Export limit exceeded: 350852 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29922 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-3929 | 1 Xaraya | 1 Xaraya | 2026-04-16 | N/A |
| Directory traversal vulnerability in the create function in xarMLSXML2PHPBackend.php in Xaraya 1.0 allows remote attackers to create directories and overwrite arbitrary files via ".." sequences in the module parameter to index.php. | ||||
| CVE-2000-1157 | 1 Network Associates | 1 Sniffer Agent | 2026-04-16 | N/A |
| Buffer overflow in NAI Sniffer Agent allows remote attackers to execute arbitrary commands via a long SNMP community name. | ||||
| CVE-2004-1609 | 2 Best Software, Saleslogix Corporation | 2 Saleslogix, Saleslogix | 2026-04-16 | N/A |
| SalesLogix 6.1 includes usernames, passwords, and other sensitive information in the headers of an HTTP response, which could allow remote attackers to gain access. | ||||
| CVE-2005-3064 | 1 Multitheftauto | 1 Multitheftauto | 2026-04-16 | N/A |
| MultiTheftAuto 0.5 patch 1 and earlier does not properly verify client privileges when running command 40, which allows remote attackers to change or delete the message of the day (motd.txt). | ||||
| CVE-2000-1158 | 1 Network Associates | 1 Sniffer Agent | 2026-04-16 | N/A |
| NAI Sniffer Agent uses base64 encoding for authentication, which allows attackers to sniff the network and easily decrypt usernames and passwords. | ||||
| CVE-2004-1610 | 2 Best Software, Saleslogix Corporation | 2 Saleslogix, Saleslogix | 2026-04-16 | N/A |
| SalesLogix 6.1 uses client-specified pathnames for writing certain files, which might allow remote authenticated users to create arbitrary files and execute code via the (1) vMME.AttachmentPath or (2) vMME.LibraryPath variables. | ||||
| CVE-2005-3636 | 1 Sap | 1 Sap Web Application Server | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in SAP Web Application Server (WAS) 6.10 allows remote attackers to inject arbitrary web script or HTML via Error Pages. | ||||
| CVE-2001-0061 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| procfs in FreeBSD and possibly other operating systems does not properly restrict access to per-process mem and ctl files, which allows local users to gain root privileges by forking a child process and executing a privileged process from the child, while the parent retains access to the child's address space. | ||||
| CVE-2004-1686 | 1 Microsoft | 1 Ie | 2026-04-16 | N/A |
| Internet Explorer 6.0 in Windows XP SP2 allows remote attackers to bypass the Information Bar prompt for ActiveX and Javascript via an XHTML page that contains an Internet Explorer formatted comment between the DOCTYPE tag and the HTML tag, as demonstrated using the DesignScience MathPlayer ActiveX plugin. | ||||
| CVE-2005-3089 | 2 Mozilla, Redhat | 2 Firefox, Enterprise Linux | 2026-04-16 | N/A |
| Firefox 1.0.6 allows attackers to cause a denial of service (crash) via a Proxy Auto-Config (PAC) script that uses an eval statement. NOTE: it is not clear whether an untrusted party has any role in triggering this issue, so it might not be a vulnerability. | ||||
| CVE-2001-0062 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| procfs in FreeBSD and possibly other operating systems allows local users to cause a denial of service by calling mmap on the process' own mem file, which causes the kernel to hang. | ||||
| CVE-2001-0063 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| procfs in FreeBSD and possibly other operating systems allows local users to bypass access control restrictions for a jail environment and gain additional privileges. | ||||
| CVE-2001-0064 | 1 Alt-n | 1 Mdaemon | 2026-04-16 | N/A |
| Webconfig, IMAP, and other services in MDaemon 3.5.0 and earlier allows remote attackers to cause a denial of service via a long URL terminated by a "\r\n" string. | ||||
| CVE-2001-0065 | 1 Max-wilhelm Bruker | 1 Bftpd | 2026-04-16 | N/A |
| Buffer overflow in bftpd 1.0.13 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long SITE CHOWN command. | ||||
| CVE-2001-0066 | 2 Kevin Lindsay, Redhat | 2 Secure Locate, Linux | 2026-04-16 | N/A |
| Secure Locate (slocate) allows local users to corrupt memory via a malformed database file that specifies an offset value that accesses memory outside of the intended buffer. | ||||
| CVE-2004-1687 | 1 Snitz Communications | 1 Snitz Forums 2000 | 2026-04-16 | N/A |
| CRLF injection vulnerability in down.asp for Snitz Forums 2000 3.4.04 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the location parameter. | ||||
| CVE-2001-0067 | 1 Judd Montgomery | 1 Jpilot | 2026-04-16 | N/A |
| The installation of J-Pilot creates the .jpilot directory with the user's umask, which could allow local attackers to read other users' PalmOS backup information if their umasks are not securely set. | ||||
| CVE-2004-1688 | 1 Tech-noel | 1 Pigeon Server | 2026-04-16 | N/A |
| Pigeon Server 3.02.0143 and earlier allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a long login name sent to port 3103. | ||||
| CVE-2001-0068 | 1 Apple | 1 Mac Os Runtime For Java | 2026-04-16 | N/A |
| Mac OS Runtime for Java (MRJ) 2.2.3 allows remote attackers to use malicious applets to read files outside of the CODEBASE context via the ARCHIVE applet parameter. | ||||
| CVE-2001-0069 | 1 Debian | 1 Debian Linux | 2026-04-16 | N/A |
| dialog before 0.9a-20000118-3bis in Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack. | ||||