Search Results (365359 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-2401 1 Php Fusion 1 Php Fusion 2026-04-16 N/A
PHP-Fusion allows remote attackers to inject arbitrary Cascading Style Sheets (CSS) via the BBCode color tag.
CVE-2001-0755 1 Debian 1 Debian Linux 2026-04-16 N/A
Buffer overflow in ftp daemon (ftpd) 6.2 in Debian GNU/Linux allows attackers to cause a denial of service and possibly execute arbitrary code via a long SITE command.
CVE-2005-2397 1 Gnu 1 Phpbook 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in guestbook.php in phpBook 1.46 allows remote attackers to inject arbitrary web script or HTML via the admin parameter.
CVE-2001-0752 1 Cisco 1 Cbos 2026-04-16 N/A
Cisco CBOS 2.3.8 and earlier allows remote attackers to cause a denial of service via an ICMP ECHO REQUEST (ping) with the IP Record Route option set.
CVE-2001-0751 1 Cisco 1 Cbos 2026-04-16 N/A
Cisco switches and routers running CBOS 2.3.8 and earlier use predictable TCP Initial Sequence Numbers (ISN), which allows remote attackers to spoof or hijack TCP connections.
CVE-2001-0750 1 Cisco 1 Ios 2026-04-16 N/A
Cisco IOS 12.1(2)T, 12.1(3)T allow remote attackers to cause a denial of service (reload) via a connection to TCP ports 3100-3999, 5100-5999, 7100-7999 and 10100-10999.
CVE-2005-0444 1 Vmware 1 Workstation 2026-04-16 N/A
VMware before 4.5.2.8848-r5 searches for gdk-pixbuf shared libraries using a path that includes the rrdharan world-writable temporary directory, which allows local users to execute arbitrary code.
CVE-2001-0747 1 Iplanet 1 Iplanet Web Server 2026-04-16 N/A
Buffer overflow in iPlanet Web Server (iWS) Enterprise Edition 4.1, service packs 3 through 7, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long method name in an HTTP request.
CVE-2005-0406 1 Image Processing Project 1 Image Processing 2026-04-16 5.5 Medium
A design flaw in image processing software that modifies JPEG images might not modify the original EXIF thumbnail, which could lead to an information leak of potentially sensitive visual information that had been removed from the main JPEG image.
CVE-2005-2393 1 Cutephp 1 Cutenews 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in CuteNews 1.3.6 allows remote attackers to inject arbitrary web script or HTML via (1) the lastusername parameter to index.php or (2) selected_search_arch parameter to search.php.
CVE-2001-0730 2 Apache, Redhat 3 Http Server, Linux, Secure Web Server 2026-04-16 N/A
split-logfile in Apache 1.3.20 allows remote attackers to overwrite arbitrary files that end in the .log extension via an HTTP request with a / (slash) in the Host: header.
CVE-2001-0740 1 3com 2 3c840-us, 3cp4144 2026-04-16 N/A
3COM OfficeConnect 812 and 840 ADSL Router 4.2, running OCR812 router software 1.1.9 and earlier, allows remote attackers to cause a denial of service via a long string containing a large number of "%s" strings, possibly triggering a format string vulnerability.
CVE-2001-0728 1 Compaq 1 Management Agents 2026-04-16 N/A
Buffer overflow in Compaq Management Agents before 5.2, included in Compaq Web-enabled Management Software, allows local users to gain privileges.
CVE-2001-0723 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Internet Explorer 5.5 and 6.0 allows remote attackers to read and modify user cookies via Javascript, aka the "Second Cookie Handling Vulnerability."
CVE-2001-0717 1 Tooltalk 1 Tooltalk Database Server 2026-04-16 N/A
Format string vulnerability in ToolTalk database server rpc.ttdbserverd allows remote attackers to execute arbitrary commands via format string specifiers that are passed to the syslog function.
CVE-2005-0385 1 Frank Mcingvale 1 Luxman 2026-04-16 N/A
Buffer overflow in luxman before 0.41, if used with certain insecure svgalib libraries, allows local users to execute arbitrary code via a long -f command line argument.
CVE-2001-0708 1 Denicomp 1 Rexecd 2026-04-16 N/A
Denicomp REXECD 1.05 and earlier allows a remote attacker to cause a denial of service (crash) via a long string.
CVE-2001-0706 1 Maxum Development Corporation 1 Rumpus Ftp Server 2026-04-16 N/A
Maximum Rumpus FTP Server 2.0.3 dev and before allows an attacker to cause a denial of service (crash) via a mkdir command that specifies a large number of sub-folders.
CVE-2001-0703 1 Arcadia 1 Arcadia Internet Store 2026-04-16 N/A
tradecli.dll in Arcadia Internet Store 1.0 allows a remote attacker to cause a denial of service via a URL request with an MS-DOS device name in the template parameter.
CVE-2001-0700 1 W3m 1 W3m 2026-04-16 N/A
Buffer overflow in w3m 0.2.1 and earlier allows a remote attacker to execute arbitrary code via a long base64 encoded MIME header.