Search Results (26364 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2003-1488 1 Truelogik 1 Truegalerie 2026-04-16 N/A
The (1) verif_admin.php and (2) check_admin.php scripts in Truegalerie 1.0 allow remote attackers to gain administrator access via a request to admin.php without the connect parameter and with the loggedin parameter set to any value, such as 1.
CVE-2003-1490 1 Sonicwall 3 Pro100, Pro200, Pro300 2026-04-16 N/A
SonicWall Pro running firmware 6.4.0.1 allows remote attackers to cause a denial of service (device reset) via a long HTTP POST to the internal interface, possibly due to a buffer overflow.
CVE-2002-2328 1 Microsoft 1 Windows 2000 2026-04-16 N/A
Active Directory in Windows 2000, when supporting Kerberos V authentication and GSSAPI, allows remote attackers to cause a denial of service (hang) via an LDAP client that sets the page length to zero during a large request.
CVE-2006-1858 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-16 N/A
SCTP in Linux kernel before 2.6.16.17 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a chunk length that is inconsistent with the actual length of provided parameters.
CVE-2002-2354 1 Netgear 1 Fm114p 2026-04-16 N/A
Netgear FM114P firmware 1.3 wireless firewall allows remote attackers to cause a denial of service (crash or hang) via a large number of TCP connection requests.
CVE-2002-2346 1 Phpbb 1 Phpbb 2026-04-16 N/A
phpBB 2.0 through 2.0.3 generates names for uploaded avatar files with the hex-encoded IP address of the client system, which allows remote attackers to obtain client IP addresses.
CVE-2000-0876 1 Texas Imperial Software 2 Wftpd, Wftpd Pro 2026-04-16 N/A
WFTPD and WFTPD Pro 2.41 RC12 allows remote attackers to obtain the full pathname of the server via a "%C" command, which generates an error message that includes the pathname.
CVE-2001-0427 1 Cisco 6 Vpn 3000 Concentrator, Vpn 3005 Concentrator, Vpn 3015 Concentrator and 3 more 2026-04-16 N/A
Cisco VPN 3000 series concentrators before 2.5.2(F) allow remote attackers to cause a denial of service via a flood of invalid login requests to (1) the SSL service, or (2) the telnet service, which do not properly disconnect the user after several failed login attempts.
CVE-1999-0605 1 Austin Contract Computing 1 Merchant Order Form 2026-04-16 N/A
An incorrect configuration of the Order Form 1.0 shopping cart CGI program could disclose private information.
CVE-1999-0606 1 Seaside Enterprises 1 Ezmall 2026-04-16 N/A
An incorrect configuration of the EZMall 2000 shopping cart CGI program "mall2000.cgi" could disclose private information.
CVE-2003-1471 1 Alt-n 1 Mdaemon 2026-04-16 N/A
MDaemon POP server 6.0.7 and earlier allows remote authenticated users to cause a denial of service (crash) via a (1) DELE or (2) UIDL with a negative number.
CVE-2003-1481 1 Stalker 1 Communigate Pro 2026-04-16 N/A
CommuniGate Pro 3.1 through 4.0.6 sends the session ID in the referer field for an HTTP request for an image, which allows remote attackers to hijack mail sessions via an e-mail with an IMG tag that references a malicious URL that captures the referer.
CVE-2006-3365 1 V3 Chat 1 V3 Chat 2026-04-16 N/A
V3 Chat allows remote attackers to obtain the installation path via (1) an invalid id parameter to mail/index.php or (2) membername parameter to messenger/online.php, which displays the path in an error page due to an incorrect SQL statement.
CVE-2002-2239 1 Cisco 3 Catalyst 6500, Catalyst 7600, Ios 2026-04-16 N/A
The Cisco Optical Service Module (OSM) for the Catalyst 6500 and 7600 series running Cisco IOS 12.1(8)E through 12.1(13.4)E allows remote attackers to cause a denial of service (hang) via a malformed packet.
CVE-2003-0567 1 Cisco 3 Ios, Ons 15454 Optical Transport Platform, Optical Networking Systems Software 2026-04-16 N/A
Cisco IOS 11.x and 12.0 through 12.2 allows remote attackers to cause a denial of service (traffic block) by sending a particular sequence of IPv4 packets to an interface on the device, causing the input queue on that interface to be marked as full.
CVE-2003-1485 1 Clearswift 1 Mailsweeper 2026-04-16 N/A
Clearswift MAILsweeper 4.0 through 4.3.7 allows remote attackers to bypass filtering via a file attachment that contains "multiple extensions combined with large blocks of white space."
CVE-2003-1486 1 Phorum 1 Phorum 2026-04-16 N/A
Phorum 3.4 through 3.4.2 allows remote attackers to obtain the full path of the web server via an incorrect HTTP request to (1) smileys.php, (2) quick_listrss.php, (3) purge.php, (4) news.php, (5) memberlist.php, (6) forum_listrss.php, (7) forum_list_rdf.php, (8) forum_list.php, or (9) move.php, which leaks the information in an error message.
CVE-2001-0566 1 Cisco 1 Catalyst 2900 2026-04-16 N/A
Cisco Catalyst 2900XL switch allows a remote attacker to create a denial of service via an empty UDP packet sent to port 161 (SNMP) when SNMP is disabled.
CVE-2002-2236 1 Apt-www-proxy 1 Apt-www-proxy 2026-04-16 N/A
Format string vulnerability in the awp_log function in apt-www-proxy 0.1 allows remote attackers to execute arbitrary code.
CVE-2003-1487 1 Phorum 1 Phorum 2026-04-16 N/A
Multiple "command injection" vulnerabilities in Phorum 3.4 through 3.4.2 allow remote attackers to execute arbitrary commands and modify the Phorum configuration files via the (1) UserAdmin program, (2) Edit user profile, or (3) stats program.