Export limit exceeded: 29914 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29914 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2000-0464 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| Internet Explorer 4.x and 5.x allows remote attackers to execute arbitrary commands via a buffer overflow in the ActiveX parameter parsing capability, aka the "Malformed Component Attribute" vulnerability. | ||||
| CVE-2000-0398 | 1 Rockliffe | 1 Mailsite | 2026-04-16 | N/A |
| Buffer overflow in wconsole.dll in Rockliffe MailSite Management Agent allows remote attackers to execute arbitrary commands via a long query_string parameter in the HTTP GET request. | ||||
| CVE-2000-0394 | 1 Axent | 1 Netprowler | 2026-04-16 | N/A |
| NetProwler 3.0 allows remote attackers to cause a denial of service by sending malformed IP packets that trigger NetProwler's Man-in-the-Middle signature. | ||||
| CVE-2000-0393 | 1 Kde | 1 Kde | 2026-04-16 | N/A |
| The KDE kscd program does not drop privileges when executing a program specified in a user's SHELL environmental variable, which allows the user to gain privileges by specifying an alternate program to execute. | ||||
| CVE-2002-1425 | 1 John G. Myers | 1 Mpack | 2026-04-16 | N/A |
| Directory traversal vulnerability in munpack in mpack 1.5 and earlier allows remote attackers to create new files in the parent directory via a ../ (dot-dot) sequence in the filename to be extracted. | ||||
| CVE-2002-1521 | 1 Mdg Computer Services | 1 Web Server 4d | 2026-04-16 | N/A |
| Web Server 4D (WS4D) 3.6 stores passwords in plaintext in the Ws4d.4DD file, which allows attackers to gain privileges. | ||||
| CVE-2006-3006 | 1 Ifoto | 1 Ifoto | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in iFoto 0.20, and possibly other versions before 0.50, allows remote attackers to inject arbitrary HTML or web script via a base64-encoded file parameter. | ||||
| CVE-2005-3924 | 1 Randshop | 1 Randshop | 2026-04-16 | N/A |
| SQL injection vulnerability in themes/kategorie/index.php in Randshop allows remote attackers to execute arbitrary SQL commands via the (1) kategorieid and (2) katid parameters. | ||||
| CVE-2002-1534 | 1 Macromedia | 1 Flash Player | 2026-04-16 | N/A |
| Macromedia Flash Player allows remote attackers to read arbitrary files via XML script in a .swf file that is hosted on a remote SMB share. | ||||
| CVE-2002-1547 | 1 Juniper | 1 Netscreen Screenos | 2026-04-16 | N/A |
| Netscreen running ScreenOS 4.0.0r6 and earlier allows remote attackers to cause a denial of service via a malformed SSH packet to the Secure Command Shell (SCS) management interface, as demonstrated via certain CRC32 exploits, a different vulnerability than CVE-2001-0144. | ||||
| CVE-2002-1348 | 2 Redhat, W3m | 3 Enterprise Linux, Linux, W3m | 2026-04-16 | N/A |
| w3m before 0.3.2.2 does not properly escape HTML tags in the ALT attribute of an IMG tag, which could allow remote attackers to access files or cookies. | ||||
| CVE-2003-0004 | 1 Microsoft | 1 Windows Xp | 2026-04-16 | N/A |
| Buffer overflow in the Windows Redirector function in Microsoft Windows XP allows local users to execute arbitrary code via a long parameter. | ||||
| CVE-2003-1022 | 1 Debian | 1 Fsp | 2026-04-16 | N/A |
| Directory traversal vulnerability in fsp before 2.81.b18 allows remote users to access files outside the FSP root directory. | ||||
| CVE-2005-2214 | 1 Debian | 1 Apt-setup | 2026-04-16 | N/A |
| apt-setup in Debian GNU/Linux installs the apt.conf file with insecure permissions, which allows local users to obtain sensitive information such as passwords. | ||||
| CVE-2002-1511 | 3 Att, Redhat, Tightvnc | 4 Vnc, Enterprise Linux, Linux and 1 more | 2026-04-16 | N/A |
| The vncserver wrapper for vnc before 3.3.3r2-21 uses the rand() function instead of srand(), which causes vncserver to generate weak cookies. | ||||
| CVE-2005-0838 | 1 Icecast | 1 Icecast | 2026-04-16 | N/A |
| Multiple buffer overflows in the XSL parser for IceCast 2.20 may allow attackers to cause a denial of service and possibly execute arbitrary code via (1) a long test value in an xsl:when tag, (2) a long test value in an xsl:if tag, or (3) a long select value in an xsl:value-of tag. | ||||
| CVE-2000-0760 | 1 Apache | 1 Tomcat | 2026-04-16 | N/A |
| The Snoop servlet in Jakarta Tomcat 3.1 and 3.0 under Apache reveals sensitive system information when a remote attacker requests a nonexistent URL with a .snp extension. | ||||
| CVE-2000-0427 | 1 Aladdin Knowledge Systems | 1 Etoken | 2026-04-16 | N/A |
| The Aladdin Knowledge Systems eToken device allows attackers with physical access to the device to obtain sensitive information without knowing the PIN of the owner by resetting the PIN in the EEPROM. | ||||
| CVE-2005-0837 | 1 Icecast | 1 Icecast | 2026-04-16 | N/A |
| IceCast 2.20 allows remote attackers to bypass the XSL parser and obtain the source for XSL files via a request for a .xsl file with a trailing . (dot). | ||||
| CVE-2002-1509 | 1 Redhat | 2 Enterprise Linux, Linux | 2026-04-16 | N/A |
| A patch for shadow-utils 20000902 causes the useradd command to create a mail spool files with read/write privileges of the new user's group (mode 660), which allows other users in the same group to read or modify the new user's incoming email. | ||||