Export limit exceeded: 348979 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29911 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2003-1300 | 1 Pablo Software Solutions | 1 Baby Ftp Server | 2026-04-16 | N/A |
| Baby FTP Server (BabyFTP) 1.2, and possibly other versions before May 31, 2003, allows remote attackers to cause a denial of service via a large number of connections from the same IP address, which triggers an access violation. | ||||
| CVE-2003-1310 | 1 Symantec | 1 Norton Antivirus | 2026-04-16 | N/A |
| The DeviceIoControl function in the Norton Device Driver (NAVAP.sys) in Symantec Norton AntiVirus 2002 allows local users to gain privileges by overwriting memory locations via certain control codes (aka "Device Driver Attack"). | ||||
| CVE-2004-2177 | 1 Devoybb | 1 Devoybb Web Forum | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in DevoyBB Web Forum 1.0.0 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | ||||
| CVE-2003-1312 | 1 Netegrity | 1 Siteminder | 2026-04-16 | N/A |
| siteminderagent/SmMakeCookie.ccc in Netegrity SiteMinder places a session ID string in the value of the SMSESSION parameter in a URL, which might allow remote attackers to obtain the ID by sniffing, reading Referer logs, or other methods. | ||||
| CVE-2003-1313 | 1 Eternalmart | 1 Mailing List Manager | 2026-04-16 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in EternalMart Mailing List Manager (EMLM) 1.32 allow remote attackers to execute arbitrary PHP code via a URL in (1) the emml_admin_path parameter to admin/auth.php or (2) the emml_path parameter to emml_email_func.php. | ||||
| CVE-2003-1317 | 1 Endonesia | 1 Endonesia | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in mod.php in eNdonesia 8.2 allows remote attackers to inject arbitrary web script or HTML via the mod parameter. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2003-1329 | 2 Redhat, Washington University | 2 Enterprise Linux, Wu-ftpd | 2026-04-16 | N/A |
| ftpd.c in wu-ftpd 2.6.2, when running on "operating systems that only allow one non-connected socket bound to the same local address," does not close failed connections, which allows remote attackers to cause a denial of service. | ||||
| CVE-2004-2178 | 1 Devoybb | 1 Devoybb Web Forum | 2026-04-16 | N/A |
| SQL injection vulnerability in DevoyBB Web Forum 1.0.0 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | ||||
| CVE-2003-1338 | 1 Aprelium Technologies | 1 Abyss Web Server | 2026-04-16 | N/A |
| CRLF injection vulnerability in Aprelium Abyss Web Server 1.1.2 and earlier allows remote attackers to inject arbitrary HTTP headers and possibly conduct HTTP Response Splitting attacks via CRLF sequences in the Location header. | ||||
| CVE-2004-2179 | 1 Microsoft | 2 Frontpage, Ie | 2026-04-16 | N/A |
| asycpict.dll, as used in Microsoft products such as Front Page 97 and 98, allows remote attackers to cause a denial of service (hang) via a JPEG image with maximum height and width values. | ||||
| CVE-2004-2185 | 1 Mediawiki | 1 Mediawiki | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in MediaWiki 1.3.5 allow remote attackers to execute arbitrary scripts and/or SQL queries via (1) the UnicodeConverter extension, (2) raw page views, (3) SpecialIpblocklist, (4) SpecialEmailuser, (5) SpecialMaintenance, and (6) ImagePage. | ||||
| CVE-2005-0381 | 1 Forumkit | 1 Forumkit | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in f.aspx in forumKIT 1.0 allows remote attackers to inject arbitrary web script or HTML via the members parameter. | ||||
| CVE-2004-2186 | 1 Mediawiki | 1 Mediawiki | 2026-04-16 | N/A |
| SQL injection vulnerability in MediaWiki 1.3.5 allows remote attackers to execute arbitrary SQL commands via SpecialMaintenance. | ||||
| CVE-2004-2187 | 1 Mediawiki | 1 Mediawiki | 2026-04-16 | N/A |
| Unknown vulnerability in ImagePage for MediaWiki 1.3.5, related to "filename validation," has unknown impact and attack vectors. | ||||
| CVE-2003-1428 | 2 Bharat Mediratta, Linux | 2 Gallery, Linux Kernel | 2026-04-16 | N/A |
| Gallery 1.3.3 creates directories with insecure permissions, which allows local users to read, modify, or delete photos. | ||||
| CVE-2004-2190 | 1 Unzoo | 1 Unzoo | 2026-04-16 | N/A |
| Directory traversal vulnerability in Unzoo 4.4-2 has unknown impact and attack vectors. | ||||
| CVE-2004-2198 | 1 Duware | 1 Duclassmate | 2026-04-16 | N/A |
| account.asp in DUware DUclassmate 1.0 through 1.1 allows remote attackers to change the passwords for arbitrary users by modifying the MM_recordId parameter on the "My Account" page. | ||||
| CVE-2003-1437 | 6 Bea, Hp, Ibm and 3 more | 8 Weblogic Server, Hp-ux, Aix and 5 more | 2026-04-16 | N/A |
| BEA WebLogic Express and WebLogic Server 7.0 and 7.0.0.1, stores passwords in plaintext when a keystore is used to store a private key or trust certificate authorities, which allows local users to gain access. | ||||
| CVE-2004-2207 | 1 Ideal Science | 1 Idealbb | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Ideal Science IdealBB 1.4.9 through 1.5.3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | ||||
| CVE-2003-1454 | 4 Invision Power Services, Linux, Microsoft and 1 more | 4 Invision Board, Linux Kernel, All Windows and 1 more | 2026-04-16 | N/A |
| Invision Power Services Invision Board 1.0 through 1.1.1, when a forum is password protected, stores the administrator password in a cookie in plaintext, which could allow remote attackers to gain access. | ||||