Export limit exceeded: 347774 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 347774 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (347774 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-0732 | 1 Francisco Burzi | 1 Php-nuke | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php in the Search module for Php-Nuke allows remote attackers to execute arbitrary SQL statements via the instory parameter. | ||||
| CVE-2000-1021 | 1 Alt-n | 1 Mdaemon | 2026-04-16 | N/A |
| Heap overflow in WebConfig in Mdaemon 3.1.1 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long URL. | ||||
| CVE-2004-0731 | 1 Francisco Burzi | 1 Php-nuke | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in the Search module for Php-Nuke allows remote attackers to inject arbitrary script as other users via the input field. | ||||
| CVE-2000-1020 | 1 Alt-n | 1 Mdaemon | 2026-04-16 | N/A |
| Heap overflow in Worldclient in Mdaemon 3.1.1 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long URL. | ||||
| CVE-2005-2855 | 1 Unclassified Newsboard | 1 Unclassified Newsboard | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Unclassified NewsBoard 1.5.3 allows remote attackers to inject arbitrary web script or HTML via the description field. | ||||
| CVE-2005-3546 | 1 F-secure | 2 F-secure Anti-virus, Internet Gatekeeper | 2026-04-16 | N/A |
| suid.cgi scripts in F-Secure (1) Internet Gatekeeper for Linux before 2.15.484 and (2) Anti-Virus Linux Gateway before 2.16 are installed SUID with world-executable permissions, which allows local users to gain privilege. | ||||
| CVE-2000-0881 | 1 Plus Technologies | 1 Lpplus | 2026-04-16 | N/A |
| The dccscan setuid program in LPPlus does not properly check if the user has the permissions to print the file that is specified to dccscan, which allows local users to print arbitrary files. | ||||
| CVE-2004-0537 | 1 Opera | 1 Opera Browser | 2026-04-16 | N/A |
| Opera 7.50 and earlier allows remote web sites to provide a "Shortcut Icon" (favicon) that is wider than expected, which could allow the web sites to spoof a trusted domain and facilitate phishing attacks using a wide icon and extra spaces. | ||||
| CVE-2005-2856 | 1 Winace | 1 Winace | 2026-04-16 | N/A |
| Stack-based buffer overflow in the WinACE UNACEV2.DLL third-party compression utility before 2.6.0.0, as used in multiple products including (1) ALZip 5.51 through 6.11, (2) Servant Salamander 2.0 and 2.5 Beta 1, (3) WinHKI 1.66 and 1.67, (4) ExtractNow 3.x, (5) Total Commander 6.53, (6) Anti-Trojan 5.5.421, (7) PowerArchiver before 9.61, (8) UltimateZip 2.7,1, 3.0.3, and 3.1b, (9) Where Is It (WhereIsIt) 3.73.501, (10) FilZip 3.04, (11) IZArc 3.5 beta3, (12) Eazel 1.0, (13) Rising Antivirus 18.27.21 and earlier, (14) AutoMate 6.1.0.0, (15) BitZipper 4.1 SR-1, (16) ZipTV, and other products, allows user-assisted attackers to execute arbitrary code via a long filename in an ACE archive. | ||||
| CVE-2005-3547 | 1 Invision Power Services | 1 Invision Board | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Invision Power Board 2.1 allows remote attackers to inject arbitrary web script or HTML via the (1) adsess, (2) name, and (3) description parameters in admin.php, and the (4) ACP Notes, (5) Member Name, (6) Password, (7) Email Address, (8) Components, and multiple other input fields. | ||||
| CVE-2005-3747 | 1 Mortbay | 1 Jetty | 2026-04-16 | N/A |
| Unspecified vulnerability in Jetty before 5.1.6 allows remote attackers to obtain source code of JSP pages, possibly involving requests for .jsp files with URL-encoded backslash ("%5C") characters. NOTE: this might be the same issue as CVE-2006-2758. | ||||
| CVE-2000-0882 | 1 Intel | 4 Express 510t, Express 520t, Express 550f and 1 more | 2026-04-16 | N/A |
| Intel Express 500 series switches allow a remote attacker to cause a denial of service via a malformed ICMP packet, which causes the CPU to crash. | ||||
| CVE-2004-0538 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| LaunchServices in Mac OS X 10.3.4 and 10.2.8 automatically registers and executes new applications, which could allow attackers to execute arbitrary code without warning the user. | ||||
| CVE-2005-2859 | 1 Savant | 1 Savant Webserver | 2026-04-16 | N/A |
| Savant Web Server stores user credentials in plaintext in the Savant\Users registry key, which allows local users to gain privileges. | ||||
| CVE-2005-3548 | 1 Invision Power Services | 1 Invision Board | 2026-04-16 | N/A |
| Directory traversal vulnerability in Task Manager in Invision Power Board (IP.Board) 2.0.1 allows limited remote attackers to include files via a .. (dot dot) in the "Task PHP File To Run" field. | ||||
| CVE-2000-0883 | 1 Mandrakesoft | 1 Mandrake Linux | 2026-04-16 | N/A |
| The default configuration of mod_perl for Apache as installed on Mandrake Linux 6.1 through 7.1 sets the /perl/ directory to be browseable, which allows remote attackers to list the contents of that directory. | ||||
| CVE-2004-0539 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| The "Show in Finder" button in the Safari web browser in Mac OS X 10.3.4 and 10.2.8 may execute downloaded applications, which could allow remote attackers to execute arbitrary code. | ||||
| CVE-2005-2860 | 1 Nikto | 1 Nikto | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Nikto 1.35 and earlier allows remote attackers to inject arbitrary web script or HTML via the Server field in an HTTP response header, which is directly injected into an HTML report. | ||||
| CVE-2005-3549 | 1 Invision Power Services | 1 Invision Board | 2026-04-16 | N/A |
| Direct code injection vulnerability in Task Manager in Invision Power Board 2.0.1 allows limited remote attackers to execute arbitrary code by referencing the file in "Task PHP File To Run" field and selecting "Run Task Now". | ||||
| CVE-2000-0884 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2026-04-16 | N/A |
| IIS 4.0 and 5.0 allows remote attackers to read documents outside of the web root, and possibly execute arbitrary commands, via malformed URLs that contain UNICODE encoded characters, aka the "Web Server Folder Traversal" vulnerability. | ||||