Export limit exceeded: 29925 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29925 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-1685 | 1 Smc Networks | 2 Smc7004vwbr, Smc7008abr | 2026-04-16 | N/A |
| SMC routers SMC7004VWBR running firmware 1.00.014 and SMC7008ABR EU running firmware 1.42.003 allow remote attackers to bypass authentication by connecting to it from the same IP address as the administrator who is logged in, then accessing the setup_status.htm or status.HTM pages. | ||||
| CVE-2005-3931 | 1 Asp-rider | 1 Asp-rider | 2026-04-16 | N/A |
| SQL injection vulnerability in default.asp in ASP-Rider 1.6 allows remote attackers to execute arbitrary SQL commands via the HTTP referer. | ||||
| CVE-2005-3932 | 1 O-kiraku Nikki | 1 O-kiraku Nikki | 2026-04-16 | N/A |
| SQL injection vulnerability in okiraku.php in O-Kiraku Nikki 1.3 and earlier allows remote attackers to execute arbitrary SQL commands via the day_id parameter. | ||||
| CVE-2001-0061 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| procfs in FreeBSD and possibly other operating systems does not properly restrict access to per-process mem and ctl files, which allows local users to gain root privileges by forking a child process and executing a privileged process from the child, while the parent retains access to the child's address space. | ||||
| CVE-2004-1686 | 1 Microsoft | 1 Ie | 2026-04-16 | N/A |
| Internet Explorer 6.0 in Windows XP SP2 allows remote attackers to bypass the Information Bar prompt for ActiveX and Javascript via an XHTML page that contains an Internet Explorer formatted comment between the DOCTYPE tag and the HTML tag, as demonstrated using the DesignScience MathPlayer ActiveX plugin. | ||||
| CVE-2005-3089 | 2 Mozilla, Redhat | 2 Firefox, Enterprise Linux | 2026-04-16 | N/A |
| Firefox 1.0.6 allows attackers to cause a denial of service (crash) via a Proxy Auto-Config (PAC) script that uses an eval statement. NOTE: it is not clear whether an untrusted party has any role in triggering this issue, so it might not be a vulnerability. | ||||
| CVE-2001-0062 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| procfs in FreeBSD and possibly other operating systems allows local users to cause a denial of service by calling mmap on the process' own mem file, which causes the kernel to hang. | ||||
| CVE-2004-1729 | 1 Nihuo Software | 1 Web Log Analyzer | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Nihuo Web Log Analyzer 1.6 allows remote attackers to inject arbitrary web script or HTML via the User-Agent HTTP header. | ||||
| CVE-2001-0154 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| HTML e-mail feature in Internet Explorer 5.5 and earlier allows attackers to execute attachments by setting an unusual MIME type for the attachment, which Internet Explorer does not process correctly. | ||||
| CVE-2004-1731 | 1 Mantis | 1 Mantis | 2026-04-16 | N/A |
| signup_page.php in Mantis bugtracker allows remote attackers to send e-mail bombs by creating multiple users and providing the same e-mail address. | ||||
| CVE-2001-0165 | 1 Sun | 2 Solaris, Sunos | 2026-04-16 | N/A |
| Buffer overflow in ximp40 shared library in Solaris 7 and Solaris 8 allows local users to gain privileges via a long "arg0" (process name) argument. | ||||
| CVE-2001-0166 | 1 Macromedia | 1 Shockwave Flash Plugin | 2026-04-16 | N/A |
| Macromedia Shockwave Flash plugin version 8 and earlier allows remote attackers to cause a denial of service via malformed tag length specifiers in a SWF file. | ||||
| CVE-2001-0168 | 1 Att | 1 Winvnc | 2026-04-16 | N/A |
| Buffer overflow in AT&T WinVNC (Virtual Network Computing) server 3.3.3r7 and earlier allows remote attackers to execute arbitrary commands via a long HTTP GET request when the DebugLevel registry key is greater than 0. | ||||
| CVE-2004-1732 | 1 Mydms | 1 Mydms | 2026-04-16 | N/A |
| SQL injection vulnerability in out.ViewFolder.php in MyDMS before 1.4.2 allows remote attackers to execute arbitrary SQL commands via the folderid parameter. | ||||
| CVE-2001-0173 | 2 Nobreak Technologies, Qdecoder | 2 Crazywwwboard, Qdecoder | 2026-04-16 | N/A |
| Buffer overflow in qDecoder library 5.08 and earlier, as used in CrazyWWWBoard, CrazySearch, and other CGI programs, allows remote attackers to execute arbitrary commands via a long MIME Content-Type header. | ||||
| CVE-2004-1733 | 1 Mydms | 1 Mydms | 2026-04-16 | N/A |
| Directory traversal vulnerability in MyDMS 1.4.2 and other versions allows remote registered users to read arbitrary files via .. (dot dot) sequences in the URL. | ||||
| CVE-2005-3097 | 1 Avi Alkalay | 1 Contribute.cgi | 2026-04-16 | N/A |
| Directory traversal vulnerability in Avi Alkalay contribute.cgi (aka contribute.pl), dated 16 Jun 2002, allows remote attackers to overwrite arbitrary files via ".." sequences in the contribdir variable. | ||||
| CVE-2005-3643 | 1 Ibm | 1 Db2 Universal Database | 2026-04-16 | N/A |
| IBM DB2 Database server running on Windows XP with Simple File Sharing enabled, allows remote attackers to bypass authentication and log on to the guest account without supplying a password. | ||||
| CVE-2001-0174 | 1 Trend Micro | 1 Virus Buster 2001 | 2026-04-16 | N/A |
| Buffer overflow in Trend Micro Virus Buster 2001 8.00 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a large "To" address. | ||||
| CVE-2004-1739 | 1 Bird Chat | 1 Internet Chat Server | 2026-04-16 | N/A |
| Bird Chat 1.61 allows remote attackers to cause a denial of service (crash) via invalid users. | ||||