Export limit exceeded: 349381 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 29914 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29914 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-2330 | 1 Oscommerce | 1 Oscommerce | 2026-04-16 | N/A |
| Directory traversal vulnerability in extras/update.php in osCommerce 2.2 allows remote attackers to read arbitrary files via (1) .. sequences or (2) a full pathname in the readme_file parameter. | ||||
| CVE-2005-0023 | 1 Gnome | 2 Libvte4, Libzvt2 | 2026-04-16 | N/A |
| gnome-pty-helper in GNOME libzvt2 and libvte4 allows local users to spoof the logon hostname via a modified DISPLAY environment variable. NOTE: the severity of this issue has been disputed. | ||||
| CVE-2004-2245 | 1 Goollery | 1 Goollery | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Goollery 0.03 allows remote attackers to inject arbitrary HTML or web script via the (1) page parameter to viewalbum.php or (2) btopage parameter to viewpic.php. | ||||
| CVE-2005-2337 | 2 Redhat, Yukihiro Matsumoto | 2 Enterprise Linux, Ruby | 2026-04-16 | N/A |
| Ruby 1.6.x up to 1.6.8, 1.8.x up to 1.8.2, and 1.9.0 development up to 2005-09-01 allows attackers to bypass safe level and taint flag protections and execute disallowed code when Ruby processes a program through standard input (stdin). | ||||
| CVE-1999-0066 | 1 John S. Roberts | 1 Anyform | 2026-04-16 | 9.8 Critical |
| AnyForm CGI remote execution. | ||||
| CVE-2005-4429 | 1 Cs-cart | 1 Cs-cart | 2026-04-16 | N/A |
| SQL injection vulnerability in CS-Cart 1.3.0 allows remote attackers to execute arbitrary SQL commands via the (1) sort_by and (2) sort_order parameters to index.php. | ||||
| CVE-1999-0499 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2026-04-16 | N/A |
| NETBIOS share information may be published through SNMP registry keys in NT. | ||||
| CVE-2006-1377 | 2 Comoblog Project, Easymoblog | 2 Comoblog, Easymoblog | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in img.php in (1) EasyMoblog 0.5.1 and (2) CoMoblog 1.1 allows remote attackers to inject arbitrary web script or HTML via the i parameter. | ||||
| CVE-2006-0539 | 1 Thibault Godouet | 1 Fcron | 2026-04-16 | N/A |
| The convert-fcrontab program in fcron 3.0.0 might allow local users to gain privileges via a long command-line argument, which causes Linux glibc to report heap memory corruption, possibly because a strcpy in the strdup2 function can "overwrite some data." | ||||
| CVE-2005-2365 | 2 Ethereal Group, Redhat | 2 Ethereal, Enterprise Linux | 2026-04-16 | N/A |
| Unknown vulnerability in the SMB dissector in Ethereal 0.9.0 through 0.10.11 allows remote attackers to cause a buffer overflow or a denial of service (memory consumption) via unknown attack vectors. | ||||
| CVE-2005-3827 | 1 Agileco | 1 Agilebill | 2026-04-16 | N/A |
| SQL injection vulnerability in product_cat in AgileBill 1.4.92 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2003-0123 | 1 Ibm | 2 Lotus Domino, Lotus Notes Client | 2026-04-16 | N/A |
| Buffer overflow in Web Retriever client for Lotus Notes/Domino R4.5 through R6 allows remote malicious web servers to cause a denial of service (crash) via a long HTTP status line. | ||||
| CVE-2003-0104 | 1 Peoplesoft | 1 Peopletools | 2026-04-16 | N/A |
| Directory traversal vulnerability in PeopleTools 8.10 through 8.18, 8.40, and 8.41 allows remote attackers to overwrite arbitrary files via the SchedulerTransfer servlet. | ||||
| CVE-1999-1086 | 1 Novell | 1 Netware | 2026-04-16 | N/A |
| Novell 5 and earlier, when running over IPX with a packet signature level less than 3, allows remote attackers to gain administrator privileges by spoofing the MAC address in IPC fragmented packets that make NetWare Core Protocol (NCP) calls. | ||||
| CVE-2003-1051 | 1 Ibm | 1 Db2 | 2026-04-16 | N/A |
| Multiple format string vulnerabilities in IBM DB2 Universal Database 8.1 may allow local users to execute arbitrary code via certain command line arguments to (1) db2start, (2) db2stop, or (3) db2govd. | ||||
| CVE-1999-1090 | 1 Ncsa | 1 Telnet | 2026-04-16 | N/A |
| The default configuration of NCSA Telnet package for Macintosh and PC enables FTP, even though it does not include an "ftp=yes" line, which allows remote attackers to read and modify arbitrary files. | ||||
| CVE-2003-0059 | 2 Mit, Redhat | 3 Kerberos 5, Enterprise Linux, Linux | 2026-04-16 | N/A |
| Unknown vulnerability in the chk_trans.c of the libkrb5 library for MIT Kerberos V5 before 1.2.5 allows users from one realm to impersonate users in other realms that have the same inter-realm keys. | ||||
| CVE-2003-0062 | 1 Eset Software | 1 Nod32 Antivirus | 2026-04-16 | N/A |
| Buffer overflow in Eset Software NOD32 for UNIX before 1.013 allows local users to execute arbitrary code via a long path name. | ||||
| CVE-2003-0002 | 1 Microsoft | 1 Content Management Server | 2026-04-16 | N/A |
| Cross-site scripting vulnerability (XSS) in ManualLogin.asp script for Microsoft Content Management Server (MCMS) 2001 allows remote attackers to execute arbitrary script via the REASONTXT parameter. | ||||
| CVE-2003-0003 | 1 Microsoft | 4 Windows 2000, Windows 2000 Terminal Services, Windows Nt and 1 more | 2026-04-16 | N/A |
| Buffer overflow in the RPC Locator service for Microsoft Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows local users to execute arbitrary code via an RPC call to the service containing certain parameter information. | ||||