Search Results (364799 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-1036 1 Zoltan Milosevic 1 Fluid Dynamics Search Engine 2026-04-16 N/A
Cross-site scripting vulnerability in search.pl for Fluid Dynamics Search Engine (FDSE) before 2.0.0.0055 allows remote attackers to execute web script via the (1) Rank or (2) Match parameters.
CVE-2003-0787 1 Openbsd 1 Openssh 2026-04-16 N/A
The PAM conversation function in OpenSSH 3.7.1 and 3.7.1p1 interprets an array of structures as an array of pointers, which allows attackers to modify the stack and possibly gain privileges.
CVE-2002-1041 1 Ibm 1 Aix 2026-04-16 N/A
Unknown vulnerability in DCE (1) SMIT panels and (2) configuration commands, possibly related to relative pathnames.
CVE-2003-0905 1 Microsoft 1 Windows Media Services 2026-04-16 N/A
Unknown vulnerability in Windows Media Station Service and Windows Media Monitor Service components of Windows Media Services 4.1 allows remote attackers to cause a denial of service (disallowing new connections) via a certain sequence of TCP/IP packets.
CVE-2002-1043 1 Ultrafunk 1 Popcorn 2026-04-16 N/A
Ultrafunk Popcorn 1.20 allows remote attackers to cause a denial of service (crash) via a malformed Subject ("\t\t").
CVE-2002-1057 1 Smartmax Software 1 Mailmax 2026-04-16 N/A
Buffer overflow in SmartMax MailMax POP3 daemon (popmax) 4.8 allows remote attackers to execute arbitrary code via a long USER command.
CVE-2002-1060 1 Bluecoat 1 Cacheos 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Blue Coat Systems (formerly CacheFlow) CacheOS on Client Accelerator 4.1.06, Security Gateway 2.1.02, and Server Accelerator 4.1.06 allows remote attackers to inject arbitrary web script or HTML via a URL to a nonexistent hostname that includes the HTML, which is inserted into the resulting error page.
CVE-1999-0460 1 Linux 1 Linux Kernel 2026-04-16 N/A
Buffer overflow in Linux autofs module through long directory names allows local users to perform a denial of service.
CVE-2002-1065 1 T. Hauck 1 Jana Web Server 2026-04-16 N/A
Thomas Hauck Jana Server 2.x through 2.2.1, and 1.4.6 and earlier, does not restrict the number of unsuccessful login attempts, which makes it easier for remote attackers to gain privileges via brute force username and password guessing.
CVE-2004-2221 1 Mercantec 1 Softcart 2026-04-16 N/A
Buffer overflow in SoftCart.exe in Mercantec SoftCart 4.00b allows remote attackers to execute arbitrary code via a long parameter in an HTTP GET request.
CVE-2001-0151 1 Microsoft 1 Internet Information Services 2026-04-16 N/A
IIS 5.0 allows remote attackers to cause a denial of service via a series of malformed WebDAV requests.
CVE-2002-1076 1 Ipswitch 1 Imail 2026-04-16 N/A
Buffer overflow in the Web Messaging daemon for Ipswitch IMail before 7.12 allows remote attackers to execute arbitrary code via a long HTTP GET request for HTTP/1.0.
CVE-2001-1194 1 Zyxel 2 Prestige 1600, Prestige 681 2026-04-16 N/A
Zyxel Prestige 681 and 1600 SDSL Routers allow remote attackers to cause a denial of service via malformed packets with (1) an IP length less than actual packet size, or (2) fragmented packets whose size exceeds 64 kilobytes after reassembly.
CVE-2002-1083 1 Visualshapers 1 Ezcontents 2026-04-16 N/A
Directory traversal vulnerabilities in ezContents 1.41 and earlier allow remote attackers to cause ezContents to (1) create directories using the Maintain Images:Add New:Create Subdirectory item, or (2) list directories using the Maintain Images file listing, via .. (dot dot) sequences.
CVE-2006-4256 1 Horde 1 Application Framework 2026-04-16 N/A
index.php in Horde Application Framework before 3.1.2 allows remote attackers to include web pages from other sites, which could be useful for phishing attacks, via a URL in the url parameter, aka "cross-site referencing." NOTE: some sources have referred to this issue as XSS, but it is different than classic XSS.
CVE-2002-1095 1 Cisco 3 Secure Access Control Server, Vpn 3000 Concentrator Series Software, Vpn 3002 Hardware Client 2026-04-16 N/A
Cisco VPN 3000 Concentrator before 2.5.2(F), with encryption enabled, allows remote attackers to cause a denial of service (reload) via a Windows-based PPTP client with the "No Encryption" option set.
CVE-2006-4258 1 John Hanna 1 Anti-spam Smtp Proxy Server 2026-04-16 N/A
Absolute path traversal vulnerability in the get functionality in Anti-Spam SMTP Proxy (ASSP) allows remote authenticated users to read arbitrary files via (1) C:\ (Windows drive letter), (2) UNC, and possibly other types of paths in the file parameter.
CVE-2000-0070 1 Microsoft 1 Windows Nt 2026-04-16 N/A
NtImpersonateClientOfPort local procedure call in Windows NT 4.0 allows local users to gain privileges, aka "Spoofed LPC Port Request."
CVE-2006-4279 1 Xennobb 1 Xennobb 2026-04-16 N/A
SQL injection vulnerability in topic_post.php in XennoBB 2.2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the icon_topic parameter.
CVE-2004-2350 1 Phpbb Group 1 Phpbb 2026-04-16 N/A
SQL injection vulnerability in search.php for phpBB 1.0 through 2.0.6 allows remote attackers to execute arbitrary SQL and gain privileges via the search_results parameter.