Export limit exceeded: 347143 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 347143 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 347143 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (347143 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-1683 | 1 Qnx | 1 Rtos | 2026-04-16 | N/A |
| A race condition in crrtrap for QNX RTP 6.1 allows local users to gain privileges by modifying the PATH environment variable to reference a malicious io-graphics program before is executed by crrtrap. | ||||
| CVE-2005-3088 | 2 Fetchmail, Redhat | 2 Fetchmail, Enterprise Linux | 2026-04-16 | N/A |
| fetchmailconf before 1.49 in fetchmail 6.2.0, 6.2.5 and 6.2.5.2 creates configuration files with insecure world-readable permissions, which allows local users to obtain sensitive information such as passwords. | ||||
| CVE-2001-0057 | 1 Cisco | 2 Broadband Operating System, Cisco 6xx Routers | 2026-04-16 | N/A |
| Cisco 600 routers running CBOS 2.4.1 and earlier allow remote attackers to cause a denial of service via a large ICMP echo (ping) packet. | ||||
| CVE-2001-0058 | 1 Cisco | 2 Broadband Operating System, Cisco 6xx Routers | 2026-04-16 | N/A |
| The Web interface to Cisco 600 routers running CBOS 2.4.1 and earlier allow remote attackers to cause a denial of service via a URL that does not end in a space character. | ||||
| CVE-2001-0059 | 1 Sun | 1 Sunos | 2026-04-16 | N/A |
| patchadd in Solaris allows local users to overwrite arbitrary files via a symlink attack. | ||||
| CVE-2004-1684 | 1 Zyxel | 2 Prestige, Zynos | 2026-04-16 | N/A |
| Zyxel P681 running ZyNOS Vt020225a contains portions of memory in an ARP request, which allows remote attackers to obtain sensitive information by sniffing the network. | ||||
| CVE-2001-0060 | 2 Redhat, Stunnel | 2 Linux, Stunnel | 2026-04-16 | N/A |
| Format string vulnerability in stunnel 3.8 and earlier allows attackers to execute arbitrary commands via a malformed ident username. | ||||
| CVE-2004-1685 | 1 Smc Networks | 2 Smc7004vwbr, Smc7008abr | 2026-04-16 | N/A |
| SMC routers SMC7004VWBR running firmware 1.00.014 and SMC7008ABR EU running firmware 1.42.003 allow remote attackers to bypass authentication by connecting to it from the same IP address as the administrator who is logged in, then accessing the setup_status.htm or status.HTM pages. | ||||
| CVE-2005-3931 | 1 Asp-rider | 1 Asp-rider | 2026-04-16 | N/A |
| SQL injection vulnerability in default.asp in ASP-Rider 1.6 allows remote attackers to execute arbitrary SQL commands via the HTTP referer. | ||||
| CVE-2005-3932 | 1 O-kiraku Nikki | 1 O-kiraku Nikki | 2026-04-16 | N/A |
| SQL injection vulnerability in okiraku.php in O-Kiraku Nikki 1.3 and earlier allows remote attackers to execute arbitrary SQL commands via the day_id parameter. | ||||
| CVE-2005-3869 | 1 Google | 1 Api Search | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Google API Search 1.3.1 and earlier allows remote attackers to inject arbitrary web script or HTML via hex-encoded values in the REQ parameter. | ||||
| CVE-2005-3775 | 1 Pollvote | 1 Pollvote | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in pollvote.php in PollVote allows remote attackers to include arbitrary files via a URL in the pollname parameter. | ||||
| CVE-2005-3618 | 1 Vmware | 1 Esx | 2026-04-16 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the management interface for VMware ESX Server 2.0.x before 2.0.2 patch 1, 2.1.x before 2.1.3 patch 1, and 2.x before 2.5.3 patch 2 allows allows remote attackers to perform unauthorized actions as the administrator via URLs, as demonstrated using the setUsr operation to change a password. NOTE: this issue can be leveraged with CVE-2005-3619 to automatically perform the attacks. | ||||
| CVE-2005-3023 | 1 Jelsoft | 1 Vbulletin | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in vBulletin 3.0.9 and earlier allow remote attackers to inject arbitrary web script or HTML via certain arguments to (1) announcement.php, (2) admincalendar.php, (3) bbcode.php, (4) cronadmin.php, (5) email.php, (6) faq.php, (7) forum.php, (8) image.php, (9) language.php, (10) ranks.php, (11) replacement.php, (12) replacement.php, (13) template.php, (14) template.php, (15) usergroup.php, or (16) usertitle.php. | ||||
| CVE-2004-1235 | 7 Avaya, Conectiva, Linux and 4 more | 20 Converged Communications Server, Intuity Audix, Mn100 and 17 more | 2026-04-16 | N/A |
| Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor. | ||||
| CVE-2000-1109 | 1 Midnight Commander | 1 Midnight Commander | 2026-04-16 | N/A |
| Midnight Commander (mc) 4.5.51 and earlier does not properly process malformed directory names when a user opens a directory, which allows other local users to gain privileges by creating directories that contain special characters followed by the commands to be executed. | ||||
| CVE-2005-3918 | 1 Ovbb | 1 Ovbb | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in OvBB 0.08a allow remote attackers to execute arbitrary SQL commands via the (1) threadid parameter to thread.php and (2) userid parameter to profile.php. NOTE: the vendor disputes these issues, saying "these reports are completely unsubstantial. | ||||
| CVE-2005-3868 | 1 Turn-k | 1 K-search | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in K-Search 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) term, (2) id, (3) stat, and (4) source parameters to index.php, and (5) through the image parameters with an add request. | ||||
| CVE-2005-3774 | 1 Cisco | 1 Pix | 2026-04-16 | N/A |
| Cisco PIX 6.3 and 7.0 allows remote attackers to cause a denial of service (blocked new connections) via spoofed TCP packets that cause the PIX to create embryonic connections that that would not produce a valid connection with the end system, including (1) SYN packets with invalid checksums, which do not result in a RST; or, from an external interface, (2) one byte of "meaningless data," or (3) a TTL that is one less than needed to reach the internal destination. | ||||
| CVE-2005-3596 | 1 Iisworks | 1 Aspknowledgebase | 2026-04-16 | N/A |
| SQL injection vulnerability in ASPKnowledgebase allows remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) username and (2) password fields in adminlogin.asp. | ||||