Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-4614 1 Sum Effect Software 1 Digishop 2026-04-16 N/A
Multiple SQL injection vulnerabilities in digiSHOP 3.1.17 and earlier allow remote attackers to execute arbitrary SQL commands or obtain the full installation path via (1) the c parameter in cart.php and (2) unspecified search module parameters.
CVE-2006-0072 1 Sco 1 Openserver 2026-04-16 N/A
Buffer overflow in termsh on SCO OpenServer 5.0.7 allows remote attackers to execute arbitrary code via a long -o command line argument. NOTE: this is probably a different vulnerability than CVE-2005-0351 since it involves a distinct attack vector.
CVE-2003-0725 1 Realnetworks 2 Helix Universal Server, Realserver 2026-04-16 N/A
Buffer overflow in the RTSP protocol parser for the View Source plug-in (vsrcplin.so or vsrcplin3260.dll) for RealNetworks Helix Universal Server 9 and RealSystem Server 8, 7 and RealServer G2 allows remote attackers to execute arbitrary code.
CVE-2003-0796 1 Sgi 1 Irix 2026-04-16 N/A
Unknown vulnerability in rpc.mountd SGI IRIX 6.5.18 through 6.5.22 allows remote attackers to mount from unprivileged ports even with the -n option disabled.
CVE-2003-1297 1 Efs Software 1 Efs Web Server 2026-04-16 N/A
Easy File Sharing (EFS) Web Server 1.2 stores the (1) option.ini (aka options.ini) file and (2) log directory under the web root with insufficient access control, which allows remote attackers to obtain sensitive information including an SMTP account username and password hash, the server configuration, and server log files.
CVE-2004-2246 1 Goollery 1 Goollery 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Goollery before 0.04b allows remote attackers to inject arbitrary HTML or web script via the conversation_id parameter to viewpic.php.
CVE-2005-1846 1 Yamt 1 Yamt 2026-04-16 N/A
Multiple directory traversal vulnerabilities in YaMT before 0.5_2 allow attackers to overwrite arbitrary files via the (1) rename or (2) sort options.
CVE-2005-1015 1 Mailenable 1 Imapd 2026-04-16 N/A
Buffer overflow in MailEnable Imapd (MEIMAP.exe) allows remote attackers to execute arbitrary code via a long LOGIN command.
CVE-2005-0662 1 Mercuryboard 1 Mercuryboard 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in index.php for MercuryBoard 1.1.2 allows remote attackers to inject arbitrary web script or HTML via the Avatar field.
CVE-2004-1361 1 Microsoft 4 Windows 2000, Windows 2003 Server, Windows Nt and 1 more 2026-04-16 N/A
Integer underflow in winhlp32.exe in Windows NT, Windows 2000 through SP4, Windows XP through SP2, and Windows 2003 allows remote attackers to execute arbitrary code via a malformed .hlp file, which leads to a heap-based buffer overflow.
CVE-2005-1781 1 Mailenable 2 Mailenable Enterprise, Mailenable Professional 2026-04-16 N/A
Unknown vulnerability in SMTP authentication for MailEnable allows remote attackers to cause a denial of service (crash).
CVE-2005-2391 1 3com 1 3crwe454g72 2026-04-16 N/A
Unknown vulnerability in 3Com OfficeConnect Wireless 11g Access Point before 1.03.12 allows remote attackers to obtain sensitive information via the web interface.
CVE-2002-0797 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Buffer overflow in the MIB parsing component of mibiisa for Solaris 5.6 through 8 allows remote attackers to gain root privileges.
CVE-2003-0875 1 Openslp 1 Openslp 2026-04-16 N/A
Symbolic link vulnerability in the slpd script slpd.all_init for OpenSLP before 1.0.11 allows local users to overwrite arbitrary files via the route.check temporary file.
CVE-2006-0195 2 Redhat, Squirrelmail 2 Enterprise Linux, Squirrelmail 2026-04-16 N/A
Interpretation conflict in the MagicHTML filter in SquirrelMail 1.4.0 to 1.4.5 allows remote attackers to conduct cross-site scripting (XSS) attacks via style sheet specifiers with invalid (1) "/*" and "*/" comments, or (2) a newline in a "url" specifier, which is processed by certain web browsers including Internet Explorer.
CVE-2006-0377 2 Redhat, Squirrelmail 2 Enterprise Linux, Squirrelmail 2026-04-16 N/A
CRLF injection vulnerability in SquirrelMail 1.4.0 to 1.4.5 allows remote attackers to inject arbitrary IMAP commands via newline characters in the mailbox parameter of the sqimap_mailbox_select command, aka "IMAP injection."
CVE-1999-0026 1 Sgi 1 Irix 2026-04-16 N/A
root privileges via buffer overflow in pset command on SGI IRIX systems.
CVE-1999-0773 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Buffer overflow in Solaris lpset program allows local users to gain root access.
CVE-2000-0711 2 Microsoft, Netscape 2 Virtual Machine, Communicator 2026-04-16 N/A
Netscape Communicator does not properly prevent a ServerSocket object from being created by untrusted entities, which allows remote attackers to create a server on the victim's system via a malicious applet, as demonstrated by Brown Orifice.
CVE-2006-2794 1 Aspsitem 1 Aspsitem 2026-04-16 N/A
Hesabim.asp in ASPSitem 2.0 and earlier allows remote attackers to read private messages of other users via a modified id parameter.