passwords or use a different password that has the same hash value as the correct password. | ||||
| CVE-2001-1355 | 1 Netwin | 2 Dmail, Surgeftp | 2026-04-16 | N/A |
| Buffer overflows in NetWin Authentication Module (NWAuth) 3.0b and earlier, as implemented in DMail, SurgeFTP, and possibly other packages, could allow attackers to execute arbitrary code via long arguments to (1) the -del command or (2) the -lookup command. | ||||
| CVE-2002-1003 | 1 Mywebserver | 1 Mywebserver | 2026-04-16 | N/A |
| Buffer overflow in MyWebServer 1.02 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request. | ||||
| CVE-2005-0628 | 1 Demof | 1 Forumwa | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Forumwa 1.0 allow remote attackers to inject arbitrary web script or HTML via (1) the keyword parameter in search.php or the (2) body or (3) subject of a forum message. | ||||
| CVE-1999-1113 | 1 Eudora | 1 Internet Mail Server | 2026-04-16 | N/A |
| Buffer overflow in Eudora Internet Mail Server (EIMS) 2.01 and earlier on MacOS systems allows remote attackers to cause a denial of service via a long USER command to port 106. | ||||
| CVE-2001-1359 | 1 Caldera | 1 Volution | 2026-04-16 | N/A |
| Volution clients 1.0.7 and earlier attempt to contact the computer creation daemon (CCD) when an LDAP authentication failure occurs, which allows remote attackers to fully control clients via a Trojan horse Volution server. | ||||