Search Results (364785 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-0452 1 Microsoft 1 Asp.net 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Microsoft ASP.NET (.Net) 1.0 and 1.1 to SP1 allow remote attackers to inject arbitrary HTML or web script via Unicode representations for ASCII fullwidth characters that are converted to normal ASCII characters, including ">" and "<".
CVE-2002-0737 1 Sambar 1 Sambar Server 2026-04-16 N/A
Sambar web server before 5.2 beta 1 allows remote attackers to obtain source code of server-side scripts, or cause a denial of service (resource exhaustion) via DOS devices, using a URL that ends with a space and a null character.
CVE-2005-2391 1 3com 1 3crwe454g72 2026-04-16 N/A
Unknown vulnerability in 3Com OfficeConnect Wireless 11g Access Point before 1.03.12 allows remote attackers to obtain sensitive information via the web interface.
CVE-2005-1781 1 Mailenable 2 Mailenable Enterprise, Mailenable Professional 2026-04-16 N/A
Unknown vulnerability in SMTP authentication for MailEnable allows remote attackers to cause a denial of service (crash).
CVE-2004-1361 1 Microsoft 4 Windows 2000, Windows 2003 Server, Windows Nt and 1 more 2026-04-16 N/A
Integer underflow in winhlp32.exe in Windows NT, Windows 2000 through SP4, Windows XP through SP2, and Windows 2003 allows remote attackers to execute arbitrary code via a malformed .hlp file, which leads to a heap-based buffer overflow.
CVE-2005-0662 1 Mercuryboard 1 Mercuryboard 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in index.php for MercuryBoard 1.1.2 allows remote attackers to inject arbitrary web script or HTML via the Avatar field.
CVE-2005-1015 1 Mailenable 1 Imapd 2026-04-16 N/A
Buffer overflow in MailEnable Imapd (MEIMAP.exe) allows remote attackers to execute arbitrary code via a long LOGIN command.
CVE-2004-0942 2 Apache, Redhat 2 Http Server, Enterprise Linux 2026-04-16 N/A
Apache webserver 2.0.52 and earlier allows remote attackers to cause a denial of service (CPU consumption) via an HTTP GET request with a MIME header containing multiple lines with a large number of space characters.
CVE-2003-0833 1 Webfs 1 Webfs 2026-04-16 N/A
Stack-based buffer overflow in webfs before 1.20 allows attackers to execute arbitrary code by creating directories that result in a long pathname.
CVE-2003-0832 1 Webfs 1 Webfs 2026-04-16 N/A
Directory traversal vulnerability in webfs before 1.20 allows remote attackers to read arbitrary files via .. (dot dot) sequences in a Hostname header.
CVE-2003-0821 1 Microsoft 2 Word, Works 2026-04-16 N/A
Microsoft Excel 97, 2000, and 2002 allows remote attackers to execute arbitrary code via a spreadsheet with a malicious XLM (Excel 4) macro that bypasses the macro security model.
CVE-2003-1302 2 Php, Redhat 2 Php, Enterprise Linux 2026-04-16 N/A
The IMAP functionality in PHP before 4.3.1 allows remote attackers to cause a denial of service via an e-mail message with a (1) To or (2) From header with an address that contains a large number of "\" (backslash) characters.
CVE-2005-0833 1 Belkin 1 Belkin 54g Wireless Router 2026-04-16 N/A
Belkin 54G (F5D7130) wireless router allows remote attackers to access restricted resources by sniffing URIs from UPNP datagrams, then accessing those URIs, which do not require authentication.
CVE-2003-0706 1 Nicolas Boullis 1 Mah-jong 2026-04-16 N/A
Unknown vulnerability in mah-jong 1.5.6 and earlier allows remote attackers to cause a denial of service (tight loop).
CVE-2005-1846 1 Yamt 1 Yamt 2026-04-16 N/A
Multiple directory traversal vulnerabilities in YaMT before 0.5_2 allow attackers to overwrite arbitrary files via the (1) rename or (2) sort options.
CVE-2004-2246 1 Goollery 1 Goollery 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Goollery before 0.04b allows remote attackers to inject arbitrary HTML or web script via the conversation_id parameter to viewpic.php.
CVE-2003-1297 1 Efs Software 1 Efs Web Server 2026-04-16 N/A
Easy File Sharing (EFS) Web Server 1.2 stores the (1) option.ini (aka options.ini) file and (2) log directory under the web root with insufficient access control, which allows remote attackers to obtain sensitive information including an SMTP account username and password hash, the server configuration, and server log files.
CVE-2003-0796 1 Sgi 1 Irix 2026-04-16 N/A
Unknown vulnerability in rpc.mountd SGI IRIX 6.5.18 through 6.5.22 allows remote attackers to mount from unprivileged ports even with the -n option disabled.
CVE-2003-0793 1 Gnome 1 Gdm 2026-04-16 N/A
GDM 2.4.4.x before 2.4.4.4, and 2.4.1.x before 2.4.1.7, does not restrict the size of input, which allows attackers to cause a denial of service (memory consumption).
CVE-2003-0792 1 Fetchmail 1 Fetchmail 2026-04-16 N/A
Fetchmail 6.2.4 and earlier does not properly allocate memory for long lines, which allows remote attackers to cause a denial of service (crash) via a certain email.