Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-1012 1 Iatek 1 Siteenable 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Iatek SiteEnable allows remote attackers to inject arbitrary web script or HTML via (1) the contenttype parameter to content.asp, (2) the title, or (3) the description.
CVE-2006-1527 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-16 N/A
The SCTP-netfilter code in Linux kernel before 2.6.16.13 allows remote attackers to trigger a denial of service (infinite loop) via unknown vectors that cause an invalid SCTP chunk size to be processed by the for_each_sctp_chunk function.
CVE-2006-3208 1 Ultimate Php Board 1 Ultimate Php Board 2026-04-16 N/A
Direct static code injection vulnerability in Ultimate PHP Board (UPB) 1.9.6 and earlier allows remote authenticated administrators to execute arbitrary PHP code via multiple unspecified "configuration fields" in (1) admin_chatconfig.php, (2) admin_configcss.php, (3) admin_config.php, or (4) admin_config2.php, which are stored as configuration settings. NOTE: this issue can be exploited by remote attackers by leveraging other vulnerabilities in UPB.
CVE-2001-0761 1 Trend Micro 1 Interscan Webmanager 2026-04-16 N/A
Buffer overflow in HttpSave.dll in Trend Micro InterScan WebManager 1.2 allows remote attackers to execute arbitrary code via a long value to a certain parameter.
CVE-2005-1013 1 Mailenable 2 Mailenable Enterprise, Mailenable Professional 2026-04-16 N/A
The SMTP service in MailEnable Enterprise 1.04 and earlier and Professional 1.54 and earlier allows remote attackers to cause a denial of service (server crash) via an EHLO command with a Unicode string.
CVE-2002-0393 1 Red-m 1 1050ap Lan Acess Point 2026-04-16 N/A
Buffer overflow in Red-M 1050 (Bluetooth Access Point) management web interface allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long administration password.
CVE-2005-1018 1 Ca 1 Brightstor Arcserve Backup 2026-04-16 N/A
Buffer overflow in the UniversalAgent for Computer Associates (CA) BrightStor ARCserve Backup allows remote authenticated users to cause a denial of service or execute arbitrary code via an agent request to TCP port 6050 with a large argument before the option field.
CVE-2005-1162 1 Oneworldstore 1 Oneworldstore 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in OneWorldStore allow remote attackers to inject arbitrary web script or HTML via the (1) sEmail parameter to owContactUs.asp, (2) bSub parameter to owListProduct.asp, or the (3) Name, (4) Email, or (5) Comment fields in owProductDetail.asp.
CVE-2001-0960 2 Broadcom, Ca 3 Arcserve Backup, Arcserve Backup 2000, Arcserve Backup 2000 2026-04-16 N/A
Computer Associates ARCserve for NT 6.61 SP2a and ARCserve 2000 7.0 stores the backup agent user name and password in cleartext in the aremote.dmp file in the ARCSERVE$ hidden share, which allows local and remote attackers to gain privileges.
CVE-2005-1163 1 Yager Development 1 Yager Game 2026-04-16 N/A
Multiple buffer overflows in Yager 5.24 and earlier allow remote attackers to execute arbitrary code via (1) a crafted nickname or (2) a packet with a large amount of data.
CVE-2006-1570 1 Esqlanelapse 1 Esqlanelapse 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Esqlanelapse 2.0 and 2.2 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors.
CVE-2003-0134 1 Apache 1 Http Server 2026-04-16 N/A
Unknown vulnerability in filestat.c for Apache running on OS2, versions 2.0 through 2.0.45, allows unknown attackers to cause a denial of service via requests related to device names.
CVE-2005-1165 1 Yager Development 1 Yager Game 2026-04-16 N/A
Yager 5.24 and earlier allows remote attackers to cause a denial of service (application crash) via certain malformed data.
CVE-2005-1167 1 Musicmatch 1 Jukebox 2026-04-16 N/A
Musicmatch 10.00.2047 and earlier store log files in the Program Files directory instead of the user profile, which may allow local users to obtain sensitive information.
CVE-2005-1171 1 Datenbank Module 1 Datenbank Module 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in mod.php in the datenbank module for phpBB allows remote attackers to inject arbitrary web script or HTML via the id parameter.
CVE-2006-3218 1 Woltlab 1 Burning Board 2026-04-16 N/A
SQL injection vulnerability in profile.php in Woltlab Burning Board (WBB) 2.1.6 allows remote attackers to execute arbitrary SQL commands via the userid parameter.
CVE-2005-1172 1 Coppermine 1 Coppermine Photo Gallery 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in init.inc.php in Coppermine Photo Gallery 1.3.x allows remote attackers to inject arbitrary web script or HTML via the X-Forwarded-For parameter.
CVE-2004-1728 1 British National Corpus 1 Sara 2026-04-16 N/A
Buffer overflow in British National Corpus SARA (sarad) allows remote attackers to execute arbitrary code by calling the client with a long string.
CVE-2005-1173 1 Pmsoftware 1 Simple Web Server 2026-04-16 N/A
Buffer overflow in PMSoftware Simple Web Server 1.0 allows remote attackers to execute arbitrary code via a long GET request.
CVE-2005-1178 1 Oracle 1 Forms 2026-04-16 N/A
SQL injection vulnerability in Oracle Forms 10g allows remote attackers to execute arbitrary SQL commands via the Query/Where feature.