Export limit exceeded: 347488 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 347488 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (347488 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-3015 | 1 Ibm | 2 Lotus Domino, Lotus Domino Enterprise Server | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in IBM Lotus Domino 6.5.2 allows remote attackers to inject arbitrary web script or HTML via the (1) BaseTarget or (2) Src parameters. | ||||
| CVE-2000-1101 | 1 Texas Imperial Software | 1 Wftpd | 2026-04-16 | N/A |
| Directory traversal vulnerability in Winsock FTPd (WFTPD) 3.00 and 2.41 with the "Restrict to home directory" option enabled allows local users to escape the home directory via a "/../" string, a variation of the .. (dot dot) attack. | ||||
| CVE-2004-0827 | 9 Conectiva, Enlightenment, Imagemagick and 6 more | 14 Linux, Imlib, Imlib2 and 11 more | 2026-04-16 | N/A |
| Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3) DIB files. | ||||
| CVE-2000-1102 | 1 Ptlink | 2 Ptlink Irc Services, Ptlink Ircd | 2026-04-16 | N/A |
| PTlink IRCD 3.5.3 and PTlink Services 1.8.1 allow remote attackers to cause a denial of service (server crash) via "mode +owgscfxeb" and "oper" commands. | ||||
| CVE-2004-0839 | 3 Avaya, Microsoft, Nortel | 18 Definity One Media Server, Ip600 Media Servers, Modular Messaging Message Storage Server and 15 more | 2026-04-16 | N/A |
| Internet Explorer in Windows XP SP2, and other versions including 5.01 and 5.5, allows remote attackers to install arbitrary programs via a web page that uses certain styles and the AnchorClick behavior, popup windows, and drag-and-drop capabilities to drop the program in the local startup folder, as demonstrated by "wottapoop.html". | ||||
| CVE-2000-1103 | 1 Bsdi | 1 Bsd Os | 2026-04-16 | N/A |
| rcvtty in BSD 3.0 and 4.0 does not properly drop privileges before executing a script, which allows local attackers to gain privileges by specifying an alternate Trojan horse script on the command line. | ||||
| CVE-2004-0905 | 5 Conectiva, Mozilla, Netscape and 2 more | 10 Linux, Firefox, Mozilla and 7 more | 2026-04-16 | N/A |
| Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to perform cross-domain scripting and possibly execute arbitrary code by convincing a user to drag and drop javascript: links to a frame or page in another domain. | ||||
| CVE-2000-1104 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2026-04-16 | N/A |
| Variant of the "IIS Cross-Site Scripting" vulnerability as originally discussed in MS:MS00-060 (CVE-2000-0746) allows a malicious web site operator to embed scripts in a link to a trusted site, which are returned without quoting in an error message back to the client. The client then executes those scripts in the same context as the trusted site. | ||||
| CVE-2005-3016 | 1 Francisco Burzi | 1 Php-nuke | 2026-04-16 | N/A |
| Multiple unspecified vulnerabilities in the WYSIWYG editor in PHP-Nuke before 7.9 Final have unknown impact and attack vectors. | ||||
| CVE-2000-1105 | 1 Microsoft | 1 Indexing Service | 2026-04-16 | N/A |
| The ixsso.query ActiveX Object is marked as safe for scripting, which allows malicious web site operators to embed a script that remotely determines the existence of files on visiting Windows 2000 systems that have Indexing Services enabled. | ||||
| CVE-2004-0745 | 2 Redhat, Tsugio Okamoto | 2 Enterprise Linux, Lha | 2026-04-16 | N/A |
| LHA 1.14 and earlier allows attackers to execute arbitrary commands via a directory with shell metacharacters in its name. | ||||
| CVE-2000-1058 | 1 Hp | 1 Openview Network Node Manager | 2026-04-16 | N/A |
| Buffer overflow in OverView5 CGI program in HP OpenView Network Node Manager (NNM) 6.1 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, in the SNMP service (snmp.exe), aka the "Java SNMP MIB Browser Object ID parsing problem." | ||||
| CVE-2005-2991 | 1 Ncompress | 1 Ncompress | 2026-04-16 | 5.0 Medium |
| ncompress 4.2.4 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files using (1) zdiff or (2) zcmp, a different vulnerability than CVE-2004-0970. | ||||
| CVE-2004-0742 | 1 Sun | 1 Java System Calendar Server | 2026-04-16 | N/A |
| Sun Java System Portal Server 6.2 (formerly Sun ONE) allows remote authenticated users to obtain Calendar Server privileges and modify Calendar data by changing the display options to a non-default view. | ||||
| CVE-2000-1057 | 1 Hp | 1 Openview Network Node Manager | 2026-04-16 | N/A |
| Vulnerabilities in database configuration scripts in HP OpenView Network Node Manager (NNM) 6.1 and earlier allows local users to gain privileges, possibly via insecure permissions. | ||||
| CVE-2000-1056 | 1 Cisco | 1 Secure Access Control Server | 2026-04-16 | N/A |
| CiscoSecure ACS Server 2.4(2) and earlier allows remote attackers to bypass LDAP authentication on the server if the LDAP server allows null passwords. | ||||
| CVE-2000-1055 | 1 Cisco | 1 Secure Access Control Server | 2026-04-16 | N/A |
| Buffer overflow in CiscoSecure ACS Server 2.4(2) and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a large TACACS+ packet. | ||||
| CVE-2005-3585 | 1 Phpwebthings | 1 Phpwebthings | 2026-04-16 | N/A |
| SQL injection vulnerability in forum.php in PhpWebThings 1.4.4 allows remote attackers to execute arbitrary SQL commands via the forum parameter. | ||||
| CVE-2005-2986 | 1 Ahnlab | 3 V3 Virusblock 2005, V3net, V3pro 2004 | 2026-04-16 | N/A |
| The v3flt2k.sys driver in AhnLab V3Pro 2004 Build 6.0.0.383, V3 VirusBlock 2005 Build 6.0.0.383, V3Net for Windows Server 6.0 Build 6.0.0.383 does not properly validate the source of the DeviceIoControl commands, which allows remote attackers to gain privileges. | ||||
| CVE-2004-0741 | 1 Lionmax Software | 1 Www File Share Pro | 2026-04-16 | N/A |
| LionMax Software WWW File Share Pro 2.60 allows remote attackers to cause a denial of service (crash or hang) via a long URL, possibly triggering a buffer overflow. | ||||